IP management
I'm looking to deploy a 30 - 40 linode system which will consist of a pair of load balancers (linux virtual server) and multiple pairs|groups of servers for each software function that I need to deploy. The load balancers will sit in between everything, ideally communication between my own Linodes will be on a private network.
I have a few questions.
* * Am I allocated a range of IP addresses for my own Linodes which will allow me to add a simple subnet to my iptables rules, thus restricting access from only my Linodes ? If not, how do people recommend managing their firewall rules when using a large number of hosts ?
* Am I able to keep these IP addresses for my account and switch between different Linodes ?
* How many 'physical' NICs does each Linode have ? Can I have a private network as well as a public network ? How does this affect charges for data ?</list>
Apologies for my ignorance, I haven't signed up an account yet so maybe some of this stuff is obvious ….
7 Replies
Additional public IP's are $1/mo, and can be configured in so that multiple Linode's are allowed to bring them up (obviously only one Linode at a time, this is designed to provide "failover" capability).
Additional addresses (either public or private) are brought up as aliases. Private network traffic is free.
You may want to check out some of the Linode Library articles regarding networking and HA setups to get a feel for how some of this works with Linode.
For instance:
For an "official" answer re: ip allocation arrangements, your best bet would probably be
Is data only free when communicating between private IP addresses ? Does this not also include communication between public IP addresses in the same DC ?
Can you perform the 'IP Failover Linkage' with private IP addresses as well as public ? Can I assign a failover IP to more than 1 additional host ?
@phy7tes:
- Is data only free when communicating between private IP addresses ? Does this not also include communication between public IP addresses in the same DC ?
Right, transfer is only free over your private IPs. Public traffic, even within the same data center, is not free.
Your other questions are interesting, but I do not know the answers!
Your configuration management/deployment system should probably be able to handle that kind of thing, too. Since it will know about new servers before anything else does, that might be the most effective way to go…
Also: the private network is, from a security standpoint, a public network. Don't try to save iptables space that way
Your configuration management/deployment system should probably be able to handle that kind of thing, too. Since it will know about new servers before anything else does, that might be the most effective way to go…
Also: the private network is, from a security standpoint, a public network. Don't try to save iptables space that way
Your configuration management/deployment system should probably be able to handle that kind of thing, too. Since it will know about new servers before anything else does, that might be the most effective way to go…
Also: the private network is, from a security standpoint, a public network. Don't try to save iptables space that way
@phy7tes:
- Can you perform the 'IP Failover Linkage' with private IP addresses as well as public ? Can I assign a failover IP to more than 1 additional host ?
Indeed. Failover works the same for public and private IPs.