|How do you ensure your db server is directly connected to web server?|
When you have grown to the point that you need a dedicated db server, you want to make sure you have a crossover cable connecting your web server to your database server. I'm getting ready to upgrade servers and want to avoid problems I've had in the past. W/ a *nix environment, what steps would you take to verify for yourself that you've got both machines connected to each other on an extra interface?
I believe you need to do an ifconfig command, but how do you interpret the meaning of the results?
And I suppose you should also ping from one machine to the other? But what response time proves the cable is directly connected?
Connect the DB server ONLY to your web server. If you can ping it, then it's definitely directly connected.
Otherwise, there's the traceroute command.
I forgot to mention, the whole point of this is because you can't always trust the hosting company...if it was in my house it wouldn't be a problem ;)
I couldn't ask them to only hook up to the webserver because I needed to ssh into the db server and manage it...
I've been paying $25 a month once and found out it wasn't connected the whole time even though I bugged them like crazy.
If you do a tracert, then it should just show two machines, correct?
You can use the command /sbin/route -e at the shell command line of your webserver. It gives the current routing table.
Each line gives a serie of IP addresses and via which IP gateway and ethernet interface they are routed. The Iface column tells you which physical interfase is used for the IP address range. Destination default or 0.0.0.0 is where your internet connection is. Most of the time this one is tied to the first available ethernet interface, i.e. eth0. The IP address range of your database server should be on another physical interface, probably eth1.
If the internet and the dbserver are both on eth0, all your database traffic to and from the webserver is routed via the default routers of your ISP, and not via a dedicated switch or cross-over cable.
Thanks, so the IP RANGE, not the ip itself would be on eth1, correct?
I asked them to make it a NAT address, meaning, e.g. 192.168.0.22
and one of the lines say: 192.168.0.0
so it sounds like I'm safe here..?
It is normally an IP range, defined by the starting IP in the Destination field, and the range mask in Genmask. You can define one single IP on an interface if you use the Genmask 255.255.255.255 but this normally has no function. Using an IP range gives the possibility to add extra db servers or webservers in your small local network in the future without the need to reconfigure the routing tables.
In your situation the Genmask field probably contains 255.255.0.0, which routes the addresses 192.168.0.0 to 192.168.255.255 over interface eth1. This is safe, because this whole IP range is one of the three blocks defined as private. No single router in the internet will route traffic to this IP range.