ABOUT BENCH FORUMS PODCAST LOGIN REGISTER
PC Components
Smartphones & tablets
Systems
ENTERPRISE & IT
GUIDES
DEALS

AnandTech Hardware Upgrade - four is better than two

 by Jason Clark on August 22, 2004 12:05 AM EST
29 Comments | Add A Comment
29 Comments

Firewall

For the past few years, we've had our Windows 2000 servers sitting on the public internet. Most people would think that we're crazy, and we probably were! But, over those few years, we were only hit with 1 vulnerability (SQL Slammer). The main reasons for not implementing a firewall were cost and implementation time. With Anand in school and I, running FuseTalk, finding the time to implement was a challenge. So, after 4-5 years of hanging our network out there, we decided to protect the network with a firewall.

We spent a few weeks researching and pricing the various solutions for a network of our size. In the end, we chose a Netscreen 25 from Netscreen Technologies (recently acquired by Juniper Networks). The Netscreen 25 met our current needs with room to grow. The first thing that we had to look at was sessions, as most of the products out there are based on the number of simultaneous sessions that they will serve. The Netscreen 25 serves 16,000 simultaneous sessions and 4,000 new sessions per second. We serve anywhere from 3000 to 6000 simultaneous sessions, depending on the day. Throughput is probably secondary, since most of the firewalls in this range will handle more throughput than required. The Netscreen 25 is no exception, as it handles 100Mbit/sec of firewall throughput; we burst at 41Mbit/sec, depending on the day.




Conclusion

Overall, the upgrade went quite well. There were no major issues at all (unlike some of our previous upgrades). There was about a 3-hour outage while the work was being done, and a slight slowdown while we forced 100MB Full duplex on the Netscreen, as the Cisco 2948L3 that we use requires 100MB Full duplex to be forced or it starts to produce frame errors all over the place. Our next major change is upgrading the forums to the new FuseTalk .NET forum software, since we've had a few "issues" with ColdFusion under load on the forums recently. On the hardware side of things, we'll probably start looking at 64bit once the Windows 64bit platform is released. For now, we have a lot of headroom and a stable, secure and robust infrastructure.

Storage Requirements
PRINT THIS ARTICLE
Comments Locked

29 Comments

View All Comments

  • JasonClark - Sunday, August 22, 2004 - link

    #15, we used a quad opteron from the last review we did, http://www.anandtech.com/IT/showdoc.aspx?i=1935&am... Tyan also has a board out now, which is supposed to be decent.

    #16, tens of millions ;) Funny enough the most popular searched word on the main website is ASUS. Last month there were around 300,000 searches.

  • bobbozzo - Sunday, August 22, 2004 - link

    Hi, How many Page Views does AnandTech get each month?

    How many searches do your users do?

    Thanks!

  • kaborka - Sunday, August 22, 2004 - link

    The article identified the CSI Designs RMHR 9000 case for the RAID array, but I didn't see which case and motherboard you picked for the computer. Did I miss this? We need to build a similar rig at work, and I'd like to know.

  • JasonClark - Sunday, August 22, 2004 - link

    #5, Yep windows 2003 enterprise 32 bit, 64 bit is still beta. Yes it supports 8GB of memory, it supports a maximum of 32GB of memory. SQL uses the AWE (Address Windowing Extensions) extensions to access all 8GB. It cost a fair bit, that's for sure. But, it was necessary, especially the firewall.

    #9, RAID 10 is faster, and is just as reliable. It is just more expensive as you get less space due to the mirror. Parity checks are expensive on databases, you would need a very expensive raid card to get close to RAID 10 performance.

    #13, you betcha, we're tired of it as well. It won't be long now at all, we're talking weeks or less.

  • nourdmrolNMT1 - Sunday, August 22, 2004 - link

    " since we've had a few "issues" with ColdFusion under load on the forums recently."

    JRUN JRUN, RUN J RUN!!!!!!!!!!!!! YAY FINALLY!!!

    MIKE

  • DeeSlanger - Sunday, August 22, 2004 - link

    Nice, lil tech tidbit for a Sunday read.

  • Filibuster - Sunday, August 22, 2004 - link

    Dopefiend,

    Raid 10 is just as reliable as Raid 5 but is not impeded by write performance because there is no parity to compute during writing.
    It is 2 sets of 4 drives in a mirror.

    In Raid 5 you'd have 8 drives and if _any_ two go out your array is dead, plus writes will be slower. If one drive goes out the performance will be even worse while it is not in service and during rebuilding.

    In Raid 10 with 8 drives you could potentially lose up to 4 drives and still be ok, depending on which 4 they are, and writes will be signigicantly faster (and the controller doesn't have to be as expensive). The only time a 2 drive failure will lose the array is if they are the same pair of drives in the mirror. If you lose a drive your performance will not suffer either except during rebuilding, which again, does not require calculating parity to do it so even this will be faster.

  • DopeFiend - Sunday, August 22, 2004 - link

    #1: That appears to be a buffer expansion slot for an onboard RAID controller. I've seen them before at work with the rackmounts we make, but I'm not entirely sure why it's an SDR slot!

  • DopeFiend - Sunday, August 22, 2004 - link

    (oops, blank post above).

    Why RAID-10 and not RAID-5? I can understand the need for performance, but surely RAID-5 would make more sense from a reliability standpoint?

  • DopeFiend - Sunday, August 22, 2004 - link

Copyright © 2024. All rights reserved.
BENCH
TOPICS
FOLLOW
ABOUT

Log in

Don't have an account? Sign up now