Is 1 Hour Downtime Required For Installing Firewall?
Aug 4, 2008
Is 1 hour network reconfiguration downtime unavoidable with every Hosting Provider?
Today I got explanation from RackSpace why they needed to bring my server down for an hour when they install Hardware firewall (see below).
Could you comment if it's really necessary have 1 hour downtime in that case?
Here's how I see appropriate maintenance:
- Install and plug Firewall's power and external network cable without touching production server (no downtime yet).
- Connect test machine behind firewall and test if firewall works properly (no downtime yet).
- Switch network cable so it connects Production server to Hardware Firewall (20 seconds downtime).
Why couldn't the maintenance be done that way?
Anyway, here's response from RackSpace:
=======
I have answered questions 1-3 below and will be passing this ticket over to our network technicians in order to get questions 4-6 answered for you.
1) Why installing hardware firewall brought my server down by almost an hour? When working this type of maintenance to add firewall:
1. Mark ticket In Progress
2. Grab parts for maintenance
3. Put Public comment in ticket we are starting maintenance.
4. Log into server(at console or remotely).
5. Verify if other users are logged in.
5a. If users are logged in, we send them a message stating server is shutting down in X minutes.
5b. If no users are logged in, go to next step.
6. Shut server down.
7. Open the server.
8. Remove back plate from an open PCI slot.
9. Install PIX 501 card into PCI slot.
10. Screw PIX 501 power supply card in place.
11. Find open Powersupply connection and connect it to back of PIX 501 power card, since this will provide power for firewall.
12. Put side panel back on whitebox.
13. Install the firewall below the rack. We have to mount it to the rack the whitebox sits on. These are racked underneath the rack for each whitebox server. We use zip ties to hold it to the rack in place.
14. Put server back on rack.
15. Plug in power and network connections.
16. Connect console to server and verify server boots up fine.
17. Log in at console and verify it can ping NAT Gateway IP(192.168.100.1)
18. Verify if server can pint out to google or some other site
19. If we are unable to ping out or ping gateway IP, we will have to double check network connections and work with NetSec to resolve issues. This could be port speed issue since the PIX 501 firewalls require the port speed to be at 10Mb.
20. If server is pinging out fine, DCOPS will come back into DCOPS room and verify we can get to server remotely.
21. If server is not remotely accessible, we will have to go back to console and see if they are running any firewall software that is preventing access or if port RDP is using is changed.
21. Change status of server to online complete.
22. Send Public comment stating server is back online.
23. Close ticket.
24. Route Contract Received ticket for firewall over to Network Security to have them online firewall.
Downtime was necessary to install PIX 501 power card since the firewall gets power through this card.
2) How 1 hour downtime goes together with "Zero downtime" RackSpace slogan? Zero downtime means that your network will be up 100% of the time. However when upgrading your configuration (adding a firewall) there needs to be a certain amount of downtime in order to add this firewall to your configuration. Whenever a hardware upgrade is made there will be hardware downtime involved. The amount of time will vary depending on the hardware upgrade.
3) Why the length of downtime was communicated to me only at the beginning of downtime, and not some time prior to that? As we spoke about over the phone today I apologized for XXX not conveying the amount of downtime you will have during this maintenance. I have already spoken with him about this and moving forward if there are any maintenances that need to take place on your account your new Account Manager YYY and XXX will make sure and go into exact detail about the amount of downtime you should expect. Consider this mis-communication taken care of from now on.
=======
Is it really necessary to shut down production server just to plug Hardware Firewall power?
View 14 Replies
ADVERTISEMENT
Oct 3, 2009
Today, The Cloudlayer Instance we are having with Softlayer has faced a major downtime. At the time of writing this post, the service is down (5.30 hour already).
The support staff hasn't provided much information about the reason for downtime.
They say, the power failed in server room #5 for Dallas. The power was restored soon, but i don't see the CloudLayer Instance coming up even after 5 hours.
Having account with Softlayer for more than 2.5 years, i have been very happy with their team and their network, but more than 5 hour downtime and still the support not offering any ETA, is making me think of shifting to some other provider.
I am not much aware of Cloud Computing Instances and how much time they would need to come back online. But, i don't think it should take so much of time.
I am still waiting for the service to be restored. I guess some other members on WHT may have also faced the trouble today.
View 14 Replies
View Related
Jun 24, 2013
It looks like a change was made to the firewall settings (I think this was done by .net microsoft patch).I have manually added mysql-nt to the firewall ruleset, and this has allowed MySql to talk to the application. (Wordpress websites are now working)I still get the same error when i try to log in to the control panel.
ERROR: PleskMainDBException
MySQL server has gone away
0: common_func.php3:637
reconnect()
1: common_func.php3:600
db_connect()
2: auth.php3:134
Is there a list of firewall rules that need to be in place to allow Plesk to work?
View 6 Replies
View Related
Dec 17, 2008
Do you recommend a software firewall when behind a hardware firewall?
All of our servers are behind Cisco ASA 5505 firewalls which we rent from Liquidweb. All are being managed correctly and setup to there optimal levels. With hardware firewalls firmly in place, do you still recommend a software firewall such as APF or IPTables (we're talking linux); in our opinion we see it as an extra administration overhead. If this is however untrue, we will change out thinking.
View 3 Replies
View Related
Dec 26, 2008
I have Python on my server and it is using the most CPU and Memory on my server than any other process. I don't believe any of my clients use it so I am planning to delete it.
I am just wondering, does CentOS 5.2 (With cPanel) require Python, or is it not required so I can delete it without any problems caused?
View 14 Replies
View Related
Jan 25, 2007
I have folders / files on my website that I want people to be able to access, but when I try to access them via a browser I get a login prompt, "Your not welcomed here", and a 401 Authorization Required page. How can I make it (using SSH or FTP) so that these files are viewable from the browser? My server is running Fedora.
View 7 Replies
View Related
Nov 3, 2007
I moved a web site i developed from shared hosting at fasthosts due to performance issues and beacause I needed a more flexible platform.
I decided to go with webfusion as i'd seen them in the press everywhere.
Everything was working fine and performance was good - however the emails sent from the site (worked fine on shared hosting)- using php mail bounced. was getting ...
<sal@goldplateuk.com>:
213.171.216.118 does not like recipient.
Remote host said: 550 <anonymous@lvps212-241-216-214.vps.webfusion.co.uk>:
Sender address rejected: Domain not found
Giving up on 213.171.216.118.
However - sending to a hotmail address would work.
I referred to support - first line said they'd have to talk to second line support and get back to me.
Eventually - they called back and basically said everything looks ok on the server - they don't know why it's happening - do some analysis of your own - go on google.
Generally support isn't too hot - 2 days for a reply on a ticket. To cut a long story short -
does anyone know of a VPS host who would know what was wrong and would be able to help someone who is new to the VPS scene as i need to move host fast as the customer wants this resolved asap.
£25/month top budget.
View 3 Replies
View Related
Aug 1, 2008
I'm having some serious issues.. I moved to a new dedicated server company and found out that the IP block I was on was blacklisted with 5 anti-spam lists.
However, the company is great and they have managed to get the IP block out of every single black list.
However, I am still having issues. My server does not seem to be listed on any blacklists but emails sent out to various places, get bounced back with the following types of errors.
Any suggestions or advice? Any server administrators who think they can fix this? Please PM me with your quote.
Code:
SMTP error from remote mail server after initial connection:
host umip1.um.edu.my [202.185.111.224]: 554 umip1.um.edu.my
Code:
SMTP error from remote mail server after initial connection:
host mailfilter.hi-light.com.tw [210.71.187.212]:
554-IP650-02.hibox.hinet.net
554 Your access to this mail system has been rejected due to the
sending MTA's poor reputation.
Code:
SMTP error from remote mail server after initial connection:
host gateway.kaf.com.my [203.109.48.229]: 554-gateway.kaf.com.my
554 Connections from your server *ip removed* are being refused due to poor reputation.
View 5 Replies
View Related
Apr 11, 2008
i have a bunch of rewrite rules that work fine on my dev server but when i upload to production server they dont work. is a restart of apache required?
im on a dedicated box so this shouldnt be a problem, but how do people on shared accounts do this then?
View 1 Replies
View Related
Jul 11, 2007
I am using CentOS release 4.4 (Final) with Plesk 8 Hosting Control Panel. I want to install MTOP for MySQL monitoring which requires Curses.
[root@cll mtop-0.6.6]# perl Makefile.PL
Warning: prerequisite Curses 0 not found.
Writing Makefile for mtop
I need Curses rpm for CentOS 4.4, please give me that rpm so I can proceed next.
I also need Term::ReadKey 2.1 rpm for CENTOS4.4
View 2 Replies
View Related
Jun 13, 2008
I've found a dedicated server at a great price and plan to stick with it, my first ( already have 2 vps accounts ). I don't have the money for a hardware firewall. However, I do have a chance to renew a Kerio WinRoute Firewall license from way back.
Does anyone think this would be better than the default windows 2003 firewall?
View 1 Replies
View Related
Nov 5, 2009
With new installation of WordPress, I started Permalinks as "/%year%/%monthnum%/%day%/%postname%/", but now I've decided to change it to "/%postname%/"
Existing URLs
Code:
[url]
New URLs
Code:
[url]
but I don't want to break existing URL, so I decided to have a new rule defined to do this, here is how my .htaccess currently look...
Code:
RewriteEngine On
RewriteBase /
RewriteRule ^([0-9])/([0-9])/([0-9])/([0-9a-zA-Z-]+/)$ /$4 [R]
#uploaded files
RewriteRule ^(.*/)?files/$ index.php [L]
RewriteCond %{REQUEST_URI} !.*wp-content/plugins.*
RewriteRule ^(.*/)?files/(.*) wp-content/blogs.php?file=$2 [L]
View 1 Replies
View Related
Jul 27, 2009
We are an established owner of three data centres outside of London. We are looking at either a half or full lockable rack in either Global Switch 1 or 2 (ideally with 24/7 managed hands) in order to terminate a backhaul circuit there.
We are also interested in a similar arrangement in TH-E.
We only require around 2 amps as the space will only house an edge router and switch for inter/cross connects.
View 9 Replies
View Related
Oct 24, 2008
Due to problems with our current hosting company we are desperate to move our site to a dedicated server.
I am a UK based company with a .co.uk website.
Can anyone recommend a company?
How long does the change over take?
How much down time can I expect during the change over period?
View 11 Replies
View Related
Jun 13, 2008
I require a VPS system for my main dedicated (Softlayer, 4GB ram - to become 8gb ram after implementation, Dual Xeon 4 CPU).
I need to decide whether to use HyperVM (Lxlabs) or some other sort of system (Not Viruozzo had a bad experience with them a few months ago). I want something good and easy setup and efficient. I don't require EYE-CANDY.
I need to know what you recommend and what is easy to setup. I could also pay a third party organization for setting it up (if they have the knack for it and experience).
I would like to know everyone's experience (hosts and users) on what they like or prefer (except Virtuozzo/Parallel which I wont even consider anymore).
Also my main server has CPanel with around 100 web sites already on. Can I install hypervm or such on the existing server or do I need a fresh server for the same. The VPS accounts based on hypervm or such will end up having cpanel vps licensing anyhow since I am pro-CPanel (anti Parallel) (No plesk)
View 2 Replies
View Related
Jul 25, 2008
Wondering anyone can share experience of best email hosting provider?
current our website sends around 500 email per day (user rego, password, invoice etc) and we use google apps, but it is very unreliable and often blocked by hotmail.
our requirements will be
- high throughput for smtp outgoing
- US based, ideally TX based
- support alias
we do NOT need thousands account, around 15 will be enough,
View 3 Replies
View Related
Aug 4, 2007
My current host has just shafted me by discontinuing PDO_MYSQL support on my setup without warning (my sites now don't work and they won't do anything to rectify it).
I found another host and asked sales about the PHP version and whether PDO_MYSQL was available and was given mis-information, so I'm now cancelling the service I signed up for this morning.
I need:
PDO_MYSQL (most people only support PDO with sqllite!).
PHP 5.2*+
Ability to install pear modules.
View 5 Replies
View Related
Oct 30, 2007
Ive been searching around recently for a webhost to setup my online development area. The following are my requirements, so if you could point me in the right direction i would be extremly grateful!
Windows Hosting (durr! at least 2 gig space/50 gig bw).
ASP.NET 2.0 & AJAX 1.0 (3.5 would be even better, but i can wait until it comes out of BETA).
SQL 2000/2005 (I will need upto 10 databases, but none of these stupid 100mb database limits. I would prefer if space as taken out of my web space.
ISAPI_REWRITE module (i like to make pretty urls!).
I would prefer UK based servers, but i'll make do with US.
View 11 Replies
View Related
Sep 5, 2007
What is a good setting per user:
MAX_QUERIES_PER_HOUR count
MAX_UPDATES_PER_HOUR count
MAX_CONNECTIONS_PER_HOUR count
to avoid users hogging MYSQL 4.1
View 1 Replies
View Related
May 16, 2007
I have a P4 2.8GHz Linux box with a Gig of RAM. How many emails per hour could I expect that this server can handle per hour? I would of course want that the server has enough horse power to handle visitors to the web sites.
This is sort of a followup to a previous thread that I started concerning the limit on # of emails per domain per hour. The box came with a [cPanel] default of 500 per hour. Can I expect for my server to be able to handle more than that? 1000? 2000? 10,000? Do I need a more powerful server? I hope not - I just don't have the budget.
[ FYI - The emails are legitimate and not spam. I am sending out email reminders of personal events and holidays to subscribers that enable this option. ]
View 3 Replies
View Related
Jul 2, 2008
I am having a hard time tracking this down. Its a Cpanel/WHM server; 64 bit; Centos 5.2 server
In easyapache i have selected imap to be compiled in...
Problem:
When logging into Horde it get the following
A fatal error has occurred
Auth_imap: Required IMAP extension not found.
Details have been logged for the administrator.
php -m | grep imap
Shows nothing loaded. I am completely stumped with this, can anyone help ?
Also its not just Horde, but any PHP code using imap, its almost as if its not compiled in at all.
View 2 Replies
View Related
Apr 5, 2008
We have installed ruby on rails on our server.
root@Server [~]# gem list |grep mysql
mysql (2.7, 2.6)
But when we try to connect it still says "mysql required".
View 1 Replies
View Related
Jun 3, 2008
Does anyone have any recommendations for a company that could provide a reasonably priced, reliable, unmanaged server for me somewhere in western europe?
I'll need a reasonable amount of bandwidth, so this is a consideration.
I'm based in the UK, but willing to look at other, more digitally enlightened countries nearby (Norway, Finland, France, Germany, etc) to get a better price since servers are very expensive here.
The server be hosting a big AJAX application so latency is a consideration also.
View 4 Replies
View Related
Jun 9, 2008
I was checking out the switch products from Cisco and I noticed that there is quite a few products that been discounted, and I am trying to find correct switches that does traffic shaping on port for inbound and outbound.
I preferred they are 48 ports with 2 Gigabit uplinks, with Enterprise L3 image and it is little difficult to find the correct older models that is being sold on ebay to pick up the correct one.
I am also open to Extreme and Foundry switches as well, but I rather like to stick to one type for deployment, since I am working on the plan to deploy 2 core switches which all edge switches will hook into it.
View 9 Replies
View Related
Aug 11, 2007
I have placed a Content Management System on an Apache server using Cpanel and when I try to install I get messages about folders and files needing permission changes, then after installation some modules won't work because of wrong permissions. The solution to make everything work is to set all folders and files to 0777 but then that would just open up to insecurity. Also I can't set files to 0444 using an FTP client. It can only be done via Cpanel's file manager.
I install the same CMS on another hosting service with the same Apache/Cpanel config and it does not require any CHMOD. The app installs without errors and functions correctly with folders at 0755 and files at 0644.
It seems most shared hosting nowadays work as the latter statement so what could be the cause why the other hosting server require all the permission changes?
View 4 Replies
View Related
Apr 8, 2009
Does anyone know of any pay-per-hour VPS/Cloud/Grid/Utility/whatever other buzzword services that accept PayPal, since I can't seem to find any around.
View 14 Replies
View Related
Jul 29, 2009
On an cPanel + RHEL 5.3 box at WHM - Tweak Settings, I activated "The maximum each domain can send out per hour (0 is unlimited)" and set that value to "300".
But, it seems that this limit is only if the user is sending using webmail or an email client, right now a joomla website is sending much more than 300 mails per hour, but it's using php to send the mails.
My question, how can I limit emails per hour on each domain while sending from php?
Code:
29457 username 20 0 29724 13m 5848 R 10.2 0.2 0:00.10 /usr/bin/php /home/username/public_html/index.php
View 7 Replies
View Related
Apr 18, 2009
I have take some weeks ago a VPS with 40 giga space and 386mb dedicated ram and all is managed with WHM/Cpanel. I need to know how I must set the limit of sending email per hours...In fact I see all hosting company limit that to more less 500 email per hour. I know this limit depend of lot factor like number of account on server and activity or users...
I ask that because my users will have Joomla installed with a Newletter component and so something this component will be used for send monthly newletter...
Do you have some experience with that ? How have you set your email limit? How much users have you on your server?
Other question: If for example I set limit to 500 email per hours and a user send 1000 email...what happend to the 500 other email? It will be put on queue and send the next hours or it will be lost?
View 10 Replies
View Related
Jul 21, 2008
How would I go about backing up MySQL databases every hour or 2?
I think I read somewhere you shouldn't do a direct rsync as the tables would not be locked or something like that.
View 10 Replies
View Related
Jan 6, 2008
I'm getting literally about 100 of these per hour easy in whm > mail queue! Where is it coming from and how do I stop this?
1JBOml-0008CW-Fz-H
mailnull 47 12
<>
1199600103 0
-ident mailnull
-received_protocol local
-body_linecount 33
-max_received_linelength 115
-allow_unqualified_recipient
-allow_unqualified_sender
-localerror
XX
1
root@server.domain.com
154P Received: from mailnull by server.domain.com with local (Exim 4.68)
id 1JBOml-0008CW-Fz
for root@server.domain.com; Sun, 06 Jan 2008 00:15:03 -0600
038 X-Failed-Recipients: admin@domain.com
029 Auto-Submitted: auto-replied
063F From: Mail Delivery System <Mailer-Daemon@server.domain.com>
029T To: root@server.domain.com
059 Subject: Mail delivery failed: returning message to sender
052I Message-Id: <E1JBOml-0008CW-Fz@server.domain.com>
038 Date: Sun, 06 Jan 2008 00:15:03 -0600
1JBOml-0008CW-Fz-D
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
admin@domain.com
SMTP error from remote mail server after RCPT TO:<admin@domain.com>:
host sentry.domainbank.com [64.85.73.28]: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
------ This is a copy of the message, including all the headers. ------
Return-path: <root@server.domain.com>
Received: from root by server.domain.com with local (Exim 4.68)
(envelope-from <root@server.domain.com>)
id 1JBOmk-0008CJ-To
for admin@domain.com; Sun, 06 Jan 2008 00:15:02 -0600
To: admin@domain.com
Subject: Services(2) failed
From: monitor@domain.com
Message-Id: <E1JBOmk-0008CJ-To@server.domain.com>
Date: Sun, 06 Jan 2008 00:15:02 -0600
Address:domain.com
Following services are down:
SSH(22)
MySQL(3306)
View 5 Replies
View Related