Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Debian User (http://www.linux-archive.org/debian-user/)
-   -   How do you avoid server/firewall downtime? (http://www.linux-archive.org/debian-user/495069-how-do-you-avoid-server-firewall-downtime.html)

Jason Hsu 02-28-2011 04:49 AM

How do you avoid server/firewall downtime?
 
I have successfully installed a firewall and DHCP server with a minimal Debian Lenny installation. I successfully upgraded Debian Lenny to Debian Squeeze. Of course, it helps that I upgraded immediately after completing the fresh installation of Debian Lenny.

Now I'm trying to get the Shoreview firewall working and a DHCP server working in Debian Squeeeze, and I'm finding that what worked in Debian Lenny doesn't work in Debian Squeeze, and some adjustments are needed.

Of course, you could say that I don't know what I'm doing because I have no prior experience in working on servers in ANY OS and that all of my prior Linux experience has been on the desktop. I wouldn't be able to refute this. That said, I see that many other people (most of whom have more experience than I have) are also having difficulty with the upgrade from Lenny to Squeeze. In the ideal world, I can always avoid messing up. In the real world, I need to make sure that my screw-ups do NOT disrupt the system.

Fortunately, I'm just experimenting by building my first home network. However, I am looking for a job as a Linux IT consultant (preferably in the Minneapolis/St. Paul area), and I'll need to make sure that when I'm working with clients' systems, all major upgrades like this Lenny-to-Squeeze transition proceed much more smoothly.

Given all this, how do you avoid bringing down your clients' systems?
1. Do you have two or more firewalls/servers running in parallel so that if one goes down, the rest can take over the traffic? My guess is that the larger the company or organization, the more computers you can have running in parallel.
2. Do you have a way to make sure you can quickly restore a server back to the old obsolete-but-still-working setup? Even if there aren't any company files that need to be saved, there's still the need to restore the old setup if necessary. I am taking notes as I proceed to make sure I can restore my setup to a working state. However, reinstalling would take up valuable time. Do you clone the hard drive and save the image file (or whatever it is that stores all of the files and everything else) so that you can quickly restore everything back to the old setup if necessary WITHOUT having to go through the reinstallation process?
3. Do you have separate computers for each function (firewall/DHCP server, mail server, print server, web server, etc.)? It seems to me that it's easier to maintain things this way, because you only need to restore one function instead of multiple functions per machine. Then again, this means more equipment is needed to have redundancy in all server functions (print, mail, web, firewall, etc.), so maybe this isn't such a great idea.
4. Do your employers/clients give you a spare machine that you can use to practice? I know how to use VirtualBox, but that's not the same thing as a real computer. I know from my old career as an electrical/RF engineer that simulation programs all have underlying assumptions that may be inaccurate and sometimes wildly inaccurate. I know from my recent experience with Debian that certain computers are compatible with a fresh installation of Lenny but not a fresh installation of Squeeze.

--
Jason Hsu <jhsu802701@jasonhsu.com>


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110227234958.70b0a201.jhsu802701@jasonhsu.com">h ttp://lists.debian.org/20110227234958.70b0a201.jhsu802701@jasonhsu.com


All times are GMT. The time now is 09:19 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.