2008/523 IPsec session failover

Darren J Moffat Darren.Moffat at sun.com
Mon Aug 18 03:20:25 PDT 2008 

Thejaswini Singarajipura wrote:
>>> The SADB is synchronized over SC private interconnects, which is a 
>>> private LAN and is detached from all other network.
>>> Hence I do not think we add any more vulnerability by this project.
>>
>> I thought that SC could be deployed in such away that the nodes were 
>> physically quite far away from each other.  How is that private 
>> interconnect protected in that case ?   While this might sound like 
>> I'm asking about existing architecture of SC I don't believe that 
>> today highly sensitive key material is passed over this "private" SC 
>> interconnect.
> Yes, the existing SC deployment do have key data being transferred over 
> the private interconnect.  The example being the in-memory data transfer 
> from one instance of Oracle RAC to another RAC instance.

That isn't key material shared with clients of the cluster though and it 
isn't SC that is Oracle RAC doing that.

>> How do customers *really* deploy this ?  Is it always true that only 
>> cluster nodes are connected ?  Are all the switches etc completely 
>> private or can VLANing be used to support multiple clusters or make a 
>> "private" interconnect over existing infrastructure ?
> 
> AFAIK it is always the cluster nodes that are supported in the private 
> network.   SC supports VLANing. But does not allow sharing of public and 
> private network.  SC requires minimum of two private interconnects. So 
> customers use  VLANing to reduce the hardware requirement for private 
> interconnects.

General grumble grumble on the assumption by some people that VLANs are 
a security feature.

> SC also supports IPsec for SC private interconnects. So if it is a 
> requirement IPsec can be enabled to keep the traffic secure.

That is the answer I was looking for, thanks.  I'd like the 
documentation to make it clear that this should probably be used when 
the cluster nodes are serving IPsec clients because key material is 
passed over the private cluster interconnect.

Other than I'm happy now, thank you.


-- 
Darren J Moffat

More information about the opensolaris-arc mailing list