>That is my question. How (what protocol, not tcp/ip)
>do folks ACTUALLY USE so my web server/cf box can see
>my SQL7 box and my SQL7 box can be seen on my LAN (to
>transfer SQL7 backups, Service Packs, etc)
You "dual home" the cf/http box.
One ethernet has a public ip, aka DNS A record, to your router.
The other ethernet is RFC1918 (non-routable) private ip to your LAN
where your SQL server sits. The SQL server box is thoroughly "back
officed" and incaccessible to Internet, so less chance of it being
"back orificed". And if you ran ipx between CF and SQL server, that
is even more hacker proof and faster than tcp/ip (unless MS has crippled IPX).
If you must to put SQL server on the same Ethernet segment, at your
border router, block all access from Internet to the SQL box.
You can also put the SQL box on a different ip segment, preferably
RFC1918, from that subnet of the router's inside interface and the
cf/iis box, even with one etehrnet card.
There are a lot of ways to hide the SQL box and make it really back
office. Putting SQL server on a public ip address and sharing its
machine with an SMTP server doing DNS lookups and carrying SMTP
traffic for 100,000 users is not prudent, imo.
The other weakness is that nobody should run MS networking (netbios)
on publically accessible servers. There's just too much chance of a
compromise giving the cracker access to the entire lan's shared drives.
Two ethernet cards in the cf/iis box also has the benefit of
overlapping two totally separate tcp/ip datastreams onto two cards, a
perforance gain by reducing the congestion of one card. The best
server cards are Intel, and they make a dual Ethernet server card.
Len
http://BIND8NT.MEIway.com: ISC BIND 8.2.2 p5 installable binary for NT4
http://IMGate.MEIway.com: Build free, hi-perf, anti-spam mail gateways
========================================================================
This list server is Powered by iMS
'The Swiss Army Knife of Mail Servers'
--------------------------------------
To leave this list please complete the form at
http://www.CoolFusion.com/iMS.htm
List archives: http://www.mail-archive.com/infusion-email%40eoscape.com/
========================================================================
