This article may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. To maintain the flow of the article, we've left these URLs in the text, but disabled the links.
|
Co-Locating Your Web Server with an ISP to Simplify Maintenance
Ted Coombs and Jason Coombs |
Owning, updating, and maintaining your own e-commerce site can become a logistical nightmare if you try to do it all on your own. Many service providers now offer co-location services, allowing you to place your server at their site, on their network, and linked to their connection.
There are many possible ways to host your Internet site. You can maintain your own dedicated connection to the net or use a commercial hosting service. But an often-overlooked option, server co-location, offers some distinct advantages over the other two hosting methods. Co-location services, offered by a growing number of ISPs, allow you to place your own server machines right on the ISP's network, directly linked to their high-speed Internet connection.
You own and control the hardware and software; the ISP
provides value-added commercial real estate rental, charging by the inch and by the byte. Some co-location service providers charge obscene rates, but if you shop around you will find that this sort of service is many times less expensive than buying and maintaining your own equipment. Moreover, you don't have to pay the telephone company or a
broadband data service provider to bring a high-capacity link into your building.
Our computer science lab recently had a serious prolonged failure of its T-1 line. As a result, all of our Internet research projects were delayed by three months. With this sort of problem, without a redundant backup Internet service already in place, which means doubling your already substantial net connection costs, you end up at the mercy of repair staff who will promise to solve your problem quickly even before they know what's wrong. If they can't fix it, you can wait another month for your new service to be installed by a new company, or you can move all of your servers to a co-location site and have them back online the same day with a minimal amount of reconfiguration. When we chose this second path, we discovered so many advantages over our T-1 that we now view co-location service as an essential part of every site builder's bag of tricks. At the very least, co-location should be your backup plan in the event of a total service failure in your high-speed data lines. And, if you wish, you can do away with those high-cost, high-speed data lines entirely and plan co-location for your servers, keeping just enough bandwidth for your office so that users have Internet access and developers and administrators have remote access to your co-located servers. Co-location Advantages Reliability is one of the biggest advantages of co-location. Our new co-location service provider, CTS (http://www.cts.com), has multiple DS-3 lines with different providers; if one fails, traffic is handled by the other circuits automatically. When it comes right down to it, unless you are an ISP, you probably don't have more than a couple of T-3 lines. The cost for even that amount of bandwidth is considerable, especially if most of it goes unused simply to provide room for growth. Let your co-location service provider handle bandwidth growth, making that a more reliable part of your overall site building plan. Another reliability feature offered through co-location is the industrial-grade UPS power backup systems normally maintained by ISPs. a UPS battery backup system that keeps a single server running for less than an hour will be woefully inadequate in the event of a power failure of any significant duration. By investing in huge battery backup and generator power systems, your ISP will be able to keep your server powered even when everything is blacked out for miles around. When you compare the cost of co-location to just the price of purchasing power backup equipment sufficient to maintain uninterrupted service all day long for all of your servers, you'll save enough money to double the number of servers you own. And to top it off, your new servers will each have uninterrupted power without adding additional UPS equipment of your own. You can sleep better knowing that in the event of a power failure, your sites will still be up. Co-location is more expensive than hosting your site on someone else's server, but you don't sacrifice the flexibility and freedom of running your own server software and owning and controlling your own data as you would if you paid for Web hosting. You also get to own and control the hardware so the configuration of your server equipment is completely in your hands. If you need a machine with multiple fast processors, a gigabyte of RAM, hard disks with super-fast access times, mirrored for dependability, all dedicated to hosting one site, you can get it. You can also choose to grow into that configuration or better as your budget and needs dictate. We will discuss some of the interesting hardware configurations you can come up with later on. Controlling the software installed on your server is very important, especially in e-commerce application development. Electronic commerce sites require a considerable number of software services beyond a mere Web server. You may also need an LDAP server for membership and other directory services, credit card processing software, inventory and accounting software, a shopping cart system, and sophisticated site management software, not to mention traditional server functionality such as email, DNS, FTP, and other foundation Internet services. When you pay an ISP for these services, expansion always comes at a price, even for simple things like adding email accounts. If you own and manage the server software, there is no additional cost. What to Look for in a Service One of the most important tasks in co-locating a server is choosing the right co-location service. We have found that the service offerings and prices vary greatly. Figure 1 shows a checklist of questions to ask when shopping for a co-location service. The vendor you choose should have a good track record. You'll want to know that the company is going to be around for the long term, and that they have satisfied customers. It's appropriate to ask how many co-location customers they currently have. You can even ask for customer references. Several of the ISPs we contacted had impressive Web sites, a large number of service offerings, and zero customers. Of course, being customer number one may provide some negotiation leverage. Co-location is a relatively new service offering even for many established ISPs, and they may have some kinks to work out. If they're going to work out the kinks through you, negotiate a service fee to reflect that. Network security is especially important to consider. Make sure that the service provider doesn't try to stick your machines on a shared Ethernet network. You don't want your network traffic running around on the same network with hosts that you don't control, because they could easily snoop in on your traffic and potentially compromise security. Make certain that your equipment is on a switched Ethernet port, a dedicated Ethernet hub just for your servers, or is in some other way isolated from direct contact with other Ethernet-based hosts. This way you won't be sharing your local area network bandwidth or your network traffic with others. Most importantly, malicious neighbors can't use network protocols that are not routable, such as NetBEUI or IPX/SPX, as a means to attack your servers. TCP/IP should be the only network protocol that the outside world can use to communicate with your co-located hosts. This gives you the ability to control what services are available to other network nodes and lets you carefully control security policy for access to those TCP/IP-based network services. The physical location of the service provider may be an issue for you. a service provider located near you allows you to add RAM and hard disk space with a minimum amount of hassle and travel time. Access to the server hardware is important if you intend to maintain the equipment yourself. Make sure you find out how easy it is to get in to maintain your machine. Some ISPs restrict how often they will let you in to maintain your machine, or allow you in during business hours only. Some ISPs don't really want their customers traipsing around the premises, and therefore charge you to visit and work on co-located machines. This is usually an hourly fee, and complex problems or reconfigurations can be costly. On the other hand, many ISPs will allow you free, unlimited access to the machines, and will make special arrangements for any after-hours access you may need. These days, most ISPs are manned 24 hours a day and the graveyard-shift technicians often enjoy having visitors. When your machine is located at a distance where easy access isn't an option, the services offered by the ISP become very important. Some ISPs offer hardware and software support to their co-location customers. They will do everything from rebooting the machine to installing software and hardware. These charges are usually billed on a time and materials basis. The hourly rates vary and are often subject to change. If the service provider you select is far away, it can actually save you money to hire them to perform maintenance or replace failing equipment. But beware of hidden fees! Some ISPs will charge as much as $50 just to have someone push the reset button on your machine or do other trivial tasks. Make sure that the people who will work on your hardware or software are qualified and have experience with the products you use. The money you can expect to pay for co-locating your server will vary widely. You can choose from a wide variety of co-locating styles and payment alternatives, some very expensive and some pretty reasonable. There are, in essence, only three variables: monthly fees for rent and base bandwidth, for extra bandwidth, and for IP addresses. The ISP normally recovers the cost of operating and maintaining their facility and its Internet connections by charging a monthly fee per server. This gives the ISP a fixed income based on the amount of space or number of servers they are able to co-locate for customers. There is almost always a certain amount of network usage included in the monthly fee, measured either by the gigabyte of total traffic or by the amount of bandwidth allocated to your server. Any network usage beyond that included in the monthly fee carries with it an extra charge. Extra bandwidth fees are where you'll find the greatest amount of difference between service providers. You'll have to weigh the value of only paying for the bandwidth that you actually use, which can mean savings one month and more money another month, against paying more for an amount of bandwidth reserved for your use. IP address charges are another area in which there can be enormous differences between providers. Some offer as many IP addresses as you want, figuring that giving you more IP addresses means you'll need more bandwidth, which they will gladly provide for a fee. Other providers charge a monthly fee for every IP address beyond one per server. This can be important, since there are things that you just cannot do with today's technology unless you have a dedicated IP address. If the use of many IP addresses is important to you, look carefully at those fees when deciding between providers. Software Virtual Hosting If the provider you select leaves you no choice but to make everything you do fit into a single IP address, this doesn't have to be a showstopper. You can work around it if you know the difference between hardware virtual hosting and software virtual hosting and design your sites accordingly. Software virtual hosting was introduced as a feature of the HTTP/1.1 protocol so that more than one Web site could be hosted using just one IP address. It works by adding a new HTTP header that all HTTP/1.1 clients are supposed to send to the server when they make a request. The new HTTP header contains the Internet domain name of the host that the client thinks it's contacting, which makes it possible for the server to play along and deliver content applicable to the domain name indicated by the client. To set up software virtual hosting using Microsoft® Internet Information Server (IIS), you specify the IP address and port number as you would when creating any new Web site. Then you specify an extra value for the Web site by clicking on the Advanced button in the Web site's Properties window. Next to the IP address and port number you type the Host Header Name as you expect browsers to specify it. An example is shown in Figure 2 for the virtual host physics.science.org. |
Figure 2: Software Virtual Hosting Setup |
The software virtual hosting feature of HTTP/1.1 is not backward compatible. Browsers that are not HTTP/1.1-compliant cannot contact sites that are software virtual hosted. That is the major drawback of software virtual hosting. To work around this problem, you must configure every site that is software virtual hosted so that the content of the Web site is stored in a unique subdirectory, defeating the purpose of virtual hosting. Visitors who type in the domain name of a Web site expect to receive the site's home page. Unfortunately, when any browser that is not HTTP/1.1-compliant is used to contact a site that is software virtual hosted, the site's home page is not displayed. Instead, because multiple sites share a single IP address, the home page that is displayed represents a list of subdirectories for the Web server containing the content of the sites that are software virtual hosted on the server. This is a minor inconvenience to some, but others find this unprofessional and a poor reflection on the site builder. Still others think that this reflects poorly only on the person who has failed to install an updated Web browser that is HTTP/1.1-compliant. We think it reflects poorly on ISPs who try to charge a premium for extra IP addresses, thereby giving site builders no choice if they wish to offer low prices to their customers. Everyone loses, because this adds another tech-nical complication that causes problems for Internet users and renders a substantial number of existing software in-stallations obsolete without explana-tion or warning. The complications grow larger and more problematic if you want to use software virtual hosting to support multiple Secure Sockets Layer (SSL) encrypted Web sites. When a secure connection is established between a browser and server using SSL, the first transaction that occurs is the server sending its official encryption certificate to the browser. The browser verifies that the server's encryption certificate is acceptable by, among other things, comparing the domain name of the host it contacted with the domain name embedded in the encryption certificate. If everything checks out as expected, the browser begins to encrypt and decrypt on its end using information found in the server's encryption certificate. The server, meanwhile, uses a secret encryption key that is complementary to its encryption certificate. Any data encrypted with the server's secret key (also known as a private key) can only be decrypted using the complementary key (called the public key) found in the server's encryption certificate. The browser also has a public and private key pair. The public key is now sent to the server so that the server can use it to encrypt data that only the browser can decrypt using its private key. This all happens prior to sending or receiving any HTTP protocol information, so the server has no way to know until it is too late what Internet domain name the browser is trying to contact. As a result, it is impossible for the server to supply the correct encryption certificate for that domain, which means that the browser is going to reject the encryption certificate supplied by the server because the domain name in the certificate does not match the domain name requested by the browser. |
Figure 3: Key Manager for SSL Encryption |
One possible workaround will allow more than one SSL encryption certificate to be used on a single IP address. Figure 3 shows how the Key Manager in IIS is used to bind each SSL encryption certificate to a particular IP address. As you can see, it is also possible to specify the port number to which an encryption certificate is bound. The standard port number for SSL is 443; any https:// URL references that port number implicitly, just as any http:// URL references port 80. However, the standard URL syntax of https://server:port can be used to explicitly reference a port other than the normal port for the protocol. And thus this trick can work as long as you always specify the port number in any https:// URL that you construct. For example, the URL for the www.badreli-gion.com SSL service on our site is https://www.badreligion.com:444, and the URL for the www.digital-market-place.com SSL service is www.digitalmarket-place.com:445. Since www.science.org uses the site's default port for SSL service, you don't need to specify a port number when navigating to https://www.science.org. There can be drawbacks to this workaround, as there is a lot of software out therefrom HTML editors to site management software to obscure browsers or custom applicationsthat wasn't coded to allow a port number to be specified when contacting an SSL-secured Web site. But since you already have the limitation of software virtual hosting requiring HTTP/1.1-compliant browsers, the additional limitation of requiring a browser to support nonstandard port numbers in https:// URLs may be unimportant. Hardware Virtual Hosting For maximum compatibility with existing software, hardware virtual hosting is the preferred method of virtual hosting. It takes advantage of the operating system's ability to bind multiple IP addresses to the same network adapter. Server software configuration settings allow you to associate an IP address with information such as the directory the server should use when servicing client requests through that IP address, or which certificate to use for SSL encryption. Hardware virtual hosting is much simpler than software virtual hosting. Its only drawback is that you must have enough IP addresses to be able to dedicate one address per virtual host. You do not need another one just for SSL, however, because SSL and HTTP use different default port numbers. Figure 4 shows a typical configuration used in IIS for hardware virtual hosting. In the "Multiple identities for this Web Site" box, notice that IP Address and TCP Port are the only fields specified. The Host Header Name field is left blank because this Web site doesn't rely on that particular feature of HTTP/1.1. |
Figure 4: Hardware Virtual Hosting Setup |
With hardware virtual hosting, you can be confident that all Web site authoring tools and every other kind of client program or utility will be compatible with the configuration of your Web site on the server. We think this is a very important advantage over software virtual hosting. And considering that few ISPs have to pay for IP addresses themselves, the idea that they would try to pass them on to you at a monthly cost seems excessive. Configuring Your Server Making sure that your server is ready for co-location is an important step. Here are also a few tricks we've learned. Many co-location service providers require that your machine use a standard 19" rack-mountable chassis. Some services allow you to co-locate a standard tower box, but be prepared to pay a premium for desktop space or to have a rack-mounted tray installed. You can pay for full or partial racks, depending on the number of cases you need to install. For example, your machine may use external hard drive storage or RAID disk storage, both of which require additional rack space. If you weigh the extra monthly charge of renting rack space and a tray for a standard tower case against the one-time cost of putting your machine in a rack-mountable case, you'll see that a small investment in a rack-mountable case will save you a considerable amount on your monthly fee. We found that many service providers allow you to host two servers for the price of one simply by putting two motherboards in a single case. Most service providers calculate your base monthly fee depending on the amount of space you consume in their facility, not the number of network cables that run to your equipment. We bought a rack-mountable case with a segmented passive backplane and two single-board computers to cut our monthly fee in half. If you aren't familiar with this configuration, imagine a motherboard that looks more like a daughterboard (the expansion boards you normally plug into a motherboard). The smaller motherboard plugs into a board called a backplane that occupies the space in which you would normally expect to see the motherboard. The backplane also has a certain number of PCI, ISA, or other bus slots to accept network cards, video cards, and so on. a superb supplier of rack-mountable cases, single-board computers, and related equipment is Siliconrax (http://www.siliconrax.com). The segmented backplane is limited in the number of expansion slots allotted to each single-board computer. You can choose from a variety of backplane configurations. There are backplanes that accept only one single-board computer and lots of either all-ISa or a combination of ISa and PCI cards. Other backplanes accept as many as five single-board computers with varying numbers of ISa and PCI slots available to each single-board computer. We chose the segmented passive backplane shown in Figure 5. This allowed us two systems, one with six slots and the other with seven. When selecting expansion cards, we tried to choose PCI cards where we needed the faster throughput of PCI, and selected ISa cards where the throughput was not as important, such as the video cards, which will be used only for maintenance of the system. |
Figure 5: a Segmented Backplane Server |
Our case had room for eight hard drives, and would have had room for as many as 10 had they all been half-height drives. When using a larger case like this you should be prepared to use longer IDE or SCSI cablesstandard length is just not long enough. You can have the cables you need custom-made for a very reasonable amount of money. When selecting a case for a double server, particularly if you intend to use a large number of hard drives, make sure to select an adequate power supply. We chose a 400-watt power supply. The extra juice didn't add significantly to the price, but provides enough power to all the hard drives and cards. Once your hardware is configured, you'll want to make certain that your software is optimized to run remotely. When we decided to co-locate our servers, we were confronted with the scary thought that our machines would be out of our physical control for the first time. Moving our server machines off-site meant that we were going to lose some basic abilities, like rebooting our machines if they hung, and we would no longer have access to server administration tools. After a bit of experimentation we learned that aside from upgrading or repairing the hardware, you really don't need to have direct access to the hardware, unless the gentle sound of the hard drive spinning away soothes your nerves. Machines can be rebooted remotely, and software products like pcANYWHERE from Symantec allow you to completely manage the operating system and software remotely. Using pcANYWHERE, you can log in to Windows NT® Server over the Internet, giving you access to all the software on the server, as well as the administrative tools. pcANYWHERE uses Windows NT security to grant login permissions to pcANY-WHERE clients, so you can grant access only to members of the Administrators group, or create a new group (see Figure 6). a big advantage to running two servers remotely is that if pcANY-WHERE fails on one machine, you can use the server administration tools on the other to remotely shut down and restart the pcANY-WHERE service on the first machine. |
Figure 6: Using pcANYWHERE for Site Administration |
Aside from the maintenance benefits, running more than one server allows you to distribute the processing load between machines. One can be your primary name server and the other can be the secondary name server. On one of our co-located machines, we run Microsoft Site Server Commerce Edition as our primary Web server. The other machine is running an LDAP server for our membership needs. You can see an example of how membership and directory services works by visiting http://www.digitalmarketplace.com, one of the commerce sites using membership services. Additional services such as email, FTP, multimedia streaming, or other processor and disk access-intensive services can be better distributed to ease the system's overall load. It's important for your system administrator to have some type of remote control software. Other people, like your database administrator, also administer software on your site. You can set up a PPTP service for secure access to programs on your site. This will enable more than one person to simul-taneously administer your server. Only one pcANY-WHERE connection can be established, but your administrator could be using pcANYWHERE while your database administrator remotely administers the database using a PPTP connection. As soon as the server machines are fully configured and ready to move to their new home, the next job is to take care of domain name issues. How domain name information is updated with the InterNIC depends on the situation. If you're not running your own DNS server, or your DNS server is not being moved, all you have to do is update the DNS server managing your domain names with the new IP addresses of the servers being co-located. Remember, you should request these IP addresses from the co-location service provider before you move the machine. The other scenario involves running DNS servers on the machines you are co-locating. Making these changes with the InterNIC can be a nightmare if you don't carefully plan the timing, specifically if you are canceling your dedicated Internet service because you are co-locating your servers. We ran into problems when we moved our email service to the new co-located site before we requested changes with the InterNIC. The servers were using MAIL-FROM security. Although we were able to send email with the correct FROM address, we were not able to receive email from the InterNIC containing the correct request number they assigned. When trying to discuss this matter with the InterNIC, they were not able to locate our request without the request numberwhich, of course, we were not able to retrieve. Here are some guidelines to follow for making changes with the InterNIC. If you are changing the DNS server used by your domains, you need to update each domain record with the names and IP addresses of the new DNS servers, both primary and secondary. Begin changing this information by using the InterNIC's domain modification form at http://www.networksolutions.com/help/changes/inst_mod.html. If you are going to continue using the same DNS servers, but the IP addresses of the DNS servers are changing, then it is important to use the InterNIC's host change form ( If you are currently using the MAIL-FROM InterNIC security, you actually have no security at all. Even Internet novices can change their email programs to reflect a different email address in the FROM line. Since the email addresses of administrative and technical contacts are listed in the WHOIS database, everyone on the Internet has access to the information they need to request changes using the MAIL-FROM security. When changing the host information, the InterNIC does not send you email confirming your change. If the InterNIC feels that the MAIL-FROM security is not sufficient, they require that a fax on company stationery be sent to them. Of course, anyone with a word processor can create phony company stationery. So basically, anyone can change your InterNIC record with a minimal amount of effort. We recommend that you use one of the two higher levels of InterNIC security, encrypted password or PGP. For more information visit the InterNIC's security FAQ at http://rs.internic.net/faq/guardian.html. It's a good idea to use the highest level of security offered through Guardian, the PGP-based security. PGP uses public key cryptography to allow your communications to be digitally signed, avoiding any possibility that someone else can impersonate you in an attempt to modify your record. Either obtain the commercial version of PGP by visiting http://www.pgp.com, or download the freeware version from MIT by visiting http://web.mit.edu/network/pgp.html. |
Figure 7: Managing PGP Keys |
First, install PGP and generate a key pair. Your key will be stored in the PGP key manager (see Figure 7). Highlight the key you've generated and select the Export command from the Keys menu. This will export your public key to an ASCII file. Then you can submit your key to the InterNIC key server by pasting the contents of the ASCII file into the page at http://www.networksolutions.com/internic/wwwpks/pks-commands.html. Add your email address, and you will receive email notification that your key was added successfully. Maintaining Your Site Once your domain name modifications have been made, your servers are ready to move to their new home. We've found that using Visual InterDev with Visual SourceSafe allows us to easily maintain our Web sites remotely. Visual InterDev automatically keeps a local copy of the site, giving you extra security. In a situation where multiple people maintain the site, Visual SourceSafe is a great way to maintain order and security. An alternative to co-locating your own machine is to lease a computer from the co-location service. Leasing a server allows you to upgrade to a faster machine as better technology becomes available. Aside from this small long-term cost advantage, being able to design your own hardware system can allow you to regularly upgrade as time goes on. Purchasing a server that will allow you to add additional memory, faster processors, and more disk space is important. Co-location may not be the answer for everyone, but it does provide a reliable, cost-effective, and easy way to build and maintain a commercial-grade Internet site. With your server software on a fast connection, your options for personal or small business access to the Internet increase tremendously. New high-speed but lower-bandwidth connectivity options now exist with cable modem and DSL Internet access. Check with your local cable or phone companies for availability. |
http://msdn.microsoft.com/library/books/pc99/addressingcostofownershipformodems.htm
and http://msdn.microsoft.com/msdn-online/workshop /essentials/forstarters/starts0313.asp |
From the June 1999 issue of Microsoft Internet Developer.