Search domains in our environment (Proposal)

[seth vidal]

On Wed, 2007-12-19 at 18:54 -0500, Anand Capur wrote:
> 
>         The reason for all of this is the firewall in place at the PHX
>         colo. If
>         that wasn't there we wouldn't need any of the games at all. We
>         could 
>         just have foo.fedoraproject.org be resolveable from anywhere
>         and
>         foo.vpn.fedoraproject.org just mean 'go over the vpn to get to
>         it'. 
>         
>         seth 'big fan of simple networking' vidal
>         -sv
> 
> +1, but do we still need the firewall for other things?

So the firewall is something that came with the space. It's red hat's
firewall and I don't think we have any choice for the hosts inside phx.

In general, I'm a much bigger fan of hosts-based firewalling and
clamping down on exposure paths that way than an edge firewall for a
network. In this case it would also make our setup a good bit simpler if
we didn't have the edge firewall at all.

-sv