Go Back   MacRumors Forums > Apple Systems and Services > OS X > Mac OS X Server, Xserve, and Networking

Reply
 
Thread Tools Search this Thread Display Modes
Old Jul 12, 2011, 09:47 AM   #1
learningapple
macrumors newbie
 
Join Date: Jul 2011
Why is the recommended network setup ISP -> Snow Leopard Server -> Switch -> 5 iMacs?

We have the internet service provider connected to a switch, and the switch has Snow Leopard Server and 5 iMacs connected to it. (ISP -> Switch -> Snow Leopard Server, 5 iMacs)

Why is the recommended network setup for Snow Leopard Server as follows ISP -> Snow Leopard Server -> Switch -> 5 iMacs?
learningapple is offline   0 Reply With Quote
Old Jul 12, 2011, 10:56 AM   #2
hwojtek
macrumors 6502a
 
Join Date: Jan 2008
Location: A small rural village in western Poland
It is not. The recommended and only reasonably possible setup would be ISP -> Router -> whatever number of computers, including the one running OS X Server. If you think there is a reason to do it in a different order, feel free to share the reasoning behind this idea.
I think you are about to break ballistic through the spam threshold. Or you just need to back to some very basics.
__________________
Wojtek
More Macs than I can count, really. Like 20 or so...

Last edited by hwojtek; Jul 12, 2011 at 11:04 AM.
hwojtek is offline   0 Reply With Quote
Old Jul 12, 2011, 05:07 PM   #3
learningapple
Thread Starter
macrumors newbie
 
Join Date: Jul 2011
@hwojtek

I should have had it ISP -> Router -> OX Server -> Switch -> 5 iMacs

Sorry, new to this and trying to figure out what I am doing.
Attached Thumbnails
Click image for larger version

Name:	server-essentials.png
Views:	168
Size:	70.1 KB
ID:	293466  
learningapple is offline   0 Reply With Quote
Old Jul 12, 2011, 05:53 PM   #4
Alrescha
macrumors 65816
 
Join Date: Jan 2008
Location: Boston, MA
You got that box because your Mac has two active network interfaces, and so OS X Server gives you the option of configuring your machine as a gateway. It's not necessarily 'recommended', and if you did not have two active interfaces, you would never have seen it.

A.
Alrescha is offline   0 Reply With Quote
Old Jul 13, 2011, 09:05 AM   #5
dark knight
macrumors regular
 
Join Date: Oct 2008
Quote:
Originally Posted by learningapple View Post
@hwojtek

I should have had it ISP -> Router -> OX Server -> Switch -> 5 iMacs

Sorry, new to this and trying to figure out what I am doing.
basically your question is 'what is the advantage of using the server as an internet gateway for the other imacs (rather than them just connecting to the router themselves).

i would be interested in possible answers to this too. as far as i can tell your can instruct the server to allow/deny certain services, websites etc for the other computers. again, not sure of uses beyond this.
dark knight is offline   0 Reply With Quote
Old Jul 14, 2011, 01:30 PM   #6
jtara
macrumors 65816
 
Join Date: Mar 2009
Quote:
Originally Posted by dark knight View Post
basically your question is 'what is the advantage of using the server as an internet gateway for the other imacs (rather than them just connecting to the router themselves).
The advantage is that the server is a larger, faster, more powerful router than your router.

Popular open-source replacement router firmware allows you to install just about any Linux application on your router. However, it'll still be running on a slow computer with very limited memory.

There's a wide range of useful software either included with OSX Server or that can be installed that is useful in a routing scenario. More sophisticated firewalls, VPN, etc. etc.
jtara is offline   1 Reply With Quote
Old Jul 14, 2011, 03:29 PM   #7
Consultant
macrumors G5
 
Consultant's Avatar
 
Join Date: Jun 2007
How many IP do you have?
Do you already have a router?
Consultant is offline   0 Reply With Quote
Old Jul 18, 2011, 07:02 PM   #8
hwojtek
macrumors 6502a
 
Join Date: Jan 2008
Location: A small rural village in western Poland
Quote:
Originally Posted by jtara View Post
The advantage is that the server is a larger, faster, more powerful router than your router.

Popular open-source replacement router firmware allows you to install just about any Linux application on your router. However, it'll still be running on a slow computer with very limited memory.

There's a wide range of useful software either included with OSX Server or that can be installed that is useful in a routing scenario. More sophisticated firewalls, VPN, etc. etc.
Only recommended if you have a separate machine running as a router/firewall. Crashing a server with a DoS attack is still quite simple and if the gateway machine is a production server with some other services like even a trivial file server, such an attack can lead to major losses. Imagine a small company running a shared volume on the gateway for Adobe Creative Suite files. Or using the powerful Mac Pro gateway as a file server for FCP projects (hey, we want our ROI quick, so let the expensive computer do as much work as possible). Once the network stack is killed by some idiot DoS-ing the server for no reason apart from it being there, the workstations have no connection to the file server and everything f@#$ up instantly.
That said, using a Mac Pro as a $2000 gateway is a bit over the top. For that kind of money one can buy a standalone router powerful enough to handle thousands of users with a proper firewall.
Also, replacing he el cheapo $150 router or even having a spare one with the very same config as the regular one is cheaper and a much more sensible approach. In network security it's not the size of the weapon you are using that is important - but the time your network is down due to an attack. When using a simple, easily replaceable router, you can be back online within minutes and if the network is properly set up (which would be ISP -> router/firewall -> switch -> internal network including servers) the internal network activity is not disrupted even if you physically destroy the router with an axe.
__________________
Wojtek
More Macs than I can count, really. Like 20 or so...

Last edited by hwojtek; Jul 18, 2011 at 07:09 PM.
hwojtek is offline   0 Reply With Quote
Old Jul 19, 2011, 02:10 AM   #9
dark knight
macrumors regular
 
Join Date: Oct 2008
Quote:
Originally Posted by hwojtek View Post
When using a simple, easily replaceable router, you can be back online within minutes and if the network is properly set up (which would be ISP -> router/firewall -> switch -> internal network including servers) the internal network activity is not disrupted even if you physically destroy the router with an axe.
thanks for the info, very interesting. if the ISP distributed router has 4 ethernet ports would you still put the network switch in the path? (assuming 4 clients). any advantages?

also, if you do not have something constantly (like a 24/7 server) connected to the router does this in anyway contribute to what my ISP have called 'stale sessions' occurring? my home setup has a time capsule permanently connected to the router and never has a problem. the business setup turns all machines off at night and quite often the internet gets screwed by the morning. ISP describes a 'stale session' has occurred. i assumed the router gets board all alone.
dark knight is offline   0 Reply With Quote
Old Jul 19, 2011, 11:22 AM   #10
hwojtek
macrumors 6502a
 
Join Date: Jan 2008
Location: A small rural village in western Poland
I would include a switch (not a hub), as your internal IP routing (and network as a whole) would still work even if the ISP-provided router would be switched off completely. And even if the IP fails, the zeroconf functionality of the OS X will keep the internal computers connected.
Putting all the communication with the internet into a single ethernet cable between the switch and the router is not a problem. I am sure you do not have a 1 Gbit ISP connection I have exactly this setup done with a WRT54G router running DDWRT and a couple of Airport Extreme Base Stations acting as bridges and access points only (with routing disabled).

The stale session can be a problem easily remedied with a cron script pinging a random site (google.com or apple.com being a good example) every hour or so. It will just keep the connection alive at night.
AFAIr the DDWRT firmware for Cisco/Linksys WRT54G is able to do it out of the box.
__________________
Wojtek
More Macs than I can count, really. Like 20 or so...
hwojtek is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Systems and Services > OS X > Mac OS X Server, Xserve, and Networking

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
MacMini Server Network Setup KillaSin Mac mini 2 May 29, 2014 12:34 PM
Snow Leopard Server VS. OS X Server 10.8 Jaggions Mac OS X Server, Xserve, and Networking 7 Sep 20, 2013 12:33 PM
Anyone upgrade from Snow Leopard Server to Mountain Lion + Server.app? talmy Mac OS X Server, Xserve, and Networking 13 Jul 14, 2013 11:22 AM
Mass Home Server/Network Setup w/ OS X Server WAM2 Mac OS X Server, Xserve, and Networking 1 Jun 29, 2013 09:18 AM
Just looking at the performance, Snow Leopard server or Mountain Lion server? bl00dyg33k Mac OS X Server, Xserve, and Networking 0 Aug 23, 2012 07:55 AM

Forum Jump

All times are GMT -5. The time now is 06:03 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC