Kerry Linux Support wrote:
>> Kevin Philp <lists at cybercolloids.net> wrote:
>>>> Does it make sense to run virtual servers using the same topology
>> logic as you would with physical servers i.e. a server for the
>> firewall and another server for the internal network.
>> Yes of course, you can configure your virtual servers similar to
> physical servers, but you have to bear in mind, that the virtual
> servers all share the one machine's network interfaces. If you try to
> isolate servers from one another you have to setup the iptables rules
> carefully to make sure, that no undesired traffic is possible. For
> instance your virtual NFS server should only be allowed to use the
> "internal" network interface
> and the virtual web server/ssh server/whatever public service server
> to be confined to the other ("public") one. Your firewall server would
> need to use both and if this server delivers proxy services to the
> internal LAN,
> iptables can be getting tricky.
>>>> Does it make sense to split off various functions into different i.e.
>> a separate server for the local NFS server and another for external
>> SSH access.
>> Absolutely, if the horsepower of your host allows that.
>> Kerry Linux Support,
> Valentia Island
>>Any advice on which option to go for? Xen or KVM - KVM seems to be the
favoured option if you read the Ubuntu docs but the few people I know in
the industry use Xen.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!