On Thu, 2002-12-05 at 04:51, Franki wrote: > *** Sent this already, doesn't seem to have arrived so I'm sending it again > *** > > Hi guys, > > I just got something of a promotion and I've been asked to change the > network over to hardware/software/OS over to something more professional. > > my plans are: > > - Mandrake Linux on all box's that will take it. (I thought about a unix > variant (Solaris specifically), but I'm now more familiar with Linux, and > most familiar with Mandrake. plus I decided to support the movement :-)
Solaris is a pain in the butt to work with, but it generally needs less working with if you get what I mean :-( > - Rack mount servers with Hotswap SCSI UW harddisks, two per box setup to > mirror. (speed not that important, at least initially.) Seriously consider hardware RAID. > - Digital switch for single monitor/keyboard/mouse per rack tower. Save yourself some money and build a rolling crash cart with all this on it. Also a handy place to put cable and crimping tools, screwdrivers, etc. > - Mail (postfix, amavisd-new, spamassasin), Web (apache extranet), DNS > (DynDNS (if I can figure out how to change over from Bind9.x)) servers. > - Master router/firewall, preferably hardware, but linux box if easier. must > be able to handle NAT and straight routing at the same time on different > interfaces. and must be able to handly two NET connections and switch > between the two if one goes down. (say for example two ADSL connections, or > a T1 and a backup ADSL.) > LEAF is quite capable of handling this and boasts a nice design -- check out Bering at http://leaf.sourceforge.net. But beware that this is an area where the rest of the corporation is most likely to kick back and insist on Cisco in my experience. > > My Questions are: > > 1. SCSI controllers/drives and hotswap... can linux handle hotswapping? And > whats the best controller cards to use? I have heard many a complaint about > Adaptec cards and the like.. whats the best supported trouble free card? > > 2. Hardware router/firewall setup, anyone have any suggetions here??? a box > capable of handling multiple connections and offer NAT AND routing to > different interfaces on the back of the unit? > PCI bus bandwidth is your bottleneck, not CPU or RAM (and if you use LEAF, disk doesn't play a role at all). Buy top quality bus-mastering NICs for a good motherboard and you should be able to match speeds with a 3660. One thing to note is that with a desktop or server CPU you'll have a lot more VPN horsepower than the average appliance. > 3. Whats the best prefab backup system for linux box's??? (don't tell me its > tar.. I was hoping for something more inclusive). > > 4. DYNDNS. I have working BIND9 installs, and I am not used to Dyndns, but > the config pages on Bernsteins site read like gibberish to me, I want to > edit a config file or two like with BIND.. is there a way of doing that?? > Personally I would just stick with BIND 9 -- you're biting off enough with the rest of this, and BIND 9 is not the same fish as 4 and 8. Avoid the political aspects of the argument and go with what's already working until you've finished and stabilized all these other changes. > 5. Multiple CPU's, I was thinking of using Dual AMD CPU's on the mail and > web servers.. the mail and web will be doing all the mail and sites for > about 100 websites and is likely to have some high usage statictics as time > goes on.. Is this a good idea or should I just create multiple web/mail > servers and configure them via round robin or similiar?? > Horizontal scaling (many small boxes) is always better than vertical scaling (big single box). With Postfix, your bottleneck is disk I/O, and everything else is relatively unimportant -- but amavis and spamassassin are CPU/RAM hogs and will need powerful dedicated boxes if you carry substantial amounts of traffic (say ~10K messages per day). Apache will easily saturate Fast Ethernet with a very modest machine if you're just serving static pages, so look at your application server instead of Apache -- and make sure it can support threading across multiple CPUs. Consider putting it on a separate layer of boxes and having two or three small Apache servers pulling from it. I'd say that the application server, database, and spam/virus filters are the only machines that need SMP -- though all would use it to some degree if it was there. > Any hardware tips, suggestions, flames etc about config and stuff from those > of you using this stuff would be most appreciated. > > > kindest regards > > Frank > > > > > > > > > > > > > > > ---- > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com -- Jack Coates Monkeynoodle: A Scientific Venture...
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
