Should Geo include a replication kill switch?

Problem Statement

In some situations, it may be important to quickly kill all replication activity from a secondary. The most common scenario may be we put too much load on the primary and it is affecting the stability of the system. This may be a huge issue for large instances, such as .com

We have two alternative hypotheses:

• Geo should include this functionality, e.g. via a rake task
• This functionality should happen on a network layer level, i.e. is there a way to quickly block the secondary from being able to reach the primary at all?

From a sysadmin perspective, maybe they have more confidence in their own ability to block an IP than in developers' adding code that disables all the ways that the secondary talks to the primary.

Reach

3.0 = Significant reach (~25% to ~50%).

Impact

2.0 = High impact

Confidence

80% = Medium confidence

Effort

Not yet fully understood. Could be accomplished within one month, but testing needs to occur.