Advice Requested (kind of long...) from Chuck McManis on 2000-12-23 (2000-December)

From: Chuck McManis <cmcmanis_at_mcmanis.com>
Date: Sat Dec 23 00:12:40 2000

At 08:22 PM 12/22/00 -0800, you wrote:
> I'm getting ready to create my own 'server farm' to place the
>bluefeathertech.com domain on.

Excellent!

>My ultimate goal is to be dependent on Qwest
>(or whoever my ISP ends up being in the long run) only for:
>
> --The DSL line
> --DNS support
> --Usenet (and maybe not even that if I choose to set up a caching
> news
>server locally).

Personally if I were you I'd do my own DNS as well, especially if you're
going to be connected 24 x 7. So what you're doing is creating your own
"POP" (Point of Presence)

> --Two mail servers (primary and backup)
> --A web server (already up and running since last summer)
> --An FTP system that can do double-duty as a local caching Usenet
> server
>with a LIMITED (less than 50) newsgroups (I don't have a terabyte storage
>array). ;-)
> --A "maintenance" server that can be dedicated to netbooting other
>systems, if need be, and that will also serve as a central recording point
>for logging from the other machines.
>
> Everything will run a version of NetBSD as its OS. This is not
> negotiable.

So design your network from the cloud out. Start with your backbone feed,
(this to your ISP) then, depending on your address space, fork your network
into the "public" network and the "private" network. Set up firewalls
between the two.

Generally I'd set up one machine as the web server, two as mail servers
(also doing double duty as DNS servers), and one as the FTP/News server. (5
machines total). Then use a couple of machines to serve disk pages to the
primary machines for extended storage.

Now firewall to your private network and have the firewall be locked tight.
If you want to set up a VPN tunnel point this machine can do that, PPTP
works with WinBlows laptops but setting up an IPSEC tunnel from your laptop
running NetBSD to the private network is much more fun.

On the "inside" you can have a file server with tape backup and of course
your workstation(s).

I've been hacking on my DSSI driver for NetBSD and was reminded of my Sun
days where I had a bunch of file servers serving up the source code, my
development machine, and the machine that I was putting kernels on and
rebooting and debugging. I've created that at home basically 10 years
later. Very weird when it comes right down to it.

--Chuck
Received on Sat Dec 23 2000 - 00:12:40 GMT

This archive was generated by hypermail 2.3.0 : Fri Oct 10 2014 - 23:32:50 BST