Forum Moderators: phranque
The customer had a web server and database server, with everything working fine:
Web Server -> scripting -> DB Server
<------- response
Now he wants to put a server in the middle - a Windows-based server, no less - to "hide" it from the Internet. This server is NOT a web server, and will never be. It is intended to accept data from the public web server and run scripts to interact with the database server, then send a response back to the public server:
Web Server -> forward data --> Windows Server --> scripting -> DB Server
<------- response
I understand this (can, or not?) be done with port forwarding, which I am clueless about. I'm a lowly web guy. I deal in the language of http protocol.
All I've been provided is an IP address beginning in 192, the private LAN IP of the middle-box. Of course you can't post a form to that. The networking geniuses that put this scheme together are ALSO clueless as to how it can be done and have dropped the task of "connecting" them in my lap.
The customer keeps talking with "network engineers" who tell him, sure, you can connect to the middle server, no problem. But not one of them suggests how to do this.
This is a long time acquaintance, I've avoided telling him this is a convoluted and frivolous solution when what he had originally was just fine. I'd like to do it for him but sheesh, how?
Has anyone got any resources that might expand my horizons sufficiently to help him out?
Yet he should be able to pretty much accomplish the same result by making the existing web server a firewall.
But it's really hard to tell with the limited information. I'd sit him down and ask him to explain exactly what he's trying to accomplish and why this scenario will accomplish that goal better than other scenarios.
I've found that clients will often latch onto an idea without really understanding what they think they're trying to accomplish, how they're going to go about accomplishing it, or if there are other options to do a better job. And in the end, what the person really wanted (needed) was completely different from what he thought he needed.
Search on "three tier architecture".
The middle server is normally the application server where the business logic resides.
The connection is not going to be via http, unless it is soap or rest based.
IBM has a web stack that is architected this way, as do Oracle and Microsoft.
IBM and Microsoft even let you query against mainframe legacy apps using SNA in these architectures. Slow as molasses, but that's how telco's and banks are able to let you interact with your account on the web. It is also how airlines let you interact with SABRE.
But it's really hard to tell with the limited information.
I've found that clients will often latch onto an idea without really understanding what they think they're trying to accomplish...And in the end, what the person really wanted (needed) was completely different from what he thought he needed.
Yes, that is the case here - but unfortunately two of his contractors have convinced him this is the way to go without having a clue how to actually do it. Anyone (almost) can connect two computers and ping or telnet from one to the other and say "there you go."
It should be a fun ride, if he wants to pay me to research, fine, time to learn more new stuff.
