eRacks Frequently Asked Questions
How can I make a special request?
How long will my order take to arrive?
What shipping carriers and methods do you use?
What are the usual reliability-test procedures?
Network Design and Firewall Questions
How do I do web-based administration on my eRacks system?
How do I collect usage statistics on my eRacks web server?
How should the network be designed in order to tolerate a firewall failure?
What does NAT stand for?
In the eRacks/NAT Firewall, Is NAT used for incoming or outgoing traffic?
How does a VPN work? Why do I need a matched pair and where should they be?
Will the eRacks/VPN work with a Windows VPN client, such as a PGP client?
Can we order just one eRacks/VPN, rather than a peer VPN configuration?
Can eRacks help us out with some network design consulting?
System Design Questions
How much memory do I need for firewall and web systems?
Is it enough to use software RAID or should I add a RAID card to my system?
Can I upgrade the memory/harddrive/other components later on after I purchase my computer?
What are the outer dimensions of rackmount servers and how are they mounted in a shelf?
How Many PCI slots are available in your 1U systems?
What about other systems? Other slot types, such as ISA, AGP, etc?
Where can I find out more about the software that eRacks recommends?
Which operating systems are recommended for which purposes?
Will a backup server running Linux be able to see and backup my Windows and other machines?
How does eRacks' software configuration ensure the security of a firewall?
How do I view our Windows machine from OpenBSD eRacks servers and vice versa?
Questions about the eRacks website
What tools were used to build this website?
Most of eRacks' systems are built to order (BTO). Shipping time is dependent on configuration, availability of components, and payment method. Typical configurations with standard components are usually shipped within 15 business days of ordering. Priority treatment is given to orders with expedited shipping chosen. All eRacks servers undergo extensive reliability and heat testing. Please contact eRacks for specific information relating to your order.
For international shipments, we can also arrange containers and freight forwarding, contact us for details.
Priority treatment is given to orders with expedited shipping chosen.
Photos and more information is given on the Packaging Description page.
eRacks performs a standard burn-in procedure, typically 72 hours, which load-tests the CPU, memory, and hard drive(s), ensuring maximum reliability and identifying any marginally functional components for replacement prior to shipping.
Most features of our systems can be administered via the web using WebMin which comes preinstalled with most of our systems.
WebMin is easy to use, and works well on most open-source operating systems, including OpenBSD, FreeBSD, and Linuces.
Following are examples of just a few packages supported by WebMin, there are many more:
Webalizer shows daily usage statistics summarized by month, and is preinstalled on all our systems which include a web server or application server, including:
or upon request.
In a typical colocated network, the DNS servers are the only other severs connected directly to the Internet, and which are not behind the firewall - these servers are then configured with redundant network cards, and are on the internal LAN as well as the Internet - thus a simple reconfiguration can be done remotely in the case of a firewall failure. For example, to use your dns2 server as a new firewall:
- Enable filtering rules (which were pre-set up for firewall replacement) on dns2
- Switch over your domains in the the DNS database on dns1 to point to dns2 instead of the firewall.
Incoming traffic is usually accomplished by simple port-forwarding, with certain types (fragmented, for example) of traffic filtered out. Although ports can be forwarded to other internal IP addresses, this isn't generally referred to as NAT, which includes port-remapping as well as forwarding.
For example, a typical set of firewall rules would only allow HTTP (port 80), HTTPS (port 443), and SSH (port 22) traffic to pass to the internal network's servers, and reject (or drop) all other traffic, thus securing the site against intruders.
A matched pair is necessary because the two VPN servers must have their keys configured to allow each other access - they must "know" each other in advance.
If you'd like to order just one eRacks/VPN, configured and qualified to run with a specific client or list of clients, and don't really need a LAN-to-LAN peer-connected VPN,we will certainly consider your request on a case-by-case basis - please email us with the details of your requirements.
- or 128MB is plenty for a firewall, and a web server or database server usually requires 256 or 512MB RAM minimum.
Yes, and since eRacks uses non-proprietary components, your system is easily upgradeable at reasonable prices. Many large hardware vendors sell systems that require you to purchase upgraded components only from the same company at high margins.
Rackmount servers' heights are defined by the number of Us, or rack Units. A 1U system has 1.75 inch vertical space on a rack shelf. The systems can be attached to a rack shelf by simply screwing the front ears onto the shelf rail, with optional center/rear mounts providing additional support. Sliding railkits can be used to allow the system to slide in a manner similar to a drawer.
Most of our 1U systems have 1 PCI low-profile slot available. If you require more than one PCI slot in a 1U system, please email us for details or for a quote on a custom system.
Operating systems variations in their strengths, Samba support, multiprocessor support, as well as cost and licensing. We'll add more notes here soon; meanwhile please email if you would like specific recommendations from eRacks.
By default, we preinstall OpenBSD, WebMin, OpenSSH, bash, and various other tools to make operation of your firewall simpler and easier. We don't enable FTP, Finger, or any other protocols which would compromise the security of your firewall. The WebMin remote management is accessed via SSH-port remapping. We include an open-source MS Windows SSH client with configuration instructions on how to access WebMin. This avoids opening up the firewall to additional ports such as WebMin's port 10000.