[CLUE-Tech] Computer Lab Experiment

William bkimball1 at yahoo.com
Sun Apr 25 11:26:09 MDT 2004 

My employer has asked me to build a sample business-class network using Fedora Core 1 and the
following (spare) hardware:

eMachines Pentium II Celeron, 400MHz, 128M RAM, 4G HDD
Intel Pentium II, 450MHz, 128M RAM, 10G+3G HDDs
Intel Pentium III, 550MHz, 256M RAM, 10G+10G HDDs
Intel Pentium III, 600MHz, 256M RAM, 40G+60G HDDs

Between these machines -- and where compatible -- I can swap hardware around should I need to
recommission RAM or HDD space to fill any requirements.  The network already has a Cisco router,
Windows NT 4.0 PDC (also manages DNS and WINS), and a Windows 2000 Server for publicly-accessibly
Web, FTP, and Newsgroups (and several Windows XP Professional workstations).

The software requirements for this experiment are specific.  I am to provide:

A mail server using the latest Postfix that supports anti-virus, anti-uce, POP3, and web-based
interface.
A web server using the latest Apache that supports PHP, Perl, and JSP (via a bridged TomCat
installation if necessary).
A database server using the latest MySQL that will be accessible from all machines (including the
Windows 2000 Server box).
A chat server; no specific software requirement except that IRC Services are not wanted.
A log server that will receive and process logs from all other machines including a Cisco
perimiter router via logrotate and logwatch scripts.

This experiment has to go live for a test duration and an evaluation of performance, security, and
stability will be made at conclusion.

I am reasonably experienced with most of this software, but I want to get your input on allocating
the hardware before I start installing anything.  I have created the following map to illustrate
my first take on this scenario:

For mail.experiment-lab.com: (Intel Pentium II, 450MHz, 128M RAM, 10G+3G HDDs)
	Purpose(s) (External/DMZ machine):
		Mail server
		IRC server (private)
	Rebuild from the ground up to sport:
		RedHat/Fedora Linux (bare minimum Custom install) with:
		Perl and the CPAN script
		postfix2
		vm-pop3d
		popauth2 (a robust monitoring tool that I completely rewrote based on the popauth
pop-before-smtp utility)
		ircd (no services; this is a private chat server)
		bind9 (for local caching only; used heavily by postfix)
		iptables
		syslogd (routes all logging to inuyasha.experiment-lab.com)
		vim
For kenshin.experiment-lab.com: (eMachines Pentium II Celeron, 400MHz, 128M RAM, 4G HDD)
	Purpose(s) (External/DMZ machine):
		Web server
		FTP server
	Rebuild from the ground up to sport:
		RedHat/Fedora Linux (bare minimum Custom install) with:
		Perl and the CPAN script
		PHP (maybe, scripting calls should be pushed to shinji.experiment-lab.com)
		Apache2 with (PHP and Perl support -- maybe) and the Apache-to-Tomcat (JK2) bridge (to support
.jsp calls from Apache -- forwarding to shinji.experiment-lab.com)
		vs-ftp
		webalizer
		iptables
		syslogd (routes all logging to inuyasha.experiment-lab.com)
		vim
	Add a web interface for web-based e-mail management
		Requires IMAP, and this daemon may replace vm-pop3d (try to avoid replacing this POP3 daemon, if
possible)
	Set up an automated backup facility to preserve:
		All configuration files
		All websites
For inuyasha.experiment-lab.com: (Intel Pentium III, 600MHz, 256M RAM, 40G+60G HDDs)
	Purpose(s) (Internal/Protected machine):
		Database server
		Log server (including all Linux servers AND the Cisco perimiter router)
		Mail sanitizer (AMaViSD-New, Anomy, Mail::SpamAssassin, and some anti-virus)
	Rebuild from the ground up to sport (NO web server components):
		RedHat/Fedora Linux (bare minimum Custom install) with:
		Perl and the CPAN script
		MySQL
		AMaViSD-New
		SpamAssassin
		Some free anti-virus program that works with AMaViSD-New and provides free virus database
updates
		Anomy
		syslogd (configured to receive logging entries from all other machines on the local network)
		iptables
		logwatch
		vim
	Set up an automated backup facility to preserve:
		All configuration files
		Databases
		Log Files (4-15 weeks worth)
For shinji.experiment-lab.com: (Intel Pentium III, 550MHz, 256M RAM, 10G+10G HDDs)
	Purpose(s) (Internal/Protected machine):
		Application server
	Rebuild from the ground up to sport:
		RedHat/Fedora Linux (bare minimum Custom install) with:
		j2sdk
		Perl and the CPAN script
		PHP
		Tomcat with the Apache-to-Tomcat (JK2) bridge (to support .jsp calls from Apache)
		webalizer
		iptables
		syslogd (routes all logging to inuyasha.experiment-lab.com)
		vim
	Set up an automated backup facility to preserve:
		All configuration files
		All programming modules


I suspect that I'm not putting the hardware to its best use, but I like the distribution of
services into a Mail/Chat Server, Web/FTP Server, Database/Log Server, and Application Server. 
However, because I've never designed a network of this scale before, I realize I may have made
some mistakes in how I've allocated the services.

What would you do?

Thanks all!

=====
William Kimball, Jr.
"Programming is an art form that fights back!"  =)


	
		
__________________________________
Do you Yahoo!?
Yahoo! Photos: High-quality 4x6 digital prints for 25¢
http://photos.yahoo.com/ph/print_splash

More information about the clue-tech mailing list