I used to keep these pages on the mywebpages.comcast.net webserver. You can get to the pages through your router with ordinary FTP; you don't need the fancy windows point-and-fail interface. I have moved everything to an offsite colocation machine.
My current setup consists of an old Compaq laptop running Fedora Core 1 as a firewall between Comcast and my network. The 233MHz machine has 144MB of ram and a small hard disk; it does firewall, and makes a VPN connection to my colo. Frequent yum updates. Very little else.
The laptop has two PCMCIA ethernet cards. Comcast checks for a particular MAC address on the ethernet interface connected to the cable modem, so if I change machines, I need to move the "outwards facing" card to the new machine. When the Comcast installation contractor set up the network, I had that particular card in an old Windows 95 laptop. They need something that will run Windows, and can load from a CDROM, or they get confused. Ewww...
The firewall machine offers no services to the world; everything is outbound. This is required by the Comcast Terms of Service, and it is generally a good idea anyway. With all the windoze machines getting turned into spam-spewing zombies, it is good that Comcast can detect server-like behavior and block it. Besides, every few months or so they change the dynamic IP address I am on, and besides reconfiguring my IP address, I do not want to change a bunch of DNS information.
HTML and other outbound service requests go directly to the Comcast network. Email is routed from my mail server through an outbound VPN connection to my colo. When I need to connect to my network from outside, I go through a special version of SSH on the colo, and then through another SSH connection down the VPN to my internal network.
The firewall laptop, and the colo, are backed up every night using dirvish. If necessary, I can restore or replace the laptop in minutes, and I can shift the colo to a different UML provider in under an hour.
For a colo machine, I rent a User Mode Linux machine for $20 per month. I run 9 websites from it. By using an offsite UML, with DNS provided by dyndns, I completely avoid infringing on my Comcast terms of service. Using an offsite colo also means I get a static IP address for web and email. Some sites block email from dynamic IP addresses, or from sites that do not provide proper reverse lookup. The static IP address of the UML machine avoids those hassles.
last revision Monday, May 30, 2005