Reverse Proxy Data Diode
Camayoc
nginx-forum at nginx.us
Sun Mar 17 08:17:09 UTC 2013
I urge caution using this approach to a data diode.
The question you ask is a very important one: where can I find a working
configuration?
Do not get me wrong, it is possible to make such approaches work, I have
seen them in my companies test lab.
The question you have to consider is reliability and trust.
How reliable does the solution need to be? My experiece has been making
something work in a test lab is relatively easy. However, making something
work in a deployed environment, thus sustainable 24/7/365 is much harder.
Intermittent data losses will happen over time? How does your application
manage these? How do you implement re-synchronisation (can't be triggered
automatically, as there is no feedback loop).
Sorry, I am not answering your question directly, rather rasiing issues you
need to consider before building something yourself.
These issues are explored further iat the links below.
Link: http://colinrobbins.me/2013/02/07/diy-data-diode-for-1612/
(reliability question)
Link: http://colinrobbins.me/2013/03/12/can-you-trust-your-1612-diode/
(trust question)
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,237446,237451#msg-237451
More information about the nginx
mailing list