Network Design Issue
Results 1 to 5 of 5

Thread: Network Design Issue

  1. #1
    Did someone said Pizza :) FanacooL's Avatar
    Join Date
    Oct 2004
    Location
    Karachi , Pakistan
    Posts
    466

    Network Design Issue

    Hi Gals/Guys

    This time the problem is we are about to run our own Webserver, now the problem is company insisting to have only one powerful machine which should act as Webserver, Domain Controller, email server and everything else....... As accoring to them there should be one lease line in the office...... And believe me they said no matter how expensive that machine could be its ok with them......

    On the other hand my opinion is that we should have seperate server for Web services and for Internal traffic I mean the DC. They said there is no harm in having two servers but the lease line should remain single. Now my question

    Is it possible to share that lease line between those servers without intereacting with each other.?

    I don't want them to interact with each other i mean both should be like same previlliges or i can say at the same level. I am Attaching a diagram of what i have in my mind.......

    Well before drawing this diagram I thought there wouldn't be any problem in this scenerio but now i see its not possible. What if i use a router in between these two servers and if yes again the what could be the IP address of both servers External network cards.... I mean for webserver i can see it would be 10.0.0.5 with gateway 10.0.0.3.... I can't have same IP on this network ..... well quite confuse after drawing this figure ...... But this really help me in questioning myself........

    Anyways Need your help and views and suggestions.
    One machine can do the work of fifty ordinary men. No machine can do the work of one extraordinary man!

  2. #2
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    Well - its not the most secure of setup thats for sure!

    Youy really dont want your DC and webserver to be on the same box either - for obvious reasons!

    You may want to think about getting a firewall, router ..anything inbetween the modem and switch!

    Or remove the modem all together and use a router - with some good ACL's!

    As for IP addy's - is this on an existing network, with other WS's? If so whats the IP addressing plan already in operation?
    Drugs have taught an entire generation of kids the metric system.

    http://tazforum.**********.com/

  3. #3
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    I agree with Nokia....

    at least split them out to 2 boxes....get a good router ...

    Dpending on how much traffic you plan to get on your web server...this could interfere with your bandwidth..................most times it is better to host at an ISP.....they usually have bigger pipes

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  4. #4
    Did someone said Pizza :) FanacooL's Avatar
    Join Date
    Oct 2004
    Location
    Karachi , Pakistan
    Posts
    466
    Lets put it this way.... the reason company suggesting to have one system rather than two or more is just because they said, there should be only one leased line in the office and its easier to get your hands on one server........

    The reason why I am against having a single server is simple, its STUPID to have rather two or more are easier to manage and then we can easily monitor both the webserver and the Domain controller and for any reason of the them get down the other thing shouldn't be disturb....

    Now coming to the design....... Internally we are running differnt IP address the one from 192 series..... and the Leased IP we are getting from the Service Provider is of 202 right...... The diagram i attached is a rough sketch.... we will surely be having a firewall in between webserver and the leased line......

    Let me ask the questions in a different manner...... Is it possible that we can have more than 1 static IP on a single leased line....... If yes then my problem get solved here i will get two IP one to webserver and the other one will be for the DC...... From leased line the connection will be in a router and both servers will be connected to that router.....

    But if more than one static IP is not possible.... is it possible that the Service provider somehow break ther current leased line (DSL) into two parts one for the Webserver and 1 for DC.

    I think if i introduce simply a router after that leased line assign that static IP to the router and then attach both the servers my problem will get solved here........

    What you say?

    Edit:
    I think this router thing will not work..... suppose the website would be abc.com we should assign that IP to this website and this can only be possible if the interface or the IP is assigned to this server....... really confused here.

    Edit: -
    I just talked with our service provider technical support and they said they can give us two IP addresses on this single DSL connection...... Now i have changed the Demo network diagram please refer it and tell me is this possible. And is there anything else needed ?
    One machine can do the work of fifty ordinary men. No machine can do the work of one extraordinary man!

  5. #5
    Did someone said Pizza :) FanacooL's Avatar
    Join Date
    Oct 2004
    Location
    Karachi , Pakistan
    Posts
    466

    Question

    Hi gals/ Guys

    Now here's the new design of the network......

    DSL connection => DSL Modem => Router With Access Control List => WEBServer & DC. (Both having Different IPS)

    Now what i wanna know is do we need to have a hardware based firewall as I have heard with Web Server there is a very good chance of getting attacked from outside, As this is going to be my first experience of running a webserver outside the domain.

    Also i wanted to know what are the disadvantages of having two seperate servers rather than having one for both the things, as i have to make a comparision in between the old and new scenario.

    Thanx
    One machine can do the work of fifty ordinary men. No machine can do the work of one extraordinary man!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •