Reputation: 3746
experiences with firebird server over the internet with multiple clients?
Has somebody real experience with firebird databases over the internet?
I have a typical windows accounting/ERP software (done with delphi) that works with the firebird database server pretty well.. Now my users (300 aprox. now, but should increment) also want to work "in the cloud" (connecting from the office, from the laptop, from the house, etc.). It is a lot of work of recreating everything to a standard web application (let's say for example, HTML+CSS+JS+PHP+MYSQL), so I'm considering keeping the win client (I don't care about other OSes) but instead of the server living in the clients LANs moving it to a pair of dedicated servers that I will contract (one primary and one secondary againts failures for starting).
Searching I've come across this faq http://www.firebirdfaq.org/faq53/ that explains that the fb protocol it isn't ideal for working in the internet, but still all my users today have at least a 1MBbit/sec ADSL internet connection (I don't think that to be slow as the faq denotes).
Somebody have done this? what was the experience? how secure are fb servers for being open to the internet? how well they scale?
I know that building a "middleware" with SOAP for example will be more normal, but still the solution I'm evaluating here is much more fast and easy (still I have some work with the replication, backup, hearbreath services, but it's much less than redoing everything for the web).
Thanks! Edit: FB version: 2.5.
Upvotes: 10
Views: 8261
Answers (5)
Reputation: 181
You can implement TCP/IP packets encryption/decryption directly in the firebird engine itself. Personnaly, i have downloaded the Firebird 2.5 source code and injected secure tunnelization code directly in his low level communication layer (the INET socket layer). Now, encryption/decryption is done directly by the firebird engine for each TCP/IP packet both at the server side and the client side (fbclient.dll). Then there is no need to re-structure the client application except adding one line of code that provide the secret key you choose to crypt communication to the fbclient.dll. The same secret key must be declared in the firebird.conf file of your server installation. I have also implemented a proxy negociation solution in the fbclient.dll in order to allow to TCP/IP packets to pass throught any proxy server (like Microsoft ISA Server for example). For us, this architecture is functional for more than one year in a real production system.
Upvotes: 1
Reputation: 162
kbmMW CodeGear Edition is free but without source. It can be used for commercial apps. Download it after registering at: https://portal.components4developers.com
In case you see certificate errors (you shouldnt but I know we have heard that some actually do), accept and ignore them. The site is valid despite the cert.error.
kbmMW CodeGear Edition contains a subset of kbmMW Professional Edition, but supports the following Delphi database API's:
- Borland Database Engine
- DBExpress
- kbmMemTable
- SQLite3
It supports binary, binary over HTML, XML and SOAP protocols in communication with clients. It contains everything you need incl.
- unified remote custom method invocation
- unified remote dataset query, execute and data change resolving
- unified database meta data handling and creation (tables, fields, indexes, generators/sequencers)
- optional automatic proxying of requests to another server and proxying results back to original requester
- full native XML DOM and SAX support
- full dataset briefcase support as CSV, or binary data
- advanced but simple to use wizard for creating new application server services
THere is one caveat though. Newest version of kbmMW CodeGear Edition always only supports newest Delphi version. You can still download older kbmMW CodeGear Editions matching older Delphi releases.
kbMMW Professional Edition and kbmMW Enterprise Edition do not have such limitations, and currently supports D7, D2006, D2007, D2010, DXE, DXE2 along with Embarcadero C++ counterparts.
best regards Kim Madsen www.components4developers.com
Upvotes: -2
Reputation: 1183
The response about the scaling question Firebird runs in production on large big iron servers : 512G of ram 100.000 concurrent users
We run Firebird to power larger systems (for 12 government agencies and 3 banks). It has approximately 100000 end users multiplexed through 2500 (max) pooled connections https://plus.google.com/111558763769231855886/posts/Q1ACy1yyTgP
The protocol in Firebird 2.5 is improoved there is still room left for 3.0 but you can check what is already done
http://asfernandes.blogspot.com/2009/07/network-latency-influence-on-firebird.html
And the future enhancements in 3.0 http://www.firebirdnews.org/?p=6953
To protect your connection i guess the best bet is ssl/ssh tunnel (it can be a opnvpn) with high compression option http://mapopa.blogspot.com/2010/11/securing-firebird-using-ssh-tunnel.html
Upvotes: 5
Reputation: 1096
I had being trying to "push" the Firebird Core developers to improve the Firebird protocol to get better speed with high latency network (aka. Internet). Recently, Dmitry Yemanov published some articles in his blog about this subject (dyemanov.blogspot.com). It seems that there is margin for optimizations, and I would really like to see this coming in FB 2.5.3 and FB 3.0, although there is no warranty for this happening in those versions or anytime soon. You can vote in such improvement here: http://tracker.firebirdsql.org/browse/CORE-2530
Safety? You may try to set up a VPN. It also may help with speed, since most of the VPNs software out there (Zebedee, etc) can compress the data being transfered, helping to speed up data transfer in some cases.
Some of my customers do use Firebird traditional C/S over the internet. It is much slower compared to local network, and of course, how much slower depends basically on the link speed and latency. You can do some optimization at the client side too, using metadata cache, etc. but don't expect miracles with the currently protocol. I would say that for whole day working, using Terminal Services would be a better option for now.
Upvotes: 9
Reputation: 6137
FB protocol problem isn't about bandwidth, but latency. In my experience, some operations can be very slow over internet/VPN compared to LAN or local connection. I haven't examined issue further since I don't really run applications over internet connection.
However, I suggest three-tier model for application. Create own application server, which runs on database server/same network. Let the clients talk with application server and you get maximum performance.
There are some N-tier application/middleware frameworks for Delphi:
- RemObjects SDK and DataAbstract
- RealThinClient
- kbmMW
- Delphi's own DataSnap
- MidWare
With those you can get data compression, encryption, binary messages (faster than SOAP) etc.
Upvotes: 4
Related Questions
- Compatibility of Firebird client with Firebird server
- Can I use Delphi 10.3 or 10.4 Professional to connect to a remote Firebird database using FireDAC?
- Does Firebird 3 embedded server have major disadvantages?
- Firebird synchronization on 2 computers running a Delphi App
- connect firebird client to server
- how do i connect to a firebird database on delphi 7 from multiple clients spread across the internet?
- Delphi XE2 64 bit client connection to Firebird 2.5
- How to configure access from clients to Firebird 2.5 in Windows 2008 Server?
- Is it possible to use Firebird Embedded for small number of users
- Delphi Client-Server Application using Firebird 2.5 embedded connection error