Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
 Back  |  Find  |  Login  |  Help 
icon5.gif   Synchronising between physically separate networks, posted by Dougie Mooney on Thu Jul 10 12:06:31 2008 
    icon2.gif   Re: Synchronising between physically separate networks, posted by Stefan Ritt on Thu Jul 10 12:46:52 2008 
Message ID: 65923     Entry time: Thu Jul 10 12:46:52 2008     In reply to: 65922
Icon: Reply  Author: Stefan Ritt  Author Email: stefan.ritt@psi.ch 
Category: Question  OS: Windows  ELOG Version: 2.7.3-2104 
Subject: Re: Synchronising between physically separate networks 

Dougie Mooney wrote:

Hi there. Just started recently set up the application and think its very usable and easily configured - great stuff

I'm looking to roll it out to the masses but have a slight logistical problem in that we work on 2 separate networks - NET1 with connection to the internet, and NET2 physically isolated from NET1 and the internet.

It would be desirable to allow users to add/update/delete logs from both NET1 and NET2 with periodic synchronisation.

I believe the mirroring facility is what should be used, and think the following setup and synchronisation steps may be workable:

Setup:

  • elog installed on node of NET1
  • elog installed on 2 nodes of NET2
  • elog server running on NET1 and node1 of NET2 both using a common elogd.cfg

Performing Synchronisation:

  1. Stop the server on NET1
  2. copy logbook directories from NET1 to node2 of NET2
  3. start server on node2 of NET2 using the -M option
  4. once above complete, copy logbook directories from node 2 NET2 to NET1
  5. Start the server on NET1

Am I on the right track?

Would very much appreciate comments and and advice on the above.

 A couple of comments:

  • In principle you could use one elogd.cfg for two running daemons, but only if they do not modify the file. If you use "extensible attributes" for example, you would have write access. If this happens from both servers at the same time, the config file can get corrupt. This is even more true with a password file, which gets written every time a users accesses a page. If you only run one server at a time, then they can share the config file of course.
  • The synchronization works bi-directional between two elog daemons. Requirement is that they have access to each other. The synchronization master acts like a "browser" to the slave to send/retrieve entries. So if you can affort punching a hole into your firewall between NET1 and NET2, you could synchronize two servers directly and don't have to bother with three servers. If you have however really physically separated nets, such that you need a memory stick to transport data from one net to the other, then indeed you need the above described scenario. I never tried it in this way, but in principle it should work.
ELOG V3.1.5-3fb85fa6