Is this possible with VLANs?

[Cromulent]

OK. I'm planning on starting a virtual private server business and was curious about a couple of things to do with VLANs as I'm not terribly familiar with them. Basically I want to have a gateway machine that people connect to, sign up with and launch virtual machines. It will be connected to servers on the backend that will run the virtual machines but I'd also like those virtual machines that are running on the backend server(s) to be publically accessible. So the host machine will be restricted to the VLAN and the virtual machines will be publically accessible.

If you need any more information then please let me know.

 

[TechMinerUK]

OK. I'm planning on starting a virtual private server business and was curious about a couple of things to do with VLANs as I'm not terribly familiar with them. Basically I want to have a gateway machine that people connect to, sign up with and launch virtual machines. It will be connected to servers on the backend that will run the virtual machines but I'd also like those virtual machines that are running on the backend server(s) to be publically accessible. So the host machine will be restricted to the VLAN and the virtual machines will be publically accessible.

If you need any more information then please let me know.

Possible? Yes, recommended? Probably not

I know there are several companies out there that essentially have a web interface that you can login to so that you can provision your own virtual servers, upscale them etc but those are systems that have undergone quite a bit of development to ensure that users can't get into other users areas etc.

For a small scale hosting setup I would strongly recommend not giving end users access to something like this as it could go very wrong if someone managed to break out into the wider environment. Likewise hosting servers needs a lot of legal-ese to make sure if people are doing any weird things it doesn't come back onto yourself.

If you have nailed everything down and you must host servers then I would work on provisioning them yourself and then exposting the ports you need to whoever is accessing them so they can do the rest of the config themselves but I absolutely would not be giving your customers the ability to launch them themselves as it involves too much access and risk

In terms of the systems that will be accessed by your clients, yes absolutely they would go on their own VLANs to prevent them talking to things they shouldnt

 

[Zefan]

I don't mean to be too blunt, or put you off unnecessarily, but it doesn't feel like you're ready to be providing a VPC service if you are not familiar with what amounts to relatively basic network functionality. At least not in any way that stands much of a chance of being either successful or safe for yourself or your prospective customers. I say this under the shadow of the fact that even if you were, there's a reason why it's the sort of thing that only absolutely gigantic organisations run.

 

[Cromulent]

Possible? Yes, recommended? Probably not

I know there are several companies out there that essentially have a web interface that you can login to so that you can provision your own virtual servers, upscale them etc but those are systems that have undergone quite a bit of development to ensure that users can't get into other users areas etc.

For a small scale hosting setup I would strongly recommend not giving end users access to something like this as it could go very wrong if someone managed to break out into the wider environment. Likewise hosting servers needs a lot of legal-ese to make sure if people are doing any weird things it doesn't come back onto yourself.

If you have nailed everything down and you must host servers then I would work on provisioning them yourself and then exposting the ports you need to whoever is accessing them so they can do the rest of the config themselves but I absolutely would not be giving your customers the ability to launch them themselves as it involves too much access and risk

In terms of the systems that will be accessed by your clients, yes absolutely they would go on their own VLANs to prevent them talking to things they shouldnt

Thank you for your reply. I see what you are saying. My plan was to offer a service similar to Linode (but obviously not as big or complex) but with an emphasis on FreeBSD and OpenBSD.

I don't mean to be too blunt, or put you off unnecessarily, but it doesn't feel like you're ready to be providing a VPC service if you are not familiar with what amounts to relatively basic network functionality. At least not in any way that stands much of a chance of being either successful or safe for yourself or your prospective customers. I say this under the shadow of the fact that even if you were, there's a reason why it's the sort of thing that only absolutely gigantic organisations run.

Thank you for your honest feedback. You are probably right but networking is something I'm keen to learn more of. I have Computer Networks by Tanenbaum which I'm planning on reading very soon. Of course if you have other books you can recommend then I would be open to reading them.

I'll take your advice and try and learn more before I move forward with this plan.

 

[Zefan]

Thank you for your honest feedback. You are probably right but networking is something I'm keen to learn more of. I have Computer Networks by Tanenbaum which I'm planning on reading very soon. Of course if you have other books you can recommend then I would be open to reading them.

I'll take your advice and try and learn more before I move forward with this plan.

CCNA or CompTIA network+ is a good start. CCNA will be more hands on with configuring Cisco devices, N+ much less configuration specifics and totally brand agnostic.

 

[Sin_Chase]

I don't mean to be too blunt, or put you off unnecessarily, but it doesn't feel like you're ready to be providing a VPC service if you are not familiar with what amounts to relatively basic network functionality. At least not in any way that stands much of a chance of being either successful or safe for yourself or your prospective customers. I say this under the shadow of the fact that even if you were, there's a reason why it's the sort of thing that only absolutely gigantic organisations run.

Ill add to this.

Even if you are EXCEPTIONALLY well versed in networking this is only a tiny piece of the puzzle.

If you plan to sell VMs then you are also signing up to safeguarding your customers data. The potential liability you face if you mess up is huge.

You are likely going to need to be standards accredited, or at least aligned, have business continuity and backup solutions and be cutting edge on patching and hardening your resources. This is before you have even started to explore and document risks, mitigation and an endless list of other factors (Do you even have an internet connection or datacentre rack space capable or authorised for such hosting?)

This is the sort of thing you want to be a reseller of, not a 1st party provider.

 

[Cromulent]

CCNA or CompTIA network+ is a good start. CCNA will be more hands on with configuring Cisco devices, N+ much less configuration specifics and totally brand agnostic.

Thank you! I'll look into buying them.

Ill add to this.

Even if you are EXCEPTIONALLY well versed in networking this is only a tiny piece of the puzzle.

If you plan to sell VMs then you are also signing up to safeguarding your customers data. The potential liability you face if you mess up is huge.

You are likely going to need to be standards accredited, or at least aligned, have business continuity and backup solutions and be cutting edge on patching and hardening your resources. This is before you have even started to explore and document risks, mitigation and an endless list of other factors (Do you even have an internet connection or datacentre rack space capable or authorised for such hosting?)

This is the sort of thing you want to be a reseller of, not a 1st party provider.

I'm primarily a programmer but I also do a bit of sys admin stuff using Linode VMs. I can always rent dedicated servers as the virtual machine hosts which was my original plan but I guess you guys are right. I need to update my skills before going any further.

 

[Zefan]

Even if you are EXCEPTIONALLY well versed in networking this is only a tiny piece of the puzzle.

If you plan to sell VMs then you are also signing up to safeguarding your customers data. The potential liability you face if you mess up is huge.

You are likely going to need to be standards accredited, or at least aligned, have business continuity and backup solutions and be cutting edge on patching and hardening your resources. This is before you have even started to explore and document risks, mitigation and an endless list of other factors (Do you even have an internet connection or datacentre rack space capable or authorised for such hosting?)

Yes this is what I was getting at in my last sentence. The cold, hard answer really is, please, for your own sake, do not do this

 

[Cromulent]

Yes this is what I was getting at in my last sentence. The cold, hard answer really is, please, for your own sake, do not do this

Fair enough although I'm a big fan of self learning and generally have the mindset that I can get myself up to speed on most topics given enough time.

 

[Zefan]

Fair enough although I'm a big fan of self learning and generally have the mindset that I can get myself up to speed on most topics given enough time.

I'm totally in to the idea of doing it for yourself/mates for a project or joint venture, especially for the sake of learning, but the financial and legal implications are worthy of a department of staff all to themselves before you even touch on the technical aspects.

 

[dlockers]

Love a Cromulent thread

 

[LostCorpse]

my first thoughts reading the first post are legal issues.
plenty of people would look to or could abuse this ("paid customers" or hackers/scammers).
i'd be asking what logging you have and control over what apps or services are running. what do you legally need to retain.
what do you do if the police come knocking.

 

[Avalon]

My first thoughts are it's a bit early for host season this year? Normally it's at least another month before this happens (eg historically after exams and when the student summer starts), and they normally go bump between then and Feb.

 

[LostCorpse]

My first thoughts are it's a bit early for host season this year? Normally it's at least another month before this happens (eg historically after exams and when the student summer starts), and they normally go bump between then and Feb.

you can work out the age if you do a search. not a student age.

i would probably suggest working at one of those VPS companies to get a feel for how they are run, what they do in the back ground ect, what are the challenges. a simple question is have you worked out up front costs and capacity, and can you afford to lose what you invest or do you have a plan to support your self for the first 2 years of operation, with a 5year plan. must business fold at year 2 as example for tax reasons (forgetting to save to pay it).

think of it as taking your hobby and turning it in to a job. it doesnt always go well and other times you strike gold. i just a bit worried your taking on more than you might be able to handle in a short time frame.
its fine if you have time to work on problems, but as soon as you start dealing with customers (the irate ones & the karen's of the world) you soon learn things arent always what you want or think.

everything is doable, but is it feasible.
if its something your passionate about it i'm all for it.
minor edit last line.

 

[Cromulent]

you can work out the age if you do a search. not a student age.

i would probably suggest working at one of those VPS companies to get a feel for how they are run, what they do in the back ground ect, what are the challenges. a simple question is have you worked out up front costs and capacity, and can you afford to lose what you invest or do you have a plan to support your self for the first 2 years of operation, with a 5year plan. bust business fold at year 2 as example for tax reasons (forgetting to save to pay it).

think of it as taking your hobby and turning it in to a job. it doesnt always go well and other times you strike gold. i just a bit worried your taking on more than you might be able to handle in a short time frame.
its fine if you have time to work on problems, but as soon as you start dealing with customers (the irate ones & the karen's of the world) you soon learn things arent always what you want or think.

everything is doable, but is it feasible.
if its something your passionate about all for it.

Thank you very much for your reply. No I'm not a student just a self taught programmer and Linux/BSD admin. You make some good points. I'm going to go away and think about this some more and also read the books that have been recommended. At least I'll have a better idea of things after that.

 

[Avalon]

you can work out the age if you do a search. not a student age.

It's an LET joke, summer hosts pop up in summer, it's a happened for many years and almost all follow the same path.

 

[visibleman]

It's an LET joke, summer hosts pop up in summer, it's a happened for many years and almost all follow the same path.

Got to love LEB, the LET forum and the summer influx of 'How do you start a VPS host with zero money?' posts

 

[LostCorpse]

It's an LET joke, summer hosts pop up in summer, it's a happened for many years and almost all follow the same path.

ah see its the injoke i dont understand :/
i follow wht you say just not the joke if that makes sense. time for my coat.