Advanced Server Networking Hoopla

B1naryr0gu3 / N/A
August 21, 2012 at 12:08:48
Specs: Windows 7, X2 3.1GHz/4GB DDR3 1333
I have a server at home and it has WAY more ethernet than I know what to do with.

So I chose to do a little of everything. Right now, I've got an isolated network portion on a Client Bridge, another section has an FTP server for my IRL Guild, a third part hosts my intranet, AND I STILL HAVE MORE ROOM.

So I want to run a Proxy/Firewall through Squid & Ubuntu on one of extra ports, run a PXE boot lan option on a second, and an FTP install location (located in the server) on the third. I still have more after that, perhaps I should also think of LAN aggregation?

Thoughts (BTW this is a server unrelated to the specs of my main pc).


See More: Advanced Server Networking Hoopla

Report •


#1
August 21, 2012 at 13:38:51
What exactly do you mean by "WAY more ethernet than I know what to do with"?

I think you're talking about network interfaces from what you say in your post but please confirm if I'm correct and if so, how many interfaces does your server have?

Link Aggregation is useful in high capacity servers, or servers that require some serious redundancy. From what you've described, yours isn' really either. Also, it would require at the very least a Layer 2 switch also capable of Link Aggregation. Do you have one?

Your description also makes me think you're running VM's inside the physical box, is this correct?

While I understand wanting to learn things, is there an actual point to what you're doing or are you just playing for your own knowledge?

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •

#2
August 22, 2012 at 09:28:27
Oh its mostly for my own learning. Since its more of a Sandbox server (I can mess with it and not lose any money doing so lol). No VMs at the moment (though I'd be interested in doing that as well as running a network domain). Having troubles with other computers seeing the domain right now. And I do not have an Aggregation switch but I was looking into getting into one.

Indeed I was speaking of network interfaces (I meant to put ethernet PORTS apologies). I have roughly 8 ethernet ports to play with on my end (of which most if not all of what I'm talking about will be implemented). Also I apologize if my lingo is off, I am so used to working alone that most of what I refer to is only vaguely what it is.


Report •

#3
August 22, 2012 at 10:49:31
If you built a decent box with about 32GB of RAM or so you could have a nice VMware vSphere whitebox for testing and learning.

As for LACP, it doesn't help that much if your storage doesn't have that kind of throughput.

For additional services, I don't see a Snort of Surricata IDS, database server, domain controllers, DNS and DHCP servers. There is tons of different services you could setup.

Tony


Report •

Related Solutions

#4
August 22, 2012 at 13:21:45
You need a LACP capable switch in order to play with link aggregation. Unless you're talking a high capacity database type server that incurs a lot of access, you won't need the combined bandwidth and with a single switch you have no redundancy as your single switch is still a single point of failure.

Besides, as tonysathre pointed out, if your storage doesn't have similar capacity, you're wasting your time.

For example, lets say you have an L2, LACP capable switch that's 1000 Mbps. You decide to do a 4 port LAG (link aggregation group) between it and the server. You configure the 4 switch ports and the 4 interfaces on the server and hook everything up and you're now getting a combined throughput of up to 40000 Mbps from server to switch. If your storage (say a NAS) has only a single 1000 Mbps connection to the switch, you lose any/all bandwidth benefits of the LAG when the data moves off the switch to the NAS making the LAG moot.

And of course as I pointed out earlier, should your switch fail, goodbye connectivity.

To be done correctly from a redundancy standpoint, you'd want minimum two switches stacked together so they behave as one unit. You'd split your LAG with 2 interfaces going to one switch and 2 to the other. Then, should one switch fail, traffic is still flowing onto the second. This is of course ignoring the chokepoint issue.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •

#5
August 22, 2012 at 13:26:58
Thanks for the replies. It seems like I have no real need of LAG capacity...in any case I also would like to think about installing a proxy server into the mix, as well as that PXE boot environment for the multiple machines I regular service. Any ideas on software or techniques there?

Furthermore, if you have any other fun or interesting elements to network ports let me know! I'd be interested to try them out.


Report •

#6
August 22, 2012 at 14:44:37
as well as that PXE boot environment for the multiple machines I regular service

The PXE systems I've worked with in the past, and I admit it's been a while, woke up by sending a simple WOL "magic packet" to them from a remote system. As far as I can recall, there was nothing you needed to do on the "server" side's NIC in order to send that packet.

If you have a layer 2 switch you might want to have a look at VLAN's, but that's pretty much swtich side and really doesn't require any setup on the server side.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •

#7
August 22, 2012 at 16:44:12
For PXE are you trying to boot thin-clients over the network, or booting OS installations over the network?

I have used FOG and Windows Deployment Services. Both are pretty good and WDS is really easy to setup, even with pxelinux for PXE-booting Linux over the network.

If you're looking for fun services to play with try building a Snort IDS with Barnyard 2 backend and Snorby front-end. Another fun service is setting up a DMZ and putting a honeypot in it.

Tony


Report •

Ask Question