Solved

IIS redirect when web server is offline.

Posted on 2014-02-13
11
942 Views
Last Modified: 2014-03-19
We have a number of W2k8 IIS webservers on different subnets hosting multiple sites each in a virtual environment VMWare /ESX

Occasionally we have to take a webserver offline to install updates / perform maintenance.

During this time we would like to redirect users to a maintenance page - but the trouble is the webserver will be offline....

I have looked at a reverse proxy which could set in front of the webservers but this is a single point of failure - for all of our clients? - also all traffic would have to go through this machine - a bottle neck?  we do not want this to go down this route..

I did a test and created a virtual machine running IIS with a single holding page on,  I could then edit the IP credentials to match that of the site I was performing maintenance on and bring it online/ take offline the real site.   This appears to work and it is instant but most of our servers have  multiple clients so i would have to mess about for 30 mins or so adding IP address etc.

Is there a better alternative?  As i said this is a virtual environment ideally we want a small IIS VM we can keep powered off until we need it.

alternatively is there any way of scripting the IP address adding to the ethernet adaptor?  so we could just run a script according to which client we want to take down and the IPs are added to the maintenance holding page IIS VM machine.


Any help or pointers would be greatly appreciated.
0
Comment
Question by:Spikeuk30
  • 4
  • 4
  • 2
  • +1
11 Comments
 
LVL 38

Expert Comment

by:Aaron Tomosky
ID: 39858285
Are these LAN or wan connections hitting the site? If they are wan, you can just edit the firewall to point the wan ip to the maintenance vm ip while you do maintenance
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 39858302
I second the idea of changing the NAT rules on the firewall to point traffic top the maintenance VM. A benefit is that there is only one place to make the changes.
0
 

Author Comment

by:Spikeuk30
ID: 39858661
That sounds good - how quickly do NAT changes take effect?  I guess instantly as its all internal?

I have to check if this is possible as we have a hosted virtual environment, im not sure if we could get access to change the NATs themselves.
0
 
LVL 76

Expert Comment

by:arnold
ID: 39859184
Since you are using VMs, clustering is a way to minimize downtime while having the flexibility to do whatever it is that you need.

What exactly leads to the need to bring down IIS?

Or you are bringing a single site down?

You can have a default web site on IIS that detects the requested URL and outputs, sorry this site http://www.requestedsite.com  is currently under maintenance.

As soon as the site is started, the requests will flow to it.

IIS setup:
Default site
Site1
Site2
Site3


Note the NAT rule change as suggested on the firewall only works when when the individual sites have their own Dedicated IP

Ip1 site1
Ip2 site2

Etc.
0
 
LVL 38

Expert Comment

by:Aaron Tomosky
ID: 39859845
Depending on where you are hosted, rackspace for example offers firewall services
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 

Author Comment

by:Spikeuk30
ID: 39860077
We have to bring IIS down particularly when applying windows updates to perform a reboot.

We use a lot of SSL certifitcates which require a unique IP so the NAT change method would work but would be fiddely as we have to ask our host to change the NAT.
0
 
LVL 76

Assisted Solution

by:arnold
arnold earned 500 total points
ID: 39860693
Having two systems that function as a cluster will allow you to perform maintenance on one while the other is working.

It does make this extremely difficult when you have to rely on an external resource to transition.
0
 

Author Comment

by:Spikeuk30
ID: 39870159
is it possible to 'miss use' windows load balancer to configure multiple webservers on different subnets to load balance against the same single iis server running a maintenance page.

I would effectively disable load balancing until I want to fail over for maintenance, then enable it and set the maintenance weberserver as active.

Can i effectively load balance the webservers if the site content is different between the two, i would presume load balancing only goes as far as to redirect traffic to an alt IP address it doesnt look any deeper?
0
 
LVL 76

Assisted Solution

by:arnold
arnold earned 500 total points
ID: 39870217
It does not look at the content, it does check whether the members of the load-balancing group are avalable to avoid directing traffic to a down system.  Content/malfunctioning site would still be receiving load balanced redirected traffic.


There are many way to achieve what you need, you need to first define what options are available to you.
0
 

Author Comment

by:Spikeuk30
ID: 39900357
ok no funds and not enough time to create duplicate database /iis servers.

However we could create 1 additional webserver only hosting offline webpages....
0
 
LVL 76

Accepted Solution

by:
arnold earned 500 total points
ID: 39900671
If you are setting up an additional web server, use plain/simple asp to detect the URL being requested and out put the The site you requested HTTP_URL.

If you must output custom content per site, using a single page with dynamic data within an express version of SQL, etc.  Might be the simplest.

This way you can point everything to one location when needed.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

One of the typical problems I have experienced is when you have to move a web server from one hosting site to another. You normally prepare all on the new host, transfer the site, change DNS and cross your fingers hoping all will be ok on new server…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now