Software Development

Web applications, mobile, e-commerce and custom software projects.

ReactNode.jsMobile

SEO & Optimization

Organic traffic growth, technical SEO, content strategy and analytics.

Technical SEOContentAnalytics

API & Integration

REST API, webhook infrastructure, payment and shipping integrations.

REST APIWebhookOAuth
View all services Get free consultation

Web Hosting

cPanel management panel, SSD storage, free SSL certificate

Get a Quote

VPS Server

NVMe SSD, full root access, DDoS protection included

Get a Quote
Popular

Dedicated Server

Fully dedicated physical server, unlimited traffic

Get a Quote

Domain & SSL

Domain registration, transfer and Wildcard SSL certificates

Get a Quote

Why KEYDAL?

  • 99.9% uptime guarantee
  • Istanbul data center
  • 24/7 support
  • Free migration service
Get a quote

Projelerimiz

kSvSecurity, kAI, kMusic ve daha fazlası.

About Us

Meet KEYDAL. Our vision, team and journey.

Contact

Tell us about your project, get a custom quote.
Contracts
Privacy Policy Terms of Service SLA Agreement Data Protection Notice Cookie Policy
01 Home
Software Development SEO & Optimization API & Integration
Web Hosting VPS Server Dedicated Server Domain & SSL
04 KEYDAL Projects 05 Tools 06 Blog
About Us Contact Contracts
Get a Quote
Blog / hosting

Dedicated Server Hosting Guide 2026: Hardware, Network and Colocation

pillar 27 min read May 2, 2026
Founder of KEYDAL · Full-stack developer

Dedicated server hosting is the model that comes into play when you push past the world of shared hosting and virtualized VPS — that is, when you want to keep every CPU core, every IOPS of NVMe, and every byte of RAM unshared with any other tenant. The industry uses dedicated server and bare metal server as synonyms; in practice they describe the same thing: a physical machine racked in a data center, with a defined hardware inventory allocated to a single customer. This guide is built so you can evaluate a dedicated server rental decision in 2026 conditions completely — technically, commercially, and operationally.

The article covers hardware selection (CPU generation, ECC RAM, NVMe vs SAS, RAID controllers), networking (port speed, anycast, DDoS, IP blocks), the management layer (IPMI, iDRAC, iLO, KVM-over-IP), an SLA reading guide, the local provider landscape in Turkey, price ranges, comparison with colocation, and migration scenarios. All price ranges are approximate values, vary by provider, and reflect 2026 data; always request a current quote before signing.

Related guides: VPS vs VDS Differences · Hosting Types · Linux Server Administration Basics · VPS Security Hardening · Nginx Configuration · DDoS Protection Guide

What Exactly Is a Dedicated Server?

A dedicated server is a real machine made up of the chassis-motherboard-CPU-RAM-disk quartet. The provider mounts this machine in a rack at a Tier III or Tier IV data center, connects it to a generator- and UPS-backed power feed, hooks it into the backbone via a 1 Gbps or 10 Gbps switch port, and typically hands it over to you with KVM-over-IP or IPMI access. From the operating system to the hypervisor, container runtime, and application stack — every layer of the device is yours to control.

The decisive difference from VPS: on a VPS, a hypervisor like kvm/qemu slices physical CPU cores into virtual CPUs and time-shares them across multiple customers. During peak hours, I/O queues created by neighboring tenants, CPU steal time, and cache contention all hit your application. On a dedicated server, steal time is always 0; all 32 threads and 256 GB of RAM are yours alone. For details, see our VPS vs VDS guide.

When Is It Necessary, and When Is It Overkill?

Not every workload needs a dedicated server. An enterprise CMS site, a blog, or a small SaaS dashboard can usually run comfortably on a VPS with 4 vCPU + 8 GB RAM. Dedicated servers come into play once certain thresholds are crossed. The list below shows practical indicators of those thresholds:

  • CPU core demand consistently exceeds 16 vCPU and the application is parallelizable (ML training, video transcoding, compilers, simulation)
  • RAM requirement exceeds 64 GB and virtualization overhead is unacceptable (large PostgreSQL/MySQL datasets, Elasticsearch cluster nodes, Redis in-memory stores)
  • Disk I/O requires sustained 100K+ IOPS; you need the full bandwidth of NVMe
  • Data residency or KVKK/compliance reasons require an in-country physical location
  • Noisy-neighbor risk is unacceptable (payment infrastructure, healthcare data, B2B services with high SLA)
  • GPU or specialized hardware (FPGA, RAID HBA, 100 GbE NIC) is required
  • Consistent low latency is mandatory (game servers, high-frequency trading, real-time pub/sub backbones)

If none of these apply to your scenario, a well-configured VPS, container PaaS, or managed database is almost always cheaper and far less of an operational burden. A dedicated server brings power along with a heavy operational responsibility.

CPU Selection: Cores, Frequency, or Cache?

When choosing a server CPU, three axes need to be weighed simultaneously. Scaling along the wrong axis is the fastest way to spend money in the wrong place.

  • Core count: Critical for parallel workloads. Web servers, app servers, and background workers love many threads.
  • Clock speed (GHz): Decisive for single-thread-bound applications (legacy PHP codebases, game server tick rates, JIT-bound languages).
  • L2/L3 cache: For database and in-memory workloads, a large cache makes a big difference before hitting RAM.
  • SIMD / AVX-512: For encryption, video encoding, and ML inference.
  • NUMA architecture: Memory locality matters in dual-socket systems; configuration with numactl is mandatory.

Local providers in Turkey (Natro, Turhost, Radore, Hosting Dünyam, IHS Telekom, Dorabase, İsimTescil and brandname among others) typically offer these tiers: entry-level Intel Xeon E3-1230 / E3-1240 / E3-1270 family (4C/8T, 8-32 GB RAM); mid-segment Xeon E5-2620v3 / E5-2620v4 (6-8C, 32-64 GB); enterprise segment Xeon Silver 4210R, 4214R, Gold 5218R, Silver 4314 (10-20C, 32-128 GB DDR4 ECC); high-end AMD EPYC 7002/7003 or Intel Xeon Scalable 3rd/4th Gen (32+C, 256-1024 GB RAM).

Verifying Core Count On-Site

The first thing to do once a server is delivered is to physically verify that the hardware you paid for actually arrived. If the contract says 32 GB of RAM but dmidecode reports 16 GB, that is a discrepancy you must report to the provider with written evidence.

RAM: ECC, Speed, and Population

Server RAM should always be ECC (Error-Correcting Code). ECC automatically corrects single-bit errors and detects double-bit errors with a warning. At yearly operational scale, non-ECC memory leads to silent data corruption — especially under heavy I/O and long-running processes. Consumer-grade memory (DDR4/DDR5 non-ECC) is unacceptable in a server.

On the speed side, as of 2026 DDR4-3200 ECC RDIMM is the standard, while DDR5-4800/5600 ECC is default on the new generation EPYC and Xeon Scalable platforms. The more critical point is modules per channel: 1 DPC (DIMM-per-channel) runs at full speed, while 2 DPC typically derates. Choosing 4x64GB instead of 8x32GB can preserve bandwidth.

Before the server goes into production, run at least one full pass of Memtest86+. Even a single error can be the herald of corruption silently growing on disk. In production, regular tracking with edac-util should be automated.

Disk Subsystem: NVMe, SATA SSD, SAS, HDD

Modern dedicated servers offer four disk classes, each with its own role. Putting the wrong disk in the wrong tier is the most common money-wasting pattern.

  • Enterprise NVMe (PCIe 4.0/5.0): 1M+ IOPS, GB/s-level throughput. High-QPS databases, WAL, in-memory cache backing.
  • SATA / SAS SSD: 50-100K IOPS, 500-700 MB/s. General-purpose application disks, log volumes, mid-load databases.
  • SAS HDD (10K/15K RPM): Low IOPS, high capacity. Archival, cold data, backup target.
  • SATA HDD (7200 RPM): Cheapest $/GB. Only meaningful for cold storage and backups.

When buying a server, look at endurance (TBW — Total Bytes Written). Consumer NVMe drives sit around 600 TBW; enterprise NVMe (Samsung PM9A3, Intel D7-P5520, Micron 7450) offer 1.8-3.5 PB endurance at 1 DWPD (Drive Writes Per Day). Under write-heavy workloads, a consumer drive will be exhausted in 6-9 months.

Compare the measurements you get with fio against the contract's promises. If the vendor lists "NVMe" but you cannot even hit 50K random IOPS, then either cache is off, a consumer-grade drive was installed, or the disk is suffering severe write penalty at some RAID level.

RAID Levels and Practical Choices

RAID is the disk-grouping technique used to balance performance, capacity, and durability. Picking a level without knowing what each one is good for results in either lost capacity or lost data.

  • RAID 0: Striping. Maximum speed and capacity, zero durability. A single disk failure wipes the entire dataset. Only for replicated/recoverable cache.
  • RAID 1: Mirror. Each piece of data is written to two disks. Read speed increases, write stays the same. Capacity is halved. The typical pick for OS volumes.
  • RAID 5: Striping + single parity. With n disks you get n-1 capacity. Tolerates one disk failure. Rebuild time on large disks takes days; not recommended on modern enterprise.
  • RAID 6: Double parity. Tolerates two disk failures. The risk-aware successor to RAID 5 on large disks.
  • RAID 10: Mirrored stripe. The most common enterprise choice. Performance + durability. Capacity is halved but there's no write penalty.
  • ZFS RAIDZ1/Z2/Z3: Software-layer multi-parity. Snapshots, compression, and checksums included. Gold standard for NAS scenarios on Linux/FreeBSD.

In local provider packages, RAID 1 (with 2x SSDs) and RAID 10 (with 4x SSDs) are the most common options. Hardware RAID controllers (Dell PERC H7xx, HPE Smart Array, Broadcom MegaRAID) preserve write performance via their own cache and BBU; software RAID (Linux mdadm, ZFS) brings flexibility and visibility. On modern NVMe systems, hardware RAID becomes a speed bottleneck; mdadm or direct NVMe access is preferred.

Network: Port Speed, Traffic Limits, IP, Anycast

In Turkey's dedicated server market, network configuration is the line item that varies most across packages. The annual bill is most often determined by port speed and traffic quota. The practical landscape:

  • 100 Mbps unshared: Typical in entry-level packages (e.g. Radore Dedicated 01-05). Traffic is usually unlimited.
  • 1 Gbps unshared: The standard at the mid-segment. Either unlimited traffic (e.g. Hosting Dünyam) or tiered quota after 10 TB (e.g. Natro Xtreme).
  • 10 Gbps unshared: High-end or colocation. Streaming platforms, large download/CDN origins.
  • Burst: Some packages offer 100 Mbps committed + 1 Gbps burst; this prevents long-running heavy use.

Exceeding the traffic limit results in one of two things: either the port speed is throttled, or you're charged per GB. The latter must always be quantified in the contract. International providers typically have 10-30 TB quotas; unlimited traffic is more common in the local market.

IP allocation: A standard package usually gives 1 IPv4 + /64 IPv6. Additional IPv4 is now monthly-billed due to RIPE's IP scarcity — around 30-100 ₺/month per IP locally (roughly $1-3 USD/month). If multiple services need separate IPs for TLS certificates, SNI solves that; scenarios that genuinely require multiple IPs are rare.

DDoS Protection: Local and International Filtering

DDoS is a business-stopping threat, especially for game servers, e-commerce, and news sites. The protection numbers advertised by Turkish local providers are usually given as volumetric (Gbps): 40-50 Gbps domestic and 200-450 Gbps international are typical. Those numbers represent total attack capacity, not capacity dedicated to your IP.

For multi-layer protection, leading edge players like Cloudflare, Imperva, and Akamai are used. For a detailed strategy, see our Multi-Layer Protection Against DDoS Attacks guide. Before trusting the "DDoS protection included" line from a server provider, ask the SLA for the actual mitigation latency and scrubbing capacity.

IPMI, iDRAC, iLO: Out-of-Band Management

The least-discussed but most critical feature on a dedicated server is out-of-band management. Even if the OS won't boot, the kernel panics, or the network card drops, you can connect to this interface via HTTPS or KVM-over-IP, enter the BIOS, reinstall the OS, and grab a console screenshot. By vendor:

  • Dell iDRAC (Enterprise/Datacenter): Web UI, virtual media (ISO mount), HTML5 KVM. Redfish API is standard on iDRAC 9.
  • HPE iLO (5/6): Similar scope. Federation support manages multiple servers from a single interface.
  • Supermicro IPMI: Simpler, JNLP/HTML5 KVM. Some older versions had security issues.
  • Lenovo XCC: On the ThinkSystem line. Redfish, OneCLI support.
  • Generic IPMI 2.0: ASRock Rack, Tyan, Gigabyte, etc. Compatible with the standard ipmitool.

IPMI must always be placed behind a dedicated VLAN or VPN. A public-facing IPMI port is one of the highest-risk exposures; auth bypasses have happened on Supermicro IPMI in the past. Local providers typically expose IPMI behind their own management VLAN via SSH tunnel or VPN.

OS Installation and the First Hours

When a server is delivered, the provider usually ships it with a base OS pre-installed. That default install should never be left on for production — if you didn't set the root password yourself, it's unclear when the provider's image was last patched and with which packages. The first task is a full reinstall.

  • OS choice: Ubuntu LTS (22.04, 24.04), Debian 12, Rocky/AlmaLinux 9, Windows Server 2022 are common picks.
  • Bootstrap: SSH key auth, root login disabled, fail2ban, ufw/firewalld, automatic security updates.
  • Kernel tuning: sysctl network and VM parameters tuned to the workload.
  • Time sync: chrony or systemd-timesyncd; critical for log correlation.
  • Monitoring agent: Prometheus node_exporter, Datadog agent, or Netdata install.
  • Backup agent: restic, borg, or the provider's snapshot service.

For step-by-step application of these items, our Linux Server Administration Basics and VPS Security Hardening guides apply directly. For additional SSH-side protection, see our Fail2ban SSH Brute Force Protection article.

SLA Reading Guide: Separate the Marketing from the Contract

The provider's homepage will say "99.99% uptime." That number alone is meaningless; never sign without reading the SLA document. Three questions to ask:

  • What does it cover? Just power/network, or hardware failure and service response time as well? Network 99.99% + Hardware 99.80% is a common phrasing.
  • How is it measured? ICMP ping, TCP/443, from the provider's own measurement point? "Up to 60 minutes of downtime per month" is 99.86% — verify the formula.
  • What happens on breach? Credit (discount on a future invoice), refund (back to your bank account), or contract renewal rights?

A typical 99.99% uptime corresponds to a maximum of 4 minutes 23 seconds of downtime per month. 99.9% is 43 minutes per month. 99% is 7 hours 12 minutes per month — unacceptable for most production workloads. If you don't believe the SLA is realistic (e.g. single data center, single upstream, no documented generator testing), the figure on paper is just advertising.

Hardware Replacement Response Time

How long does it take for a failed disk to be replaced? In Turkey's local market, 4 hours business hours, 8 hours after-hours is a common promise (Radore SLA example). For mission-critical workloads, 4 hour 24/7 or NBD (next business day) options are open to negotiation. Colocation customers typically get a contractual time backed by the provider's spare-parts inventory.

Turkey Local Provider Landscape

Customers in Turkey searching for dedicated server turkey generally have two geographical preferences: Istanbul (high Tier III data center density, latency advantage) and Ankara/Izmir (proximity to government institutions, lower customer density). Notable players in the local ecosystem — as vendor-neutral editorial information — include Radore, Natro, Turhost, IHS Telekom, Hosting Dünyam, Dorabase, İsimTescil, Vargonen, Türknet, and brandname among others.

  • Local data centers: Vodafone DC, Türk Telekom, Equinix IS1/IS2, Atlas/IDC, and provider-specific facilities. Critical for organizations expecting KVKK and data residency compliance.
  • Latency profile: 5-15 ms to end users in Turkey; 30-50 ms to Europe (Frankfurt); 130-180 ms to the United States.
  • Billing currency: TRY or USD. To track exchange rate volatility, TRY quotes are preferred; USD pricing is more predictable long-term.
  • VAT: Discount rights exist for corporate customers; tax matters should be clarified before signing.

Price Ranges and Budget Line Items (2026)

The price ranges below are approximate values compiled from publicly listed prices in the local Turkish market; they vary by provider, contract length, and payment terms. They should be treated as 2026 reference data; always request a fresh quote before signing.

  • Entry-level (Xeon E3, 16-32 GB RAM, 2x SSD, 100 Mbit-1 Gbit, unlimited traffic): around 2,500-3,500 ₺/month (roughly $75-105 USD/month)
  • Mid-segment (Xeon E5-2620v4 or Silver 4210R, 32-64 GB DDR4 ECC, 2x480 GB SSD RAID 1, 1 Gbit): around 3,000-5,000 ₺/month ($90-150 USD)
  • Enterprise (Silver 4214R / Silver 4314, 64-128 GB DDR4, 2-4x SSD, 1 Gbit guaranteed): around 5,000-7,500 ₺/month ($150-225 USD)
  • High-end (Xeon Gold 5218R / EPYC 7402P, 128-256 GB, NVMe array, 10 Gbit or colocation): 8,000-15,000+ ₺/month ($240-450+ USD)
  • GPU dedicated (consumer-GPU + APU mindset): 2,500-3,500 ₺/month ($75-105 USD) — true datacenter GPU (A100, L40S) is contract-specific
  • International (Netherlands, Germany): $60-100 USD/month entry, $200-400 USD mid-segment

Other line items that add to the total cost of ownership: extra IPv4 (30-100 ₺/IP/month, roughly $1-3 USD), managed service packages (1,000-5,000 ₺/month, $30-150 USD), traffic overage (per-TB billing), additional backup target (200-1,000 ₺/month, $6-30 USD), DDoS premium protection (500-3,000 ₺/month, $15-90 USD), hardware upgrades (RAM, NVMe, additional ports), dedicated IPMI VPN, and static public IPv6 blocks.

Managed vs Unmanaged Service

In an unmanaged contract, the provider only handles power, network, hardware replacement, and cabinet/cabling issues; everything from the OS up is your responsibility. A managed contract typically includes OS updates, basic web server configuration, control panel assistance, monitoring, and basic security hardening. The managed package adds an additional 1,000-5,000 ₺ ($30-150 USD) per month.

  • Unmanaged: You have an in-house DevOps team, you don't want to lose control, and you run a custom stack.
  • Semi-managed: Only OS patches and hardware monitoring; the application side is yours.
  • Fully managed: Enterprise customer, 24/7 support required, managing a SaaS or control-panel-based site cluster.
  • Co-managed: The provider's team is granted privileges for specific hours/actions; runbook is contractual.

What a managed contract actually does must be written in a SOW (Statement of Work). "Unlimited support" is marketing language; in reality, monthly ticket caps, response time by severity, and out-of-scope actions must be itemized.

Comparison with Colocation

In the colocation model, you buy or bring the server yourself and rent only rack space, power, and network from the provider. Past a certain scale, colocation begins to be cheaper than rental on a TCO basis.

  • 1U half rack: 1,500-3,500 ₺/month ($45-105 USD; varies by provider and power draw).
  • 1U full (220V/16A): 2,500-5,000 ₺ ($75-150 USD).
  • Half rack (22U): 12,000-25,000 ₺ ($360-750 USD).
  • Full rack (42U): 25,000-60,000+ ₺ ($750-1,800+ USD).
  • Network: Additional pricing from 100 Mbit to 10 Gbit upstream.
  • Cross-connect: Monthly fee for fiber connections to ISPs, IXPs, or other customers.

The advantages of colocation: you choose the hardware (Dell PowerEdge, HPE ProLiant, Supermicro, custom Ryzen build), you own the refresh cadence, and at 5-year amortization it comes in cheaper than rental. The downsides: upfront investment, hardware failure risk (you keep spare parts), and hourly fees for remote hands. It's worth considering at scales of 5+ servers.

Bare-Metal Cloud: A Third Option

There's another category between traditional rental and cloud: bare-metal cloud. AWS Bare Metal Instances (i3.metal, m5.metal), Hetzner Robot, OVH Bare Metal, Equinix Metal, Latitude.sh — all provision physical machines via cloud-like APIs in minutes. Local providers offering this model in Turkey are also growing.

  • Hetzner AX/EX series: Germany/Finland, AMD Ryzen + EPYC, NVMe; among the price-performance leaders.
  • OVH Advance / Scale: Wide European portfolio, anti-DDoS premium included.
  • Equinix Metal: Global locations, per-minute billing, programmable infrastructure.
  • AWS Outposts / Bare Metal: AWS ecosystem advantage; high price tag.
  • Local bare-metal API: Some Turkish providers now offer server provisioning via REST API.

Bare-metal cloud is appealing for teams that want programmable infrastructure with Terraform/Ansible. For detailed IaC, our Terraform Infrastructure as Code and Ansible Server Automation guides are good starting points.

Contract Checklist

In the vast majority of cases where the contract isn't read line by line before signing, gray areas get interpreted against the customer at the first incident. The following items must always be explicitly written:

  • Scope: Which hardware, which brand/model, how many disks, how many IPs — in clear figures.
  • SLA: 99.9% / 99.99% — for what coverage, how measured, and what compensation on breach.
  • Spare parts: Replacement time, spare stock guarantee, return of old parts.
  • Data ownership: When the contract ends, what remains on disk, who deletes it, and is there certified erasure (NIST 800-88)?
  • Backup: Are snapshots included, at what frequency, what retention in days, and what restore time?
  • Exit: Contract termination procedure, transition support, final invoice.
  • KVKK: Data controller / processor relationship, list of sub-processors, cross-border transfer.
  • Force majeure: How natural disasters, war, and internet infrastructure outages are defined.
  • Payment: TRY/USD, FX lock, billing period, late-payment interest, service-suspension period.
  • Hardware upgrades: RAM/disk addition procedure, downtime, fees.
  • Traffic overage: Per-TB rate, throttle policy, billing cycle.

Monitoring: Temperature, IPMI Sensors, SMART

A dedicated server hands the hardware layer (which a VPS abstracts away) back to you — and along with that gain comes responsibility. The following four monitoring layers should be installed in production from week one:

  • OS metrics: CPU, RAM, disk, network — node_exporter / Datadog / Netdata.
  • Hardware sensors: Temperature (CPU, ambient), fan RPM, voltage — via IPMI.
  • SMART: Disk wear-out, reallocated sectors, pending sectors — with the smartd daemon.
  • Network: Packet loss, retrans, RTT — Smokeping / Prometheus blackbox_exporter.
  • Log aggregation: journald + Loki / ELK; see the ELK Stack guide.

For detailed setup, our Server Monitoring with Prometheus and Grafana guide is helpful. On top of that, alert routing (Alertmanager → Slack/PagerDuty/SMS) should be added; a hardware alert lost for hours is the start of a chain that ends in a RAID rebuild or a disk failure.

Backup and Disaster Recovery

A dedicated server is a single point of failure unto itself. Cases that exceed even a disk RAID array are real: motherboard failure, PSU explosion, cooling loss, fire, or a KVKK data extraction request. Don't rely on the contract — always set up a backup strategy that follows the 3-2-1 rule.

  • 3 copies: Production + 2 backups.
  • 2 different media: Local disk + remote object storage.
  • 1 off-site: At a different data center or provider.

An untested backup is not a backup. Unless the restore procedure is exercised live once a month, no one can guarantee that the backups will actually open on disaster day. Backup strategy is a discipline in its own right — review the PITR and incremental models in our Database Backup Strategies guide.

Security Hardening: From Kernel to Network

Because a dedicated server runs at the lowest layer where there's no hypervisor abstraction, you're expected to manage the attack surface yourself. OWASP Top 10 2026, SQL Injection Prevention, and XSS and CSP address the application side; parallel hardening at the server level is mandatory.

Restricting SSH access to keys only and protecting it with fail2ban is step one. Geo-blocking with iptables/nftables, port knocking, or pulling all management access behind WireGuard VPN — that's not production readiness; that's the baseline.

Performance Tuning Quick Notes

Hardware muscle alone doesn't equal performance. Default kernel settings create bottlenecks for most workloads. The points below are always the first places to look in a performance audit.

  • CPU governor: performance mode (the default powersave introduces latency).
  • I/O scheduler: none/mq-deadline for NVMe; mq-deadline for SATA SSD.
  • Transparent Huge Pages: Disabled for databases (PostgreSQL, MongoDB, Redis); enabled on general app servers.
  • Network buffers: net.core.rmem_max, wmem_max set to 16-64 MB.
  • BBR congestion control: net.ipv4.tcp_congestion_control = bbr improves high bandwidth-delay product links.
  • NUMA pinning: numactl --cpunodebind=0 --membind=0 for locality of hot processes.
  • SMT (HyperThreading): Disabled performs better on some database workloads.

On the web-server side, Nginx or Apache tuning is its own discipline: our Nginx Configuration and Nginx vs Apache guides start there. On the database side, our PostgreSQL Performance Optimization and SQL Query Optimization articles are foundational for production readiness.

Virtualization: One Physical, Many VMs

Often a dedicated server is purchased but only one application doesn't run on it — a hypervisor like KVM, Proxmox VE, VMware ESXi, or Hyper-V is installed, and VMs are deployed on top as needed. This approach is the most pragmatic way to fully utilize the hardware's CPU/RAM capacity.

  • Proxmox VE: Open source, KVM + LXC, web UI, integrated ZFS. The gold standard for SMBs and mid-scale.
  • VMware ESXi: Enterprise, with vSphere clustering, vMotion, DRS. License costs are high; reassessment period after Broadcom changes.
  • libvirt + KVM: CLI/Terraform management. For DevOps-minded teams.
  • Docker / Kubernetes: An alternative approach via the container stack. See Deploying Applications with Docker and Kubernetes Basics.

Installing Proxmox on a single dedicated server and running 8-12 VMs on top of it can be cheaper than 5-6 separate VPSes for small teams; however, the server is a single point of failure. If high availability is needed, a Proxmox cluster of at least 3 physical nodes or a Kubernetes control plane is mandatory.

GPU Dedicated Server

For AI training/inference, video transcoding, 3D rendering, and hash-power-heavy workloads, a GPU-equipped dedicated server is its own special category. Two types of offers exist in the local market: consumer-GPU machines (RTX 4090, RTX 5080, AMD APU integrated) — focused on rendering and game servers; and datacenter-GPU machines (NVIDIA A100, H100, L40S) — focused on AI workloads, with contract-specific pricing.

  • Consumer GPU in the 2,500-5,000 ₺/month range ($75-150 USD); no datacenter-class warranty, driver support varies.
  • NVIDIA A100 / H100 at 50,000+ ₺/month ($1,500+ USD); allocation and special contract at most providers.
  • Power & cooling: 350-700W per GPU; the rack power budget must be checked.
  • NVLink/NVSwitch: Critical for multi-GPU performance; not every provider offers it.

On GPU servers, GPU memory/utilization monitoring should be set up via nvidia-smi, nvtop, and nvidia-dcgm-exporter. Compatibility between the CUDA version and the application framework (PyTorch, TensorFlow) must be confirmed in advance.

Backup Server, Failover, and High Availability

A single dedicated server, whether under a 99.99% SLA or housed in a Tier IV facility, is always a single point of failure. For production workloads, a failover scenario with a second server should be considered. Three main architectural patterns:

  • Active-Passive: The second server continuously receives replication; when the primary goes down, it's brought online via a DNS/BGP change. RTO 5-30 min.
  • Active-Active: Two servers run in parallel, with a load balancer splitting traffic. Replication is bidirectional; complex but RTO 0.
  • N+1 cluster: 3+ node clusters (Kubernetes, Proxmox HA, Galera). A single node going down has no impact.

For all these models, it's preferable that the two physical servers not be in the same data center; a power or network event in the building takes both out at once. You can rent servers in geographically separate facilities and set up DNS-based failover (Cloudflare Load Balancer, AWS Route 53) or BGP anycast.

Migration: Moving from an Existing System to Dedicated

Migrating from a VPS, shared hosting, or another dedicated provider to a new dedicated server has three phases: preparation (OS + application stack install, static content copy on the new server), synchronization (database replication, incremental file rsync), and cutover (DNS TTL reduction, final sync, switch). A well-planned migration can finish with 30 minutes of downtime.

During migration, the database is the most sensitive component. If replication isn't available, you can avoid falling back to pg_dump/mysqldump by using logical replication, binlog streaming, or blue-green deployment to prevent data loss. For details, see our MySQL vs PostgreSQL and database backup articles.

Compliance and Data Residency

A significant portion of organizations processing personal data under KVKK require data to remain within Turkey's borders. SaaS companies serving banking, healthcare, and government carry this requirement into their contracts. Renting a dedicated server is the cleanest way to satisfy this compliance requirement — the provider's data center address, role as data processor under KVKK, and list of sub-processors must be documented in the contract.

  • VERBİS registration: Mandatory in the data controller capacity. The provider sits in the data processor position.
  • Data Processing Agreement (DPA): Obligations of the parties, breach notification, data deletion procedure.
  • ISO 27001 certification: Expected baseline for the provider.
  • PCI-DSS: If you process card data, the provider's facility must also be compliant.
  • Certified disk destruction: When the contract ends, request certified erasure under the NIST 800-88 or DoD 5220.22-M standard.

Common Mistakes and Pitfalls

Distilled from dozens of customer migrations and audits, the most frequent mistakes in dedicated server rental:

  • Overestimating compute: Renting a 32-core server to run a single-threaded PHP app. CPU sits below 5% and inflates the bill.
  • Relying on swap instead of RAM: SSD swap is not performance; it converts to OOM-kill risk.
  • RAID ≠ Backup: RAID protects against disk failure, not ransomware/deletion/operator error.
  • Leaving IPMI exposed to the public: Auth bypass + malicious firmware injection cases are real.
  • Not reading the SLA in the contract: The gap between marketing page and contract is often a 0.5-1% uptime difference.
  • Locking into a single provider: Difficult migration weakens your hand in provider negotiations.
  • Not inventorying hardware on acceptance: Mismatch between contract spec and actual hardware gets dismissed later.
  • Not testing backups: The chasm between "we take backups" and "we can restore from backup."
  • Neglecting the exit strategy: By when can you retrieve data? How many days after contract end is the disk wiped?
  • Leaving DDoS to the provider: Without an edge layer (Cloudflare/Imperva), local mitigation can't handle most modern attacks.

Decision Flow: VPS, Dedicated, Cloud, Colocation

You can work through six questions to decide which model to pick. The answers don't yield a single right choice; they set the scale based on your priorities.

  • 1. Performance consistency critical? Yes → Dedicated/Bare-metal cloud
  • 2. Provisioning speed in minutes? Yes → Cloud / Bare-metal cloud
  • 3. Monthly traffic 10 TB+? Dedicated bandwidth is cheap
  • 4. KVKK / data residency required? Physical in Turkey or local cloud
  • 5. 5-year plan and hardware amortization? Colocation is appealing
  • 6. Low DevOps maturity? Managed VPS / managed dedicated

You don't have to make this decision alone. Each scenario has its own economic break-even point; the answer changes with industry, scale, and technical team capacity. During professional infrastructure planning, simulation, price-performance modeling, and real POCs (proof-of-concept) save six-figure annual mistakes.

Practical Provisioning Scenario: From Zero to Production

A practical flow for renting a new mid-segment dedicated server (Xeon Silver 4214R, 64 GB DDR4 ECC, 2x960 GB NVMe RAID 1, 1 Gbps unmanaged) and bringing it live:

  • Day 0: Contract signed, hardware racked, IPMI credentials sent.
  • Day 0 +30min: BIOS currency check via IPMI, Secure Boot status check, RAM scan (Memtest86+ pass 1).
  • Day 0 +2h: OS install (Ubuntu 24.04 LTS, optional full disk encryption), SSH key, ufw, fail2ban, automatic updates.
  • Day 1: Baseline via Ansible playbook (users, monitoring agent, log shipper, backup agent, time sync).
  • Day 2: Application stack (Nginx + PHP-FPM + PostgreSQL or Docker Compose), staging dataset import.
  • Day 3: Stress test (siege, k6, fio), performance baseline recorded.
  • Day 4: DNS cutover (TTL 60s), production traffic gradually opened.
  • Day 7: Alert thresholds fine-tuned with live dataset, runbook authored.
  • Day 30: First restore drill (restore from backup to a different server), SLA metric report.

To go deeper into Ansible playbooks, follow our Ansible Server Automation guide. For CI/CD integration, our GitHub Actions CI/CD guide is helpful.

Cost Modeling: TCO Calculation

The monthly sticker price is only one piece of the real cost. A 36-month TCO (Total Cost of Ownership) model clarifies the rental vs colocation decision. The following items go into the table:

  • Monthly rental / colocation × 36 months
  • Hardware amortization (for colocation): upfront investment divided over 36/48 months
  • Additional IPv4, premium DDoS, backup target, monitoring SaaS
  • Managed service fees (if any)
  • Traffic overage (against forecasted TB)
  • Personnel cost: will your own DevOps team manage it?
  • Migration risk: if you can't renew at month 36, the migration cost
  • Hardware refresh (colocation): RAM/disk failure, refresh after 5 years
  • Tax: VAT, customs (overseas hardware)

General rule: single server, less than 24-36 months of use, limited DevOps team → rental. 5+ servers, 36+ months, strong DevOps → colocation. The line shifts depending on the provider and hardware prices; don't decide without putting your scenario in a table.

After the Contract: Renewal and Hardware Refresh

After the first 12-24 months, the provider usually proposes auto-renewal. At this point there are three options:

  • Renew on the same terms: Hardware also stays the same; after 4-5 years the CPU generation will be aged.
  • Hardware upgrade: New-generation CPU (Xeon Scalable 4th/5th Gen or EPYC Genoa), DDR5, PCIe 5.0 NVMe — performance increases 2-3x while pricing typically stays similar.
  • Provider change: Should always be a negotiating lever. Test the new provider with a POC and migrate during a 30-day transition window.

A hardware refresh decision can't be made without quantifying how much it will move the total performance budget. Moving NVMe from PCIe 4.0 to 5.0 increases sequential read from 7 GB/s to 14 GB/s; but if your application isn't already using 3 GB/s, you won't feel the difference. Refreshes are made against measured bottlenecks.

Resources and Further Reading

Dedicated server consulting and deployment support

For end-to-end infrastructure support — hardware selection, contract review, provisioning, hardening, monitoring, and disaster recovery planning — get in touch with us

Written by

Founder and principal engineer of KEYDAL. Serving enterprise clients in hosting, software development and SEO since 2026.

Related Articles

Readers of this article also read these

hosting 28 min

How to Buy Reseller Hosting: Packages, Pricing and Setup Guide

Everything you need to know before buying reseller hosting: WHM/cPanel vs DirectAdmin vs Plesk, package comparison, 2026 pricing ranges, white-label setup, WHMCS billing automation and profitability strategies for hosting resellers.
hosting 27 min

Port Lookup and Checker Guide: Open Ports, Testing Methods and Internet Diagnostics

What is port lookup? How to check which ports are open, run network diagnostics, and query internet infrastructure data. nmap, telnet, netcat, PowerShell and CGN/NAT explained end-to-end. 2026 data.
hosting 26 min

Where Is .com Used? Complete Guide to .com and .net Extensions

Where .com is used, what .com means, .com vs .net differences, website extensions, registration process, SEO impact and 2026 price ranges — end-to-end technical guide.
WhatsApp