Pablo Cababie's Blog

Hi!
This is my first post.
After a few weeks getting knowledge about the IT architecture and the company policies, I´am here writing my first post.
My first days in Southworks were great. I got home exhausted and full of new information.
The first tasks I had assigned was to provision myself the accounts, rights, hardware and software to start working.
After that, the next step was pairing on some issues I already had experience like backup policies, desktop troubleshooting and image refreshing on developers PCs.
This week we tried to simulate an scenario:
Supposing we need to re- structure the network and re build some servers and services. That means the magic word for ITs: MIGRATION.

The migration should take place in a network isolated and after testing the we will analyze the differences between the current one and measure its performance.
We have to think everything will be done again, so we should propose the best solution for us today, and how would it be.

The first important task

The first big task for me was install FreeBSD on a new server and configure it to route and work as a firewall for Internet access.
The installation process was friendly and the tools provided to configure it were easy to use (sysinstall).
However,we decided to leave the FreeBSD server and reinstall it with OpenSuSe, beacuse we read about Mono project.

Mono is an opensource project to implement .NET technologies using Linux. As we read, today it is supported only on OpenSuSe distribution.
The OpenSuse installation was like every Linux. I use to work with Fedora and Debian distros and this one is similar.
The problems appeared when I tried to execute the same commands with the same parameters as Debian for example.
They are different. The  paths for the config files too.
Configure the network and the route table have taken me more than I estimated. I could set it up, but as soon as I reboot it back to the default configuration.

OpenSuse includes a tool called Yast. Personally, I don´t like it, but using it was the only way to configure some network issues.
As soon as I could I installed the apt-get manager. Also I found helpful a toll called webmin. This tool is a web interface to manage most administrative and system issues. It is not the best tool because it si not safe. (with one login, you can manage all the services, shutdown and hack the server)
By now I allowed to access it only through the private interface, but as soon as we deploy the server in production state I will uninstall it.
The next step was setup the firewall.

It required performance, security and routing tests. The position of the rules was very important for this kind of configurations.
I implemented the rules as I though they should work and then I read them from the webmin/linux firewall interface.
Now, I need to test the server working as a gateway and start opening and “natting” the requested ports as needed.

This entry was posted on Tuesday, December 11th, 2007 at 5:32 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.