Re: server layout on LAN [OT]

To: Debian User <debian-user@lists.debian.org>
Subject: Re: server layout on LAN [OT]
From: Kevin Coyner <kevin@rustybear.com>
Date: Tue, 29 Oct 2002 07:10:38 -0500
Message-id: <[🔎] 20021029121038.GA25240@rustybear.com>
Mail-followup-to: Debian User <debian-user@lists.debian.org>
In-reply-to: <[🔎] 200210291243.08224.gtdev@spearhead.de>
References: <[🔎] 20021029111805.GF20114@rustybear.com> <[🔎] 200210291243.08224.gtdev@spearhead.de>

On Tue, Oct 29, 2002 at 12:42:56PM +0100, Nicos Gollan wrote......

> On Tuesday 29 October 2002 12:18, Kevin Coyner wrote:
> >
> > So the question is ... on which of the two servers should I deploy
> > these programs? Everything on the PIII?
> 
> Do you want one of the two computers act as a gateway for internet 
> access? If so, it is recommended that you don't do very much on this 
> machine but firewall and IP masquerading. I don't know how powerful the 
> Sparcstation is, but I guess it'd be a little slower than the PIII 
> machine. So you make this the gateway running no services but the ones 
> absolutely necessary. All the other stuff, you put on the P3.

I have a standalone commerical SOHO router (SMC7008ABR) that should do
for the firewalling and IP masquerading (at least I hope so.  pls tell
me if these are insufficent relative to a good Linux box).  I was
actually wondering if I really need 2 routers to do it right - one to be
the first firewall and provide a route to a yellow zone that hosts a
website (low volume, not slashdotesque) and then a second router behind
the first that setups up a LAN for the 6 users in a green zone.  Is this
overkill and will one router suffice?

> > Would you have a different recommendation if I wanted to run a
> > website using Apache/MySQL?  Would I need yet another box to do this
> > right?
> 
> That depends on whether that site should be seen from the outside 'net 
> (well, probably ;-) ) and what you intend to do with it. Again, it 
> would be best not to expose more than necessary to the outside world. 
> So you put Apache on the P3 like the rest of it and directly forward 
> the ports for http (and probably https) to that machine; same thing 
> goes for the DB server except you certainly don't want anyone to access 
> it from outside. As long as the database and the number of hits stays 
> low, the P3 can easily handle it alone.

Yes, the website would be viewable from the world, but would be low
volume.  

> Of course, if you plan to run something slashdotesque, a little more 
> oomph in form of separate server machines wouzd be needed... And a good 
> inet connection, last thing I heard slashdot had an average bandwidth 
> use of 38Mbit/s. But those dimensions are a loooooooooong way down the 
> road. Doing it "right" is not cheap and most of the time just overkill, 
> but interesting.
 
Thanks for the advice !

Kevin

-- 

Kevin Coyner
mailto: kevin@rustybear.com
GnuPG key: 1024D/8CE11941

Reply to:

Follow-Ups:
- Re: server layout on LAN [OT]
  - From: Robert Ian Smit <robian@wanadoo.nl>

References:
- server layout on LAN [OT]
  - From: Kevin Coyner <kevin@rustybear.com>
- Re: server layout on LAN [OT]
  - From: Nicos Gollan <gtdev@spearhead.de>

Prev by Date: Re: P4 with 1GB RAM, swap required?
Next by Date: Printing with the Gimp 1.2.3
Previous by thread: Re: server layout on LAN [OT]
Next by thread: Re: server layout on LAN [OT]
Index(es):
- Date
- Thread