Hello: I just finished setting up my servers (for the first time) at a colo facility. However, it appears that the web site performance is not as 'robust' as i expected, and i'm hoping to get feedback on what i should do to improve the performance of my web site.
here's my layout:
colo router (provided) --> a used cisco 2900 switch with VLAN --> firewall --> webserver --> linux 'open source' load balancer --> DB1 and DB2
I'm serving over 23 mil data (i know it's crazy to serve this much data given limited hardware that i have)... users do a lot of searches on the web site (note: i'm not serving any videos)... we hope to hit about a 500-800K users a month.
what areas should i focus on to improve the performance? should i buy hardware, if so what hardware?
should i replace the cisco switch? should i use a gigabit switch?
is the firewall necessary (only port 80 is opened to the public)? we need to protect the databases and prevent attack, among other things.
should i do natting on the web server? currently, the web server is behind a firewall so i have to do natting.
anyway, a lot of questions in one thread. i'm under budget so i'm trying conserve costs, but i want to optimize the performance... i appreciate any advice and feedback.
Last edited by yellowtree; 05-03-2008 at 01:37 AM.
A cisco 2900 can push a decent amount of traffic, but a 2950 or 3500 can be bought so cheap on eBay nowadays you may as well as get one of those. I wouldn't bother with a gigabit switch unless you're saturating 100Mb ports.
What firewall are you running? It is not necessary to use NAT when behind a firewall. I would recommend against NAT for anything in a hosting environment. If you really need non-routable IP's for your internal network, you should separate it from your public facing network.
I would upgrade your web or DB servers if necessary, based on the type of load you see on them at peak times. If load on them is fine, but you're still seeing some flakiness, I would look to upgrade the firewall.
ASTUTE HOSTING: Advanced, customized, and scalable solutions with AS54527 Premium Canadian Optimized Network (Level3, PEER1, Shaw, Tinet) MicroServers.io: Enterprise Dedicated Hardware with IPMI at VPS-like Prices using AS63213 Affordable Bandwidth (Cogent, HE, Tinet) Dedicated Hosting, Colo, Bandwidth, and Fiber out of Vancouver, Seattle, LA, Toronto, NYC, and Miami
bginternet: thank you! we're serving approximately 3gb of files (all text)... i think the max bandwidth that we will be serving would be about 2 mbps (in the future)... right now, it's just a fraction of that of course. i will update with you if there are any changes or if i know the exact number... currently, we're serving approximately 150,000 unique users per month. i'm expecting to triple this in the next few months... right now, it seems to be working well for us.
hhw: thank you! i'll take your advice regarding the switch. i'm running a cisco PIX 501... i'm thinking about upgrading it to a new model (i wonder what model i should go with for Cisco pix)... sorry for my shortcoming, i'm so used to natting (in my office and home)... how can i configure a 'secure' network on the firewall if i'm not natting, i wonder? i won't do natting for my webserver (how can i do this), but what about the DBs? is it secured not to use natting? what's the architecture/layout like if i'm not using natting? currently, i'm running DUAL Quad Core on both of my DB servers, single Quad Core on my only web server, and a used Dual Pentium for my open source load balancer (i will upgrade the memory soon)
osopolis -- thank you! i'm not doing any OS tuning yet, i'll look into this. i'm using Linux for my OS.
look forward to receiving your feedback. thank you again!