Network Layouts
This chapter discusses the configuration of your network. It describes the hardware you will need for an effective traffic-managed server farm, and the DNS and IP address layout.
Essentials of Network Configuration
The components of a basic traffic-managed server farm are:
•One or more front-end machines running the Traffic Manager software
•A number of back-end servers (such as web or mail servers)
The front-end machines must be able to receive traffic from the Internet (or where the remote clients are located). They must also be able to contact the back-end machines.
The back-end servers will usually be visible only from an internal network. The front-end machines do not need to route traffic between the Internet and the back-end machines.
The Traffic Manager software is commonly deployed on a multi-homed machine. One network interface card is visible to the Internet; one or more network interface cards are exposed to the internal private networks where the back-end servers reside. It is also easy to configure a Traffic Manager on a machine with a single network card (this is common in an evaluation or testing environment), where a Traffic Manager can contact both the clients and the servers.
A fully fault-tolerant set-up will contain two or more front ends and several back-end servers. If any one machine fails, the Traffic Manager’s failover capability ensures that requests are routed to other machines, ensuring there is no single point of failure in the system.
Some product versions are restricted to just a cluster size of two Traffic Manager machines. Larger cluster sizes can be used with a software key upgrade.
If hardware availability is limited, fewer servers can be used. In the minimal case, it is possible to install the traffic management software and an Internet service on the same machine. This is not recommended, as it reduces the usefulness of the product and the ability to provide fault tolerance in the event of a hardware failure. It may, however, be useful for evaluation or demonstration purposes.
The Traffic Manager can be used in conjunction with a stand-alone firewall. In this scenario, your Traffic Managers should be visible from both the Internet and your internal network. Ivanti recommends you place your Traffic Managers in the applicable DMZ.
System Security discusses the security aspects of network setup in more detail. Ivanti advises you to read that chapter before setting up live services.