English
Chinese
French
German
Italian
Japanese
Russian
Spanish
Subscriptions
RSS feedsResolution
I. Why a Virtual IT Infrastructure?
Efficient, effective IT infrastructures require constant organization and attention. Administrators must install and maintain multiple servers, configure networks, connect to the Internet, organize traffic accounting, create email services, and take care of the other seemingly endless array of tasks necessary to keep the business running smoothly.What if these time-consuming and complicated processes could be streamlined? A Virtual IT Infrastructure (VITI) can help IT administrators consolidate servers and networks as well as simplify basic IT processes. Virtualization enables IT professionals to build small internal corporate networks with a full range of dedicated and secured services: boundary gateway for the Internet connection, DNS, DHCP, E-Mail, file storage and more – using only a single physical server.
By using Parallels Virtualization Technology in conjunction with Parallels Virtual Appliances, IT professionals can easily create complete, secure networks for small and medium businesses.II. SMB IT Infrastructure
A typical IT infrastructure of a small-to-medium business (SMB) includes an external demilitarized zone (DMZ) and an internal corporate network (the Intranet).An SMB's IT services can be divided into two major groups:
- Services that can be used internally or externally
- Services that can be used only internally
The DMZ contains:
- DNS service
- Mail service
- Authorization service
- VPN service (optional)
- Web service (optional)
The Intranet contains internal-only services and workstations, including:
- DHCP service
- File service
- Print service
- Application (Terminal) service (optional)
- Proxy service (optional)
- Database service (optional)
- Other services (optional)
This typical structure contains approximately ten physical servers, each dedicated to a different service, which requires a dedicated server resource. However, by leveraging the Parallels Virtualization Technology, IT administrators can consolidate all of the separate physical servers onto one single powerful server that will host several Parallels Virtual Appliances.
III. Basic VITI
A basic VITI is ideal for small businesses that simply do not have enough room to store multiple physical servers. A basic VITI is composed of five virtual appliances: Gateway, DNS Server, Mail Server, DHCP Server, and Storage. All five of these appliances are hosted on the same physical server.There are three network segments in the VITI's configuration. (See the table below.) The Internet and Intranet segments are real segments and are connected to physical network interfaces. The third segment, DMZ, is a virtual segment and exists in a virtual machine (VM) only. The network segments are completely isolated from each other and do not interfere.
Network segment (type) | Address | Virtual Appliance located in (network interface, IP address) |
|---|---|---|
The Internet (real) | any public IP assigned | Gateway (eth0, public IP) |
Intranet (real) | 169.254.x.x | Gateway (eth1, 169.254.254.254) DHCP Server (eth0, random IP) Storage (eth0, DHCP or random IP) |
DMZ (virtual) | 192.168.0.x | Gateway (eth2, 192.168.0.1) DNS Server (eth0, 192.168.0.2) Mail Server (eth0, 192.168.0.3) |
Any connections from DMZ and the Intranet to the outside world are hidden behind a single public Gateway IP address. By default, access from the Intranet to the Internet is granted for standard ports of WEB, ICQ, FTP, SSH and DNS. Any access to DMZ from the Intranet is allowed. External connections from the Internet to DMZ services are mapped to a specific virtual appliance. For example, all SMTP packets are delivered to the Mail Server virtual appliance. Any access from DMZ to the Internet is allowed.
Types of external connections supported by virtual appliances:
Virtual Appliance | Protocol | Port Numbers |
DNS Server | UDP | 53 |
Mail Server | TCP | 25, 110, 143, 993, 995 |
Virtual appliance hardware resources requirements.
Virtual Appliance | Memory (Mb) | HDD min (Mb) | HDD max (Mb) |
|---|---|---|---|
Gateway | 128 | 1024 | 1536 |
DNS Server | 32 | 512 | 576 |
Mail Server | 256 | 512 | 8704 |
DHCP Server | 32 | 512 | 576 |
Storage Server | 256 | 512 | 131584 |
Total | 704 | 3072 | 142976 |
Hardware requirements for this configuration:
- Intel Core 2 Duo processor with VT-X technology enabled- 1 GB DDR2 memory- The required capacity of hard disks depends on the number and types of virtual appliances you plan to install
- 2 physical network adapters
IV. How to Build a Basic VITI
The network has access to the Internet, DNS, DHCP, E-Mail, and file storage services. To build a basic VITI:- Choose a server with required hardware configuration.
- Plug in a cable with the Internet access in the first network adapter and cable with the Intranet in the second adapter.
- Install Parallels virtualization software. It is strongly recommended that you use a fault tolerance mechanism such as RAID1 (mirroring) for the virtual appliances' storage management.
- Download the following virtual appliances from Parallels Virtual Appliances Directory:
- Gateway virtual appliance
- DNS Server virtual appliance
- Mail Server virtual appliance
- DHCP Server virtual appliance
- Storage Server virtual appliance
- Copy these virtual appliances into a partition of the required capacity (minimum 3Gb).
- Open the Gateway virtual appliance's VM configuration. Bind the first virtual network adapter to a first physical adapter that is connected to external line (the Internet) and the second virtual adapter to a second physical adapter that is connected to internal network (the Intranet). Start the virtual appliance.
- Bind the virtual network adapters in DHCP Server and Storage Server virtual appliances to the same internal physical network adapter for the Intranet connection. Start the virtual appliances.
- Change the networking modes to Host-only Networking in both the DNS Server and Mail Server virtual appliances VM configuration, and start them.
- Ensure that boot processes in all virtual appliances are completed and that the Administration Interface URL is displayed on each ones' text console.
- Log into the Gateway virtual appliance's Administration Interface from Safari using Bonjour or the URL displayed by the one. Change network settings (IP address, mask, and default gateway). This enables the virtual appliance to access the Internet using the settings provided by your ISP.
- Log into the DNS Server virtual appliance's Administration Interface from Safari with Bonjour or the URL displayed by the one. Change the following network settings:
- IP address: to 192.168.0.2
- Network mask: 255.255.255.0
- Broadcast: 192.168.0.255
- Default gateway: 192.168.0.1
WARNING: Remember that the virtual appliance's virtual network adapter is configured for Host-only Networking. You need to log into the Administration Interface directly from the physical server. After changing virtual appliance's IP address at steps 11 and 12, you cannot access it from the Intranet until step 13 is complete.
- IP address: to 192.168.0.2
- Log into the Mail Server virtual appliance as described above, and set the following network settings:
- IP address: 192.168.0.3
- Network mask: 255.255.255.0
- Broadcast: 192.168.0.255
- Default gateway: 192.168.0.1
- DNS server: 192.168.0.2
- IP address: 192.168.0.3
- Change settings of Parallels Host-Guest virtual network adapter in the physical server from being configured automatically by DHCP to the following static configuration:
- IP address: 192.168.0.254
- Network mask: 255.255.255.0
- IP address: 192.168.0.254
- Log into the DHCP Server virtual appliance, and set 169.254.254.254 as default network gateway address and 192.168.0.2 as DNS server IP address in DHCP Client Option configuration.
- The Virtual IT Infrastructure is now complete! Now you can test it using any computer from the Intranet network.