Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Setting up a Colo Web Farm

Posted on 2007-03-20
2
Medium Priority
?
271 Views
Last Modified: 2013-12-25
Currently: We have six dedicated servers, hosted with a company. We do not own the servers.

The Need: To purchase servers and additional hardware and move to a colocated environment. Servers will all be Windows 2003 Server based.

The Question: What do we need, hardware wise.

More Details: Currently, everything is setup for us. We have six dedicated servers and about 20 e-commerce sites split amoung them (with one server hosting MS SQL Server). We plan to purchase seven new servers (1 MSSQL box, 1 backup box, 1 image server, and 4 web servers). We will also be adding at least four more servers over the coming year. We know how to purchase the servers. The question that comes into play is how best to setup and secure everything.

1: For instance, the DB server should not be accessible via the internet as it stores sensitive information. So how do we go about doing this? Are the dual integrated NIC's on all the servers enough? Is there something we need router wise to accomplish having a public and private network? What about a firewall?

2: Also -- how do we go about defining how IP addresses and nameservers are handled? Right now, each of our web servers has about 20 ip address assigned to it. This would certainly need to be the case going forward, as we have multiple SSL certs and various apps that need a dedicated IP address. Are we going to need to setup our own name server, and if so, can Windows 2003 handle this, or do we need some other hardware? For instance, what happens if we need to move a website from one server to another (server 1 fails, we have a complete backup on server 2 -- we need to get that site up on server 2 asap). Do we tell the router how to redirect traffic, or is this something a dns server handles?

I would gladly pay for these answers, but after trying a couple of the "guru" sites, along with all the major web hosting forums, we've come up short handed. We get piece-meal answers to our questions, and we've even offered to pay for the help! EE, you're my last hope at getting pointed in the right direction!

I apologize if I've asked too many questions -- I'll gladly split these up into multiple questions if need be.
0
Comment
Question by:1BC
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 30

Accepted Solution

by:
IanTh earned 500 total points
ID: 18770140
well I can answer a few points

point 1. well a good way to do a secure connection is by a second network where your db server for instance is on a seperate subnet from your main servers. This way your servers can get what they require but the external client can not get anything from that subnet. This can be achieved by a second nic with a cross over cable to the db server.
point 2. Windows 2003 can do this but it woulb be a good idea to have 2 dns servers yourself. The problem your going to have with moving ip addresses is dns propergation can take upto 72 hours and your server visibility would be affected in thus way. I would think using clutering may overcome this problem.
0
 
LVL 1

Assisted Solution

by:tcibrian
tcibrian earned 500 total points
ID: 19113812
OK,
I understant how you have struggled to find a comprehernsive answer to your questions..... I operate a small data center in LA with many aspects of the situations that you are describing in your question. One of the reasons that I like to participate in some of these forums is that it gives me an opportunity to share the knowledge that others have given to me and also help others avoid some painfull pit falls that I have experienced in the past. That being said, if you want to email me @ support@t3networks.net I will try to help you in great detail! Otherwise when I am not so tired I can post a proper response in this question.

However, to respond to the previous ancwer... if you have your own SOA DNS servers for the zones in question.. any changes that you make to that zone can be reflected immediatley to the entire DNS system. You can also setup a secondary host record for the backup site and if the primary lookup fails then the secondary will respond... but there are many ways to accomplish what you are trying to achive!

Good Luck!
Brian
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question