Обсуждение: FW: Configuring Postgres to use unix sockets

Hi Everyone

I am not too sure how to do this but I'll ask

I want two postgres servers to communicate over a serial port. I want to avoid using the TCP/IP network protocol for added security. I heard this can be accomplished through unix sockets? Could anyone give me some configuration advice. I am a little in the dark with this type of config.

John Zubac
Operations / DBA
Internetsecure Inc.
+1.905.469.6522 X252
jzubac@internetsecure.com
Gpg Fingerprint: A178 EC10 07D4 B242 8500 F817 D396 F05F D978 3D92

"John Zubac" <jzubac@internetsecure.com> writes:

> Hi Everyone
>
> I am not too sure how to do this but I'll ask
>
> I want two postgres servers to communicate over a serial port. I want to
> avoid using the TCP/IP network protocol for added security. I heard this
> can be accomplished through unix sockets? Could anyone give me some
> configuration advice. I am a little in the dark with this type of config.

Unix sockets can't work across a serial link.

You would need to run PPP over the serial link between the two
machines, then make TCP connections using that network.  It'd be
*much* faster and less hassle to simply put a second NIC in each
machine, connect them with a crossover cable, and run your PG
connections over that network.  You could also enforce use of the
private network (in both cases) by use of firewall rules.

-Doug

Hi John,

Unix sockets are a presentation layer interface to TCP/IP.  You're not
avoiding it by using them.

Rick



             "John Zubac"
             <jzubac@internets
             ecure.com>                                                 To
             Sent by:                  <pgsql-general@postgresql.org>
             pgsql-general-own                                          cc
             er@postgresql.org
                                                                   Subject
                                       [GENERAL] FW: Configuring Postgres
             09/09/2005 08:13          to use unix sockets
             AM









Hi Everyone


I am not too sure how to do this but I'll ask


I want two postgres servers to communicate over a serial port. I want to
avoid using the TCP/IP network protocol for added security. I heard this
can be accomplished through unix sockets? Could anyone give me some
configuration advice. I am a little in the dark with this type of config.


John Zubac
Operations / DBA
Internetsecure Inc.
+1.905.469.6522 X252
jzubac@internetsecure.com
Gpg Fingerprint: A178 EC10 07D4 B242 8500 F817 D396 F05F D978 3D92

Richard_D_Levine@raytheon.com writes:

> Hi John,
>
> Unix sockets are a presentation layer interface to TCP/IP.  You're not
> avoiding it by using them.

That's not true.  Unix sockets are fundamentally different and do not
use TCP/IP at all.  They have their own namespace (in the Unix
filesystem) and go through their own delivery path in the kernel, not
through the TCP/IP stack, so they're often faster.

But, they only work on a single machine.  :)

-Doug

Douglas McNaught <doug@mcnaught.org> writes:
> You could also enforce use of the
> private network (in both cases) by use of firewall rules.

I think the real point here is that any additional security you gain
comes from having the physically separate wire.  It's foolish to suppose
that using a nonstandard protocol over that wire is going to buy
anything.  So there's no point in going through a lot of pushups to
substitute something else for TCP/IP.

            regards, tom lane