BCD 1 Report post Posted December 22, 2010 (edited) We have a website running just fine. There is a database intensive application on the website, which does a couple of joins across various tables with around a million tuples. After this heavy processing initiated by the script, the output is only a few kilobytes.Since, getting a dedicated server for the database would be expensive, I am considering hosting it locally in-house on AMD quad core's. The basic amenities are well and good except for the bandwidth. The maximum data outbound is around 512Kbps - 1 Mbps. I would like to know from experienced people in server management, whether it would be feasible to opt such kind of in-house hosting for database? A couple of things to take note of:1) This database is not the main database of the website. So, in case of network issues the main website is not affected. Appropriate message is shown by the application script about the unavailability of the database.2) So we can afford some occasional minor disconnections between the website and MySQL server.3) Each query would produce around 50 Kilobytes of outbound data.4) Around 100 users at any given time.What I would like to know is, if there are any apparent issues observed while hosting this way. Edited December 22, 2010 by BCD (see edit history) Share this post Link to post Share on other sites
Iniyila 2 Report post Posted December 22, 2010 is the 512kbps your upload speed? if it is then it should be enough for your script to run. i haven't understood your number 4 note, are you meaning that 100 users will request at the same time? then the output will be 5mB so it takes about 80 seconds till the last requested person receives it's response so even with 100 requests at the same time the last person only waits for a minute and half so it is not a big problem. but i think the problem is the security, if you use your computer as a mysql server then it would be easier to inject your database than secured severs because some part of security depends on your isp firewalls and equipments. Share this post Link to post Share on other sites
BCD 1 Report post Posted December 22, 2010 is the 512kbps your upload speed?YesLet me make it a bit clear, there would be around 100 users using this particular application. This would not necessarily mean every one of them would be querying the server every second. We can assume approximately 10 people to be querying at a time.I would really want to know about the security concerns. What does it exactly mean, that it would be "easier to inject your database"? The scripts and queries are well protected against any sql injection by query modification or lateral injection. Further, mostly we use only stored procedures. And more importantly only certain trusted users can "insert" data into the database. So whether they are executed locally or remotely, the scripts are protected by the same protections right?Except port 80 and 3306 all the ports would be blocked. Any pointers or ideas as to how exactly "ISP firewalls and equipments" divulge security of the systems? Share this post Link to post Share on other sites
Iniyila 2 Report post Posted December 23, 2010 so upload speed isn't a problem anymore. for sql injection i should say that most of hosting servers are using some type of software firewalls for protecting their sql databases like "GreenSQL" and some very rare professional hosts are using many layers of hardware firewalls for protecting their sql databases but if you can use some type of software firewalls it will be enough.about isp firewalls and security equipments: all isps have sometype of firewalls for protecting their client or servers against some type of attacks like syn flood attack if they use weak ones or none at all you are in danger. for example my isp is using cisco ASA 5500 series for protecting it's servers and clients so i have enough protection for being a host. so before you start your db server make sure your isp has at least some type of network security equipments. Share this post Link to post Share on other sites
BCD 1 Report post Posted December 23, 2010 Thanks, I will check out if I can get GreenSQL running on one of the systems. Although we have Arch Linux which GreenSQL does not officially support. About syn floods, it definitely seems like something to be looked upon before going live. How would I go about finding my ISP's firewalls and equipments. I guess I would have to call them over the phone to know them right? Or is there an easy way to find out that out ourselves? Share this post Link to post Share on other sites
Iniyila 2 Report post Posted December 23, 2010 the only free database firewall that i know is GreenSQL but you can search google to see if there is any other which supports arch linux.no i don't you can find those information yourself but i asked my isp technical support and they answered me so you can try this too. anyway knowing that some type of security exists is enough so don't ask about brand and models (because maybe they think that you are an attacker ). Share this post Link to post Share on other sites
BCD 1 Report post Posted January 4, 2011 So I am doing the tests, but again not satisfied with my ISP's internet service. Ping's are unusually high and there are lots of dropped packets. I Would try with some other ISP's over a couple of days. Share this post Link to post Share on other sites