Pattern - Static IP Addresses

Contents
Expand all   Collapse all

Pattern - Static IP Addresses

IP addresses can be predefined in a small cluster of machines. These addresses can then be

  1. stored in a DNS server
  2. saved into /etc/hosts files and propagated to every machine.

A few years ago, the whole of the Internet was defined in a static hosts table.

Features

  • A single file, somewhere, maintains a list of every hostname -> IP address mapping
  • Hosts have their IP address predefined, and configured in their network card settings
  • Routers may have predefined MAC address-> IP address mappings, and port -> IP address mappings
  • A DNS server is no longer required to do hostname lookup
  • A DHCP server is not needed.

Advantages

  • The DNS server is no longer a point of failure or a requirement.
  • The DHCP server is no longer a point of failure or a requirement.
  • Impossible for something to insert itself into the system through DNS/DHCP abuse, though ARP cache attacks can still be used to reroute messages.
  • If the static IP addresses are to the public site, then they can be entered in a public DNS entry and cached by clients

Disadvantages

  • Requires the hostname/address mappings to be predefined.
  • Requires the /etc/hosts files on every machine to be kept up to date
  • Requires every host's network card to be correctly configured with the predefined IP address
  • Does not handle changing IP addresses; a full restart is required.

As Java processes tend to cache IP addresses, the loss of dynamic adaptability is less important than one may think. And the fact that you no longer need DNS and DHCP servers is very appealing; you've just eliminated two points of failure on the network. If they were duplicated, you needed to keep them synchronized and have at least one of each type boot up before anything else on the network came up. If they were not duplicated, you had two Single Points of Failure waiting to find you.

What we do not like about this approach is its lack of agility, its inability to scale and and this is one based on painful personal experience the requirement to get every IP address right. All it takes is one operations team member to mistype one IP address in one NIC configuration GUI, and the suddenly you are left scrambling to discover why you can't even SSH in to the database machine.

SmartFrog support

  1. Our TextFile components can be used to dynamically generate text files, such as a host table. However, you do need to create these tables very early on in the boot process.
  2. Our [sf-DNS] components can deploy and configure an instance of BIND; there is less need to fear DNS than before.
  3. the -diagnostics command does some startup diagnostics, including hostname and reverse-DNS lookup, detecting and warning of network problems early on.
  4. The HostExists component/condition (/org/smartfrog/services/www/diagnostics/components.sf) can be used to look for a host.
Get SmartFrog at SourceForge.net. Fast, secure and Free Open Source software downloads