Re: SBS guest on Virtual Server 2005 host?
- From: Doc King <DocKing@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 9 May 2006 11:19:02 -0700
Cris, SuperG, and KJ,
Thanks for the feedback. After reading up on security, I do think I could
secure the host sufficiently, however to get the most reliable system am
going to swing it over to a new phat Dell. But when I'm done, I think I'm
going to swing my home network into a Virtual Server sandbox to put through
the paces.
I have been a big fan of VMWare, Virtual PC, and now plan on leveraging
Virtual Server but as I'm sure you do- I need the most reliable solution
deployable. I believe it is only a matter of time before it is stroked out
for production use...
C
--
Chris King, DC, MVP
"kj" wrote:
Yes, they do. If the Host Server has only one NIC then any client connected.
to the same network as the NAT can bypass the SBS server and any VM guest
OS. All it has to do is be configured for the same network address as the
NAT and use the NAT as the gateway. You MUST have two physical NICs in the
host to have a VM ISA isolate non virutal workstations.
Using Enterprise Edition of Window Server 2003 and VM2005R2 the four bonus
(free) copies of Enterprise Server running as a VM host do provide
substantial cost savings. Factoring in those as $0 you've got such a case.
But all VM's are emulated and as such inheritedly are performance loosers
compared to running physical counterparts. Host OS to Guest OS network
performance in Virtual Server 2005 R2 is, well, "less than ideal".
Virtual Server 2005 R2 VM guests are limited in emulated processors (1) and
memory (3.6gb), lack 64bit guest OS, and disk IO performance isn't what
you'd expect from your typical mid market RAID controller.
VM's are ideal for lab testing, developers, server consolidation, and
probably countless cases where performance isn't as important or the
emulation overhead can be affored.
I'd only consider using it in the SBS environement for testing or Disaster
Recovery / Business Continuation.
Still, I'm a big fan of VS2005R2 and promote it often.
--
/kj
"SuperGumby [SBS MVP]" <not@xxxxxxxxxxx> wrote in message
news:u3DkjzucGHA.3952@xxxxxxxxxxxxxxxxxxxxxxx
"kj" <kj@xxxxxxxxxxx> wrote in message
news:%23zYIGfucGHA.1276@xxxxxxxxxxxxxxxxxxxxxxx
But when a physical client configures a "static" address of 192.168.33.x
they bypass ISA and all but the NAT. Also I'm quite sure the VS Server
must have a NIC with an IP.
No they don't re-read the scenario.
But with a VS server with 2 physical NICS, one the SBS virtual external
network, and another physically isolated as the SBS virtual internal
network, it works quite well. It also avoids a single NIC bandwidth
bottleneck.
I've been using this as a virtual lab for some time now, and it works
well,... for a lab.
on VS2005 R2? The flexibility, test-ability, and disaster recovery
possibilities are tantilizing to consider.
These are all good reasons, but performance just isn't one of them. A
host system configured to provide like kind performance to a VM SBS
environment just isn't very cost effective. Now if you were going to
"host" three or four separate companies running their own virtualized SBS
environment.... hmmm, there's a thought.
Would hardware sufficient to run SBS, a TS Application Mode server, and an
LOB Application server in the virtual environment cost less than three
sets of hardware? Maybe the TS wouldn't be a virtual, AFAIK there's no
reason not to run the host OS as TS Apps Mode (as long as it's locked down
enough that users can't stuff your virtuals :-).
--
/kj
"SuperGumby [SBS MVP]" <not@xxxxxxxxxxx> wrote in message
news:OyYyzMucGHA.380@xxxxxxxxxxxxxxxxxxxxxxx
imagine this
You have a simple NAT router in front of a 2NIC W2003S running as VS
host, the router is at 192.168.33.1/24. The external NIC of the W2003S
box either has an IP of 192.168.44.4/24 or possibly doesn't have IP
bound to it at all.
SBS runnning in the virtual environment also has two NICs, one bridged
to each physical NIC. ISA running on the SBS with an external of
192.168.33.2/24 and an internal of 192.168.16.2/24. You can see that in
this scenario the .44.y network is a 'dead end', not in use, or maybe
doesn't exist at all.
BTW: I don't think you're crazy but though I'm sortta keen to do similar
m'self I'm holding off. To run SBS in a virtual environment you not only
need the fast IO (HDD & RAM) that SBS normally needs but also
sufficient to compensate for running in virtual space and possibly
running alongside other virtual machines. The best idea would be to
minimise the tasks machines running in the virtual space are responsile
for. ie. SBS Standard would seem feasible, adding ISA and SQL servres to
the tasks performed in the virtual machine _may_ be asking a bit too
much.
"Doc King" <DocKing@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:DA107DCB-730B-4734-A0F3-6BE37B0B4FEF@xxxxxxxxxxxxxxxx
Am I out of my rabbit-ass mind thinking about deploying a production
SBS box
on VS2005 R2? The flexibility, test-ability, and disaster recovery
possibilities are tantilizing to consider.
My primary issue is how to protect the 2003 R2 host. Is there any way
to
deploy a front end ISA server while retaining the SBS ISA
functionality?
Perhaps users could VPN into the bastion ISA box?
--
Chris King, DC, MCP
- Follow-Ups:
- References:
- Re: SBS guest on Virtual Server 2005 host?
- From: SuperGumby [SBS MVP]
- Re: SBS guest on Virtual Server 2005 host?
- From: kj
- Re: SBS guest on Virtual Server 2005 host?
- From: SuperGumby [SBS MVP]
- Re: SBS guest on Virtual Server 2005 host?
- From: kj
- Re: SBS guest on Virtual Server 2005 host?
- Prev by Date: Website Access only on 1 interface
- Next by Date: Re: Monitoring Web Destinations
- Previous by thread: Re: SBS guest on Virtual Server 2005 host?
- Next by thread: Re: SBS guest on Virtual Server 2005 host?
- Index(es):
Relevant Pages
|
Loading
