Differences

This shows you the differences between two versions of the page.

--- setting_up_a_lucy_master_slave [2019/06/04 08:57] – lucy
+++ setting_up_a_lucy_master_slave [2019/10/28 07:39] – [What is a master/slave?] lucy
@@ Line 16: / Line 16: @@
   * **Master/Slave**: When a proxy mode is enabled, Lucy acts as a reverse proxy and pushes all HTTP/S requests to the "master" address, without analyzing the traffic in any way, except the /admin part. You can still access the proxy's admin panel when the proxy is enabled, all other (scenario/static) URLs get forwarded to master. The master is a regular Lucy instance, it just allows proxified requests. So you configure all campaigns on the master, send emails from the master and do nothing on proxy except enabling proxy mode. The master will push all running campaigns to the slave (SSL, virtual hosts, configuration, etc) and get statistics from the slave automatically. When the campaign is stopped, all data is removed from the slave.
-  * **Reflective Master/Slave**: All campaigns & recipients are configured on Master, when launched, the Master pushes everything to the Slave, and pulls the stats from the Slave to the Master. "Victims (end users)" access only the Slave. There is no connection from the Slave to the Master (only Master to Slave). Only running campaigns are published on the Slave, then when a campaign is stopped, it gets wiped from the Slave and stored only on the Master. All mails in such a reflective mode are sent from the slave!
+  * **Reflective Master/Slave**: All campaigns & recipients are configured on Master, when launched, the Master pushes everything to the Slave, and pulls the stats from the Slave to the Master. "Victims (end users)" access only the Slave. Only running campaigns are published on the Slave, then when a campaign is stopped, it gets wiped from the Slave and stored only on the Master. All mails in such a reflective mode are sent from the slave!
 Please note: There is a caveat with HTTPS - if you generate SSL on master, you have to put it to proxy by hands, as the proxy doesn't automatically interact with master in any way and doesn't exchange information with it.
@@ Line 31: / Line 31: @@
 ===== Ports and Updates =====
-Both master-slave approaches (reverse proxy and DMZ-based) use only https ports (port 443). A "recipient" is an end user. For a **proxy**, the firewall configuration would be:
+Both master-slave approaches (reverse proxy and DMZ-based) use only HTTPS port (443). A "recipient" is an end user. For a **proxy**, the firewall configuration would be:
   * master should allow connections from slave to port 443
+  * master should allow connections from slave to port 25 (if the SMTP method selected for the incidents reporting)
   * master should allow connections from Lucy admin computers to port 443
   * slave should allow connections from "recipients" to ports 443, 80
@@ Line 46: / Line 47: @@
   * slave must be able to send emails via port 25
-**Updates**: both workstations are updated separately.
+**Updates**: both workstations are updated separately and should have access to [[network_communication_-_lucy_--_internet#outbound_communicationsorted_by_port_ip|Lucy Update/License Server]].