Solved

Setting up a Colo Web Farm

Posted on 2007-03-20
2
241 Views
Last Modified: 2013-12-25
Currently: We have six dedicated servers, hosted with a company. We do not own the servers.

The Need: To purchase servers and additional hardware and move to a colocated environment. Servers will all be Windows 2003 Server based.

The Question: What do we need, hardware wise.

More Details: Currently, everything is setup for us. We have six dedicated servers and about 20 e-commerce sites split amoung them (with one server hosting MS SQL Server). We plan to purchase seven new servers (1 MSSQL box, 1 backup box, 1 image server, and 4 web servers). We will also be adding at least four more servers over the coming year. We know how to purchase the servers. The question that comes into play is how best to setup and secure everything.

1: For instance, the DB server should not be accessible via the internet as it stores sensitive information. So how do we go about doing this? Are the dual integrated NIC's on all the servers enough? Is there something we need router wise to accomplish having a public and private network? What about a firewall?

2: Also -- how do we go about defining how IP addresses and nameservers are handled? Right now, each of our web servers has about 20 ip address assigned to it. This would certainly need to be the case going forward, as we have multiple SSL certs and various apps that need a dedicated IP address. Are we going to need to setup our own name server, and if so, can Windows 2003 handle this, or do we need some other hardware? For instance, what happens if we need to move a website from one server to another (server 1 fails, we have a complete backup on server 2 -- we need to get that site up on server 2 asap). Do we tell the router how to redirect traffic, or is this something a dns server handles?

I would gladly pay for these answers, but after trying a couple of the "guru" sites, along with all the major web hosting forums, we've come up short handed. We get piece-meal answers to our questions, and we've even offered to pay for the help! EE, you're my last hope at getting pointed in the right direction!

I apologize if I've asked too many questions -- I'll gladly split these up into multiple questions if need be.
0
Comment
Question by:1BC
2 Comments
 
LVL 30

Accepted Solution

by:
IanTh earned 250 total points
ID: 18770140
well I can answer a few points

point 1. well a good way to do a secure connection is by a second network where your db server for instance is on a seperate subnet from your main servers. This way your servers can get what they require but the external client can not get anything from that subnet. This can be achieved by a second nic with a cross over cable to the db server.
point 2. Windows 2003 can do this but it woulb be a good idea to have 2 dns servers yourself. The problem your going to have with moving ip addresses is dns propergation can take upto 72 hours and your server visibility would be affected in thus way. I would think using clutering may overcome this problem.
0
 
LVL 1

Assisted Solution

by:tcibrian
tcibrian earned 250 total points
ID: 19113812
OK,
I understant how you have struggled to find a comprehernsive answer to your questions..... I operate a small data center in LA with many aspects of the situations that you are describing in your question. One of the reasons that I like to participate in some of these forums is that it gives me an opportunity to share the knowledge that others have given to me and also help others avoid some painfull pit falls that I have experienced in the past. That being said, if you want to email me @ support@t3networks.net I will try to help you in great detail! Otherwise when I am not so tired I can post a proper response in this question.

However, to respond to the previous ancwer... if you have your own SOA DNS servers for the zones in question.. any changes that you make to that zone can be reflected immediatley to the entire DNS system. You can also setup a secondary host record for the backup site and if the primary lookup fails then the secondary will respond... but there are many ways to accomplish what you are trying to achive!

Good Luck!
Brian
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now