Posts Tagged ‘server’

Internal Server – Firewall workaround needed

February 3rd, 2009

At work, we’re developing something on an internal server which is behind several firewalls and routers, but we need to allow a third party website (Paypal to be exact) to be able to connect to the web server.

It is nearly impossible for me to put this machine either on the public internet or make a hole in the firewall tables (basically, it’s behind our internal NAT providing router, which is then on a NATted firewalled building router, which is then on another NATted firewalled building providers router/VPN – and then the ISPs NATted firewalled router). As you can imagine, being behind 4 routers each with their own firewall configuration and us being unable to get the rules changes makes this a bit difficult.

However, along with the Linux based web server within our LAN, I do also have a remote Linux server with spare IPs. But how can I setup a connection so that the 3rd party can go to http://testdomain.myserver.example.com which then connects to my remote Linux server which then, somehow, connects to the LANed server.

We can make as many outbound connections on whichever ports we like from our LAN (so I can connect the LAN server to the remote server), but then how do I do the connection and how do I then forward the requests inbound?

Any ideas?

Techy: Should I move from a dedicated server to co-location?

January 12th, 2008

I recently assisted somebody in deciding whether to move from a dedicated server to a co-location provider (a “co-lo” is where you purchase the hardware, install it etc etc: the “co-lo” provider provides the physical space in a secure environment, links to the internet, power, cooling etc) and I thought my thoughts on the matter may help anybody else who is thinking of moving from a dedicated server at at a Datacenter to a co-location company:

Don’t forget that a dedicated server company isn’t just offering you the hardware, the software, the IP addresses, the multiple provider bandwidth (some co-lo’s will only provide one provider), and as much electricity and cooling is needed: they also provide you with “humans”.

Ok, you can automate remote reboots (as most major dedicated server providers now offer), KVM over IP (as a few dedicated server providers and datacenters offer) to provide most remote administration: but what happens if your hard drive fails, PSU or even mother board fails?

Most dedicated server providers guarantee replacement within 4 hours – how long will it take you to purchase a new HD/PSU/motherboard/SCSI controller etc (dedicated server provider hardware replacements are free: with co-locaiton you’ll have to account for the replacement costs), drive to the datacenter, get access to your cage/rack (some require 24 hours notice for security), open the server up, replace the parts and then get things running again…

I know some co-lo providers provide “on site hands and eyes” and “free hardware replacement” (IF you use the hardware they specify), but then the costs start equally or going over the dedicated server cost AND you may not have the network the dedicated server provider provide.

Of course, if you’re within 10 minutes drive of a major datacenter (such as Telehouse or Redbus) AND you have backup staff within the same drive-distance (for when you are unavailable) AND you have a couple of hundred servers you can afford to buy “outright” straight off with spares (and maybe account for a couple of “hot-spares” for critical servers) AND are willing to commit to an 12-24 month contract with the datacenter then it may be worth considering…

gamy-dance
%d bloggers like this: