On Tue, Oct 19, 2004 at 23:13:44 +0100,
Matt Clark <matt@ymogen.net> wrote:
>
> If you have 6 app servers it's just daft to stick 6 NICs in your DB
> server.
While there might be some cases where that makes sense most likely it
isn't something you would want to do. I believe the original motivation
was to solve bandwidth congestion rather than security.
Most likely the systems were already connected to switches.
If the nic to the web server(s) were really swamped (which seems unlikely,
but could be the case), then adding a second nic and connecting to another
port on the switch they are already using would probably work as well
as running cables directly from the web server(s) to the database.
They would need to adjust the routing tables so that some traffic went
over each nic. An easy change would be to specify that traffic destined
for the database server IP address is to go over the new nic and all other
traffic is to go over the old nic.