Hello there

My name’s Norm Ovenseri and I stud­ied Sta­tis­tics with a good mix of Com­puter Sci­ence because it is my belief that tech­nol­ogy and sta­tis­tics envelopes the world whether you like it or not. :}

LinkedIn Pro­file

Most Recent Post

Private Networking, What the Heck is that?

TL;DR: Enable pri­vate net­work­ing and bind to those IPs with your data­base and make sure your web server con­nects to that IP. You need to cre­ate a ssh tun­nel to data­base server if you want to access from outside.

It’s the end of the year and prob­a­bly not my last post. This topic is some­thing I’ve had to think about for some­time since the start of my job in Aug 2014. They were using pri­vate IPs and I had no a clue what this meant except that the machines could talk to each other with­out incur­ring band­width charges. That con­cept was for­eign to me because I would bind MySQL to all addresses in order to con­nect from my web server, which I know is bad prac­tice and rec­ti­fied today heh.

Pri­vate net­work is sim­i­lar to a LAN in your home where you con­nect mul­ti­ple machines to a switch and voila they all get inter­nal ips. These inter­nal ips allow for the switch to direct traf­fic to the cor­rect place quickly! It is pos­si­ble that there is a delay between exter­nal ip to exter­nal ip whereas there is min­i­mal for inter­nal to inter­nal. I say it is pos­si­ble because some switches are smart enough to know where to route traffic.

How does this look? Your server has two net­work inter­faces (NIC) where one is con­nected to the inter­net (effec­tively) and the other con­nected to a switch for inter­nal traf­fic. When you send traf­fic to an another inter­nal ip the net­mask asso­ci­ated with your inter­nal ip deter­mines if the packet with the des­ti­na­tion ip going to be sent out through the inter­nal NIC or the external.

It’s inter­est­ing stuff and I just enabled pri­vate net­work­ing on dig­i­talo­cean for my two droplets and setup the inter­nal inter­face then binded MySQL to the inter­nal ip and switched my web server to send to the db inter­nal ip. This means that any over­head that was incurred pre­vi­ously due to exter­nal ip des­ti­na­tion is null and void as well as no more exter­nal access to MySQL. Exter­nal access has always been my thing, but since joined my cur­rent job I’ve been intro­duced to SSH tun­nel­ing, so I can eas­ily cre­ate a tun­nel to my data­base server and ride on that :).

I also upgraded to PHP 7.