May 11, 2006 at 6:28 am
I don't know if this is right place to post. Here is my problem. We have two sql servers runing sql server 2000. One of them is named server1 which is in DMZ and another is named server2 in our network. Every certain period (such as 6 hours), server2 will pull data that makes change since last time from server1 . The replication is not allowed since our policy only allows server 2 to pull data and not allows server1 to push data.
Actually server2 is only a temparory holding place and it will send those data to their final destination database for example some data will be sent to database A in server 3 for insert, update, delete and some will be sent to database B in server 4 etc.
Hope I make me clear. Do you guys have any idea?
I really appreciate your help.
Anthony
May 11, 2006 at 9:13 am
I'm not clear about what you need to do but if you can't use replication, maybe log shipping or DTS would work for you.
Greg
Greg
May 11, 2006 at 9:53 am
Hello,
You may want to try the following:
- SQL Server 2000 replication over FTP
- SQL Server 2005 replication over HTTPS (new feature, did not try)
- DTS Export job to files on the DMZ server , FTP (or SFTP) these files to network server, DTS Import job on network server.
Regards,Yelena Varsha
May 11, 2006 at 10:09 am
DTS or linked server would be my suggestion.
May 11, 2006 at 10:17 am
Steve,
How to implement a linked server between a network and DMZ?
Regards,Yelena Varsha
May 12, 2006 at 11:51 am
The only difference between linked servers within a network and and linked servers, network SQL Server and a DMZ SQL Server, is a firewall. You'll have to talk to your network folks and have them make sure a number of ports are open for this to occur. Here's a decent list to start with:
TCP 1433
UDP 1434
TCP 3389
TCP 443
TCP 445
UDP 445
TCP 135
UDP 135
UDP 137
UDP 138
TCP 139
TCP 5000-5250
There is also a registry hack needed in most instances because SQL Server uses a range of high IP ports for traffic as well:
;
; set MSDTC port range (Microsoft reccommendation)
;
; http://support.microsoft.com/default.aspx?scid=kb;en-us;250367
;
; firewall ports 135 and 5000-5020 must be open bidirectionally
;
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\Internet
Ports = REG_MULTI_SZ "5000-5250"
;
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\Internet
PortsInternetAvailable = REG_SZ Y
;
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\Internet
UseInternetPorts = REG_SZ Y
This has to be implemented on each server communicating (linked).
RegardsRudy KomacsarSenior Database Administrator"Ave Caesar! - Morituri te salutamus."
May 12, 2006 at 12:47 pm
Rudy,
The original question was posted by Anthony probably exactly because the ports between his network and DMZ are restricted.
Regards,Yelena Varsha
May 15, 2006 at 5:48 am
Thank you guys for your advice. I was on vacation for last several days and can't access to Internet. Sorry for my late response. I think I didn't make me clear. Our network folks only allow ftp between DMZ and network. The replication over ftp, of course, is the best choice here. but our network folks don't allow it because if I use replication, the server in DMZ will be publisher and the server in network will be subscriber since data will mainly come from DMZ. They only allow the server in network to pull data from DMZ server. Then the options left are DTS and log shipping. but the sintuation is server in network is only a temporary holding place, it will get differential data from DMZ server (which means get data that only made change after last time data transfer) and then do some actions (I haven't figure out this part either) to update databases in scattered servers.
Again, I really appreciate your help.
Anthony
Viewing 8 posts - 1 through 7 (of 7 total)
You must be logged in to reply to this topic. Login to reply