?
Solved

Setting up a Colo Web Farm

Posted on 2007-03-20
2
Medium Priority
?
263 Views
Last Modified: 2013-12-25
Currently: We have six dedicated servers, hosted with a company. We do not own the servers.

The Need: To purchase servers and additional hardware and move to a colocated environment. Servers will all be Windows 2003 Server based.

The Question: What do we need, hardware wise.

More Details: Currently, everything is setup for us. We have six dedicated servers and about 20 e-commerce sites split amoung them (with one server hosting MS SQL Server). We plan to purchase seven new servers (1 MSSQL box, 1 backup box, 1 image server, and 4 web servers). We will also be adding at least four more servers over the coming year. We know how to purchase the servers. The question that comes into play is how best to setup and secure everything.

1: For instance, the DB server should not be accessible via the internet as it stores sensitive information. So how do we go about doing this? Are the dual integrated NIC's on all the servers enough? Is there something we need router wise to accomplish having a public and private network? What about a firewall?

2: Also -- how do we go about defining how IP addresses and nameservers are handled? Right now, each of our web servers has about 20 ip address assigned to it. This would certainly need to be the case going forward, as we have multiple SSL certs and various apps that need a dedicated IP address. Are we going to need to setup our own name server, and if so, can Windows 2003 handle this, or do we need some other hardware? For instance, what happens if we need to move a website from one server to another (server 1 fails, we have a complete backup on server 2 -- we need to get that site up on server 2 asap). Do we tell the router how to redirect traffic, or is this something a dns server handles?

I would gladly pay for these answers, but after trying a couple of the "guru" sites, along with all the major web hosting forums, we've come up short handed. We get piece-meal answers to our questions, and we've even offered to pay for the help! EE, you're my last hope at getting pointed in the right direction!

I apologize if I've asked too many questions -- I'll gladly split these up into multiple questions if need be.
0
Comment
Question by:1BC
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 30

Accepted Solution

by:
IanTh earned 500 total points
ID: 18770140
well I can answer a few points

point 1. well a good way to do a secure connection is by a second network where your db server for instance is on a seperate subnet from your main servers. This way your servers can get what they require but the external client can not get anything from that subnet. This can be achieved by a second nic with a cross over cable to the db server.
point 2. Windows 2003 can do this but it woulb be a good idea to have 2 dns servers yourself. The problem your going to have with moving ip addresses is dns propergation can take upto 72 hours and your server visibility would be affected in thus way. I would think using clutering may overcome this problem.
0
 
LVL 1

Assisted Solution

by:tcibrian
tcibrian earned 500 total points
ID: 19113812
OK,
I understant how you have struggled to find a comprehernsive answer to your questions..... I operate a small data center in LA with many aspects of the situations that you are describing in your question. One of the reasons that I like to participate in some of these forums is that it gives me an opportunity to share the knowledge that others have given to me and also help others avoid some painfull pit falls that I have experienced in the past. That being said, if you want to email me @ support@t3networks.net I will try to help you in great detail! Otherwise when I am not so tired I can post a proper response in this question.

However, to respond to the previous ancwer... if you have your own SOA DNS servers for the zones in question.. any changes that you make to that zone can be reflected immediatley to the entire DNS system. You can also setup a secondary host record for the backup site and if the primary lookup fails then the secondary will respond... but there are many ways to accomplish what you are trying to achive!

Good Luck!
Brian
0

Featured Post

Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses
Course of the Month9 days, 9 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question