July 29, 2009 at 12:54 pm
How many of you are working in an environment that:
1) Has multiple SQL Server machine with multiple instances on each SQL Server machine
2) Specific static port number for each instance on a server
3) SQL Browser disabled on each SQL Server machine
If so, how do you manage the port number assignments for each instance?
Also what is your opinion on the security risks associated with running the SQL Browser?
Gregory A. Larsen, MVP
July 29, 2009 at 12:59 pm
Minimal risk that I see with the browser. If someone is going to scan, they'll find the ports. I've set specific ports so that I could be sure that port was available after every reboot.
In production environments, we've rarely used instances for servers. More for desktops (local replicated databases for some data, multiple apps). On servers, I've preferred to let SQL manage all the memory and use multiple databases on one instance.
We have had a few with multiple instances and we set ports.
We also had routers set up to block UDP 1434, so the browser didn't work (post Slammer)
July 29, 2009 at 1:20 pm
I agree with the Browser turned off only makes it a little harder for the hacker.
The only reason we are looking at multiple instances is because we have different DBA organizations that want full control of their environment. And we are trying to minimize SQL Server licenses, and hardware. We could put all the DBs in one instance and asked all the DBA's to play nice with the rest of the DBA's utilizing the same instance. This might work most of the time, but as we all know there always seems to be one kid in the playground that wants to bully the rest.
As for the port assignments we are considering assigning different ports to each instance (regardless of machine), so we can easily move instances between machines, and not have to worry about that the instance's port number is being used, or requiring applications to change their config file / connection string, provided they reference their instances through a DNS name and port number pair.
Gregory A. Larsen, MVP
July 29, 2009 at 1:42 pm
Hadn't considered the ports to move between machines, but that's a good idea. I'd go above 50000 and just pick a port for each app. Makes sense.
July 29, 2009 at 2:08 pm
Any magic to port numbers being 50000?
Gregory A. Larsen, MVP
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply