Re: server layout on LAN [OT]
On Tue, Oct 29, 2002 at 12:42:56PM +0100, Nicos Gollan wrote......
> On Tuesday 29 October 2002 12:18, Kevin Coyner wrote:
> >
> > So the question is ... on which of the two servers should I deploy
> > these programs? Everything on the PIII?
>
> Do you want one of the two computers act as a gateway for internet
> access? If so, it is recommended that you don't do very much on this
> machine but firewall and IP masquerading. I don't know how powerful the
> Sparcstation is, but I guess it'd be a little slower than the PIII
> machine. So you make this the gateway running no services but the ones
> absolutely necessary. All the other stuff, you put on the P3.
I have a standalone commerical SOHO router (SMC7008ABR) that should do
for the firewalling and IP masquerading (at least I hope so. pls tell
me if these are insufficent relative to a good Linux box). I was
actually wondering if I really need 2 routers to do it right - one to be
the first firewall and provide a route to a yellow zone that hosts a
website (low volume, not slashdotesque) and then a second router behind
the first that setups up a LAN for the 6 users in a green zone. Is this
overkill and will one router suffice?
> > Would you have a different recommendation if I wanted to run a
> > website using Apache/MySQL? Would I need yet another box to do this
> > right?
>
> That depends on whether that site should be seen from the outside 'net
> (well, probably ;-) ) and what you intend to do with it. Again, it
> would be best not to expose more than necessary to the outside world.
> So you put Apache on the P3 like the rest of it and directly forward
> the ports for http (and probably https) to that machine; same thing
> goes for the DB server except you certainly don't want anyone to access
> it from outside. As long as the database and the number of hits stays
> low, the P3 can easily handle it alone.
Yes, the website would be viewable from the world, but would be low
volume.
> Of course, if you plan to run something slashdotesque, a little more
> oomph in form of separate server machines wouzd be needed... And a good
> inet connection, last thing I heard slashdot had an average bandwidth
> use of 38Mbit/s. But those dimensions are a loooooooooong way down the
> road. Doing it "right" is not cheap and most of the time just overkill,
> but interesting.
Thanks for the advice !
Kevin
--
Kevin Coyner
mailto: kevin@rustybear.com
GnuPG key: 1024D/8CE11941
Reply to: