Ok, on each node, I have configured the listen address for cassandra as the VIP interface (tunXXX). This allows other cassandra instances to connect ONLY through the VPN network. The listen address is not configured for the eth0 interface (EC2).
rpc_address is set to 0.0.0.0 so that it can listen on all interfaces. if it's left blank, it will default to the value of the listen configuration ... which would mean all appserver -> cassandra traffic would be routed through the VPN connection (not what I want). When looking at netstat, I see the following on a node: tcp 0 0 0.0.0.0:9160 0.0.0.0:* LISTEN tcp 0 0 172.16.1.7:7000 0.0.0.0:* LISTEN 9160 allows clients to connect to the environment to GET/PUT data while the VPN interface is for node to node, secured, communication. As you see, I'm not referencing the EC2 IP anywhere in the configuration. This allows me to leverage rackspace, amazon or any other services provider ... so long as my vpn tunnels are configured appropriate for each endpoint / environment. -sd On Tue, Apr 26, 2011 at 3:55 PM, pankaj soni <pankajsoni0...@gmail.com> wrote: > Hi, > I have a question regarding Vyatta or any providing VIP in general. While > routing through gateway do we bind it to ec2 nodes private IP or public IP? > Also, in general could you explain how VIP might help for I am new towards > this side of field. > > thanks
