[nzlug] Server Consolidation

Nick Rout nick at rout.co.nz
Wed Nov 14 17:30:47 NZDT 2007 

On Wed, November 14, 2007 5:17 pm, Nevyn wrote:
> On Nov 13, 2007 7:57 PM, Dirk Pilat <pilatdirk at mac.com> wrote:
>> On Wed, 14 Nov 2007 14:28:36 +1300, Nevyn <nevynh at gmail.com> wrote:
>>
>> > I was wondering if anyone knew of a decent tutorial on running IPCop
>> > within a virtual machine on the file server so that I can reduce my
>> > electricity bill and the noise in my room and anything relating to the
>> > security of doing such a thing. I've noticed in the list of packages
>> > IPCop now has vmware-tools so I'm pretty sure it can be done securely.
>>
>>
>> I am probably going to get stoned here, but why not use OpenBSD as
>> server
>> and firewall. As far as I know, pf and NAT together with Theo's
>> clampdown
>> on unnecessary daemons should make it pretty watertight, and if you want
>> to, pkg_add will deliver all the functionality of an Ubuntu server
>>
>>
>> Dirk
>
> Very simple explanation as to why I'm not using BSD support. The
> majority of the cool kids out there seem to be using Linux which means
> if I have a question, I've got a bigger pool of people to help as well
> as there being more development aimed towards Linux. I did want to
> have a look at BSD at some stage but had a few hardware issues so gave
> up on it. I'm not sure that the advantages of BSD are worth the
> headaches that I was experiencing. Mind you, this was a couple of
> years ago when Red Hat 7.3 was my distro of choice.


Not sure how ipcop would go virtualised. I use it to provide pretty
essential services on my LAN - besides firewall/net connectivity it
provides DNS and DHCP.

Therefore its pretty well the machine that needs to be up and going first
and foremost. If it was in a virtual machine, how would the host machine
get an ip address when it boots (and the virtual machine dhcp server is
down).

As far as cutting down on power/heat/noise, the solution might be to put
ipcop on a smaller machine like a soekris box. Soekris sell 12v 1A power
supplies for all but their more powerful machines, so I guess you are not
going to use any more than 12W, probably far less.

Usual wisdom is not to run your web/ftp/mail etc server on your firewall,
so the people that suggested just using ptables on the ubuntu box are a
bit wide of the mark IMHO.

-- 
Nick Rout

More information about the NZLUG mailing list