cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Omitting Relay Servers in a HA environment

Go to solution
alanesaagoolian
Explorer

on ‎08-26-2015 3:25 PM

0 Kudos

We're running on SQL Anywhere 12.0.1 with High Availability with numerous MobiLink servers. Clients synchronize via a series of Relay Servers each running on IIS and are balanced using Microsoft Windows NLB. It's similar to the diagram found in the documentation: http://dcx.sap.com/index.html#1201/en/mlstart/ml-features-ml-intro.html

Has anyone tried removing the Relay/Web Server layer and have the MobiLink servers load balanced via NLB? What would be the disadvantages?

The advantage I can see is it uses less servers and makes the setup less complex. Your thoughts would be appreciated!

Thanks,

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎08-27-2015 8:19 AM
0 Kudos

The relay server reduces the security changes needed to get a connection from the web through the external firewall <> DMZ <> internal firewall and into the local network without compromising security.

If the clients are connecting from inside a closed environment, or you have an alternative option to gain access from the web then a relay server configuration isn't necessary.

The load balancer needs to be compatible with the protocol being used.

Thanks

Mark

Show replies
Show replies

Answers (1)

Answers (1)

ddeconin
Advisor
Advisor
‎08-27-2015 9:52 AM
0 Kudos

Marks answer is the most important reason, no port opened from DMZ -> Backend  means no attack footprint.

To complement Marks answer

- when using ML servers without relay server , sticky sessions are needed on the LB. With relay server, no sticky sessions are required since the relay servers take care of directing the session to the right ML server.

- A single relay server farm can take care of multiple ML server farms (different apps), afaria servers , SMP servers or a combination of those  without requiring different ports to be opened in the outer firewall for each individual application. The different applications are routed by relay server to the right backend system.

Diether

Show replies
Show replies
Ask a Question