SitePoint Sponsor

User Tag List

Results 1 to 10 of 10
  1. #1
    SitePoint Member
    Join Date
    May 2004
    Posts
    16
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Quick advice on SQL server hosting

    Hi,

    Is it normal/acceptable to have a SQL server for a web application hosted with one company and the website server hosted with another?

    This looks like the situation I'm getting into, and I want to know if it's the done thing, or do you normally have to have them hosted by the same company?

    I guess it's a question of performance - in this case I think the firewall is okay so that shouldn't be a problem.

    Any advice greatly appreciated. Thanks

  2. #2
    SitePoint Guru MikeBigg's Avatar
    Join Date
    Jun 2004
    Location
    Reading, UK
    Posts
    970
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I don't think that is normal, but it is acceptable.

    It is a good idea to separate the web server and SQL server for security, scaleability and performance, but it is then usual to thave the servers connected together via 10/100/1000 ethernet for speed.

    As you suggest, data transfer speed is the key on this one. It will be slower than a closer connection, but that may be ok for your application.

    Security needn't be a problem if it is done properly.

    Mike

  3. #3
    SitePoint Guru asterix's Avatar
    Join Date
    Jun 2003
    Posts
    847
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by MikeBigg
    As you suggest, data transfer speed is the key on this one. It will be slower than a closer connection, but that may be ok for your application.
    It is not bandwidth which is important, it is latency. In a local area network you will typically have a latency of under 5ms, if you are going through a VPN WAN to WAN you are looking at likely latencies of 100 - 400 ms. This is likely to be totally unacceptable.

    Quote Originally Posted by MikeBigg
    Security needn't be a problem if it is done properly.
    What advice do you suggest for doing security properly?

  4. #4
    Afrika
    Join Date
    Jul 2004
    Location
    Nigeria
    Posts
    1,737
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    whats wrong in having he same company host both ?

    I really dont see anything wrong. If well implemented.

  5. #5
    SitePoint Guru asterix's Avatar
    Join Date
    Jun 2003
    Posts
    847
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by afrika
    whats wrong in having he same company host both ?
    Nothing. However, the OP wants different companies hosting web and DB server, which is a very bad idea.

    Quote Originally Posted by afrika
    I really dont see anything wrong. If well implemented.
    Another one.

    "Security is not a problem if done correctly". "Separate hosters is not a problem if well implemented".

    Exactly what is meant by "if you do it properly you won't have a problem?", or are we just pointing out the obvious? In particular, how do you suggest it to be done, if it is to be done "properly"?

  6. #6
    Afrika
    Join Date
    Jul 2004
    Location
    Nigeria
    Posts
    1,737
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I really dont see the need for having them seperate.
    Advantages - none
    Disdavantages - yes

  7. #7
    SitePoint Guru MikeBigg's Avatar
    Join Date
    Jun 2004
    Location
    Reading, UK
    Posts
    970
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by afrika
    I really dont see the need for having them seperate.
    Advantages - none
    Disdavantages - yes
    The best is to have them hosted at the same place. However, sometimes we as engineers or implementers we don't get to make all the decisions. We have to play the cards we are dealt. I think the original poster is in this position.

    As far as implementing it properly ... I have not been directly involved wth a setup like this, but I have indirectly. I can't give a how-to, but understand that it can be done.

    Mike

  8. #8
    Afrika
    Join Date
    Jul 2004
    Location
    Nigeria
    Posts
    1,737
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The only way i see an advantage of hosting seperately is, when it comes to high availability , mirroring servers e.g. the likes of yahoo, then opinion sort would not be in a forum like this.

    Apart from that it would be better to host it together.

  9. #9
    SitePoint Author silver trophybronze trophy
    wwb_99's Avatar
    Join Date
    May 2003
    Location
    Washington, DC
    Posts
    10,653
    Mentioned
    4 Post(s)
    Tagged
    0 Thread(s)
    Toss in another for "this makes no goddamn sense." If they have enough networking setup to minimize latency (eg a dedicated point-to-point fiber connection) they could have bought the webserver and the sql server for less. Security-wise, there is no huge issue presuming the application is designed properly (eg not connecting as DBO) and it is over a secured connection. Of course, every secure connection carries a 10kb or so overhead. And the fact that you are connecting remotely means there is an attack vector for to exploit.

    Bottom line: Latency will be a killer. Cache the daylights out of your datasets and hope the site does not need to be to the second live & concurrent.

  10. #10
    SitePoint Guru asterix's Avatar
    Join Date
    Jun 2003
    Posts
    847
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by MikeBigg
    The best is to have them hosted at the same place. However, sometimes we as engineers or implementers we don't get to make all the decisions. We have to play the cards we are dealt. I think the original poster is in this position.
    Very true, we don't get to make all the decisions. Thank God too

    I think it is sometimes our professional duty to point out why things would be a very bad idea, and suggest suitable alternatives. If a bad decision gets taken we should try to make the most of it, or if it is really a truly bad decision we should walk away.

    I was once advising a client about his eCommerce site, and he really really wanted to have a "send this page to a friend" form. I told him 3 times about the security risks, and on the last attempt I made it clear that if he went ahead with his stupid plan then I would see my contract as having been invalidated and I would walk away from that job. It was a measure of last resort, but necessary, and it worked.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •