INTRODUCTION
This article describes how to configure an alternative topology for Microsoft SharePoint Portal Server. In this topology, the front-end Web servers are on one virtual local area network (VLAN). The computer that is running SharePoint Portal Server is on another VLAN.

MORE INFORMATION
When you configure SharePoint Portal Server 2003 in a server farm on your network, you must follow the topology that is described in the Microsoft SharePoint Portal Server 2003 Administrators Guide. The Administrators Guide provides the following guidelines:

? You must configure the servers in a small server farm as follows:
? One computer that is running the Web component, the index component, and the search component. This computer is also running as the job server. This computer can optionally run the components for backward-compatibility with SharePoint Portal Server 2001 document libraries.
? One or more computers that are running Microsoft SQL Server 2000.

? You must configure the servers in a medium server farm as follows:
? One or two front-end Web servers with the search component enabled.
? One server for index management and for jobs.
? One or more computers that are running SQL Server 2000.
Optional: One computer that is running the components for backward-compatibility with Microsoft SharePoint Portal Server 2001 document libraries.
? You must configure the servers in a large server farm as follows:
? Two or more front-end Web servers.
? Two or more search servers. We recommend that you have no more than four search servers.
? One or more index management servers, with one configured as the job server. We recommend that you have no more than four index management servers.
? One or more computers that are running SQL Server 2000.

Optional: One computer that is running the components for backward compatibility with SharePoint Portal Server 2001 document libraries.
When you configure a SharePoint Portal Server 2003 farm that contains multiple network load-balanced front-end Web servers, typically these servers are dual-homed. The dual-homed, network load-balanced servers have one network adaptor that is connected to a VLAN or subnet on the front end and one network adaptor that is connected to a VLAN or subnet on the back end.

The Search, Index/Job, and Index computers that are running SQL Server in the SharePoint Portal Server 2003 farm are typically connected only to the back-end VLAN or to the subnet. A front-end and back-end topology can be used for your SharePoint Portal Server 2003 farm if the network is designed correctly and the servers can communicate with each other.

However, you may want to prevent specific types of traffic between the back-end VLAN or subnet and the network load-balanced front-end Web servers. The traffic is associated with typical SharePoint Portal Server 2003 operation.

For example, consider the following traffic scenario:

? Index servers that are running SharePoint Portal Server 2003 crawl (index) Portal Content.
? While the Index servers are crawling Portal Content, they make Web Service requests to the network load-balanced front-end Web servers.
? These requests will be sent from the back-end VLAN or subnet to the front-end VLAN or subnet.

The following steps are one way to prevent this traffic:

1. Configure a front-end Web server on the back-end VLAN or subnet.
2. Configure hosts file entries on the Index/Job servers and on the Index servers. These hosts file entries resolve the fully qualified domain name (FQDN) of the SharePoint Portal Server farm to the IP address of the front-end Web server on the back-end VLAN or subnet.
Note To provide redundancy for this front-end Web server in this Web farm topology, you would have to add one or more additional Web front-end servers and configure load-balancing through the Network Load-Balancing service or similar technology.

The following example illustrates a front-end and back-end topology for a SharePoint Portal Server farm that prevents specific types of SharePoint Portal Server 2003 traffic from being sent from the back-end VLAN or subnet to the network load-balanced front-end Web servers.

? Two network load-balanced SharePoint Portal Server front-end Web servers.
? The FQDN for the Portal resolves to the virtual IP for this load-balanced cluster.
? Each SharePoint Portal Server front-end Web server contains two network adaptors, with one network adaptor that is connected to a front-end VLAN and with one network adaptor that is connected to a back-end VLAN.

? One SharePoint Portal Server 2003 front-end Web server that has one network adaptor that is connected to the back-end VLAN or subnet. This is not a network load-balanced front-end Web server.
? Two SharePoint Portal Server dedicated search servers. Each of these computers has one network adaptor that is connected to the back-end VLAN.
? One SharePoint Portal Server Job/Index server that has a hosts file entry that forces address resolution of the Portal FQDN to the IP address of the non-load-balanced front-end Web server on the back-end VLAN or subnet. This computer has one network adaptor that is connected to the back-end VLAN.
? One SharePoint Portal Server Index server with a hosts file entry that forces address resolution of the Portal FQDN to the IP address of the non-load-balanced front-end Web. This computer has one network adaptor that is connected to the back-end VLAN.
By putting the hosts file entries on the Index/Job and Index servers, you prevent the Index/Job servers and Index servers from making Web Service calls to the load-balanced front-end Web servers.

The typical address resolution process that is employed by the Index/Job servers and by the Index servers causes the FQDN for the portal to be resolved to the virtual IP address of the load-balanced cluster.

However, by adding the third SharePoint Portal Server front-end Web server on the back-end VLAN or subnet that is not a part of the load-balanced cluster, and by creating hosts file entries on the Index/Job and Index servers that resolve the FQDN of the Portal to the IP address of that front-end Web server, the network traffic that is associated with the Web Service calls that are required to crawl Portal content are directed to the non-load-balanced front-end Web server. This topology and this configuration prevent traffic from the back-end VLAN from looping back to the front-end VLAN.

Additionally, the proxy server settings for the search component must be configured correctly. To make sure that the proxy server settings are configured correctly, follow these steps:

1. Start the SharePoint Central Administration Web site.
2. Click SharePoint Portal Server.
3. Click Manage the Search Service, and then click Configure account and proxy settings.
4. In the Proxy Server Settings area, make sure that the following options are selected or specified:

? Use the proxy server specified must be selected.
? The proxy address and port must be specified.
? Bypass proxy for local (intranet) addresses must be selected.
? Do not use a proxy server for addresses beginning with must be selected.
? Type your list of bypassed servers. For example, type http://*.example.com or https://*.example.com.

Note You must include the http or https protocol prefix in the bypass proxy settings. If you do not include the protocol prefix and you just specify a bypass entry by using the format *.example.com, the search component still uses the proxy server. Therefore, the crawl may fail, or it may be directed somewhere unexpected by the proxy server.



---------------------------------------------------------------------

APPLIES TO
? Microsoft Office SharePoint Portal Server 2003