Date: Mon, 30 Sep 2002 15:04:05 -0400 From: Chuck Swiger <cswiger@mac.com> To: <freebsd-isp@FreeBSD.ORG> Subject: Re: Multihoming alternatives Message-ID: <6430B9FF-D4A7-11D6-A6AC-000A27D85A7E@mac.com> In-Reply-To: <000901c268a7$91bec160$2615c518@psknet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Monday, September 30, 2002, at 01:34 PM, Troy Settle wrote:
>> On Behalf Of Chuck Swiger
>> > On Monday, September 30, 2002, at 11:58 AM, Paul Keith wrote:
>>> [ ... ]
>>> In which case, your easiest bet is to run two data lines (DS-1's or
>> whatever) in a redundant topology from one provider. With Cisco routers,
>> I believe the term is "DHRP". The obvious problem is that if your
>> upstream provider goes down, you're out of service. However, you can
>> survive a failure of either data link or a local router, which covers
>> several probable failure modes.
>
> Are you talking about HSRP (Hot Standby Router Protocol)?
That's it, thanks. I've been dealing with too many TLA's recently.
["Three Letter Acronyms". Yes, HSRP has four letters. Don't confuse me.
:-)]
> Yes, this is a viable solution. Get loops from one provider to 2 separate
> parts of their network, then use 2 routers on your network with HSRP.
> Your
> traffic should be fairly well balanced, and protected against the
> failure of any one router or loop.
If available in your region, Paul, try to get your local loops through two
different ILECs, going to two different CO's. That way, you're going
through different access routers on your providers' side.
> While this is ideal, except for the 'single provider' part, it's not the
> only way to do it. You could just as easily do this with a single,
> non-redundant, router.
Sure. Single point of failure, though.
[ ... ]
> Assuming that you already have a T1 from one provider, get a second T1
> from another provider, then get a full /24 from one of them, which any
> Tier-1 provider will do without question when you mention that you
> intend to run BGP-4 with 2 separate providers.
Yes, although a /24 isn't guaranteed to be globally routable.
> The only thing you need from ARIN, is an ASN, which they will hand over
> without question once you use 'multihome,' 'bgp,' and 'multiple
> providers' in the same sentence.
Well, once you've paid the $500 for the ASN, and submitted an address
space justification request, anyway.
>> DNS should round-robin the A records if you list several, but
>> that still isn't perfect, since dumb clients won't, but it's better than
>> nothing. Besides, if you do have a significant outage that will take
>> at least hours to fix, you can adjust your DNS to disable the downed IP.
>
> There's been a number of discussions on this topic before, and I believe
> that the general concensus is that using a DNS round-robin is not even
> close to an ideal redundancy solution and should be avoided at all cost.
Paul was asking about methods which did not involve BGP. DNS round-robin
is free, so I'd say "it should be avoided if you're willing to pay for
something better".
> There are ways to do this with a /29 from each provider and running 2
> identical networks side-by-side, save for the IP addresses used. In
> this scenerio, DNS1 would only return addresses on it's own network, and
> DNS2 would do the same thing, with neither returning IP addresses on the
> other network. The only thing to consider here, is your routing setup,
> it could get quite ugly quite fast.
You could configure NAT for the second IP block. That would simplify the
routing issues, since you can NAT routable IP addresses (from the first
block) exactly as you'd NAT RFC-1918 addresses. But thatis not as
desirable as being properly multihomed.
-Chuck
Chuck Swiger | chuck@codefab.com | All your packets are belong to
us.
-------------+-------------------+-----------------------------------
"The human race's favorite method for being in control of the facts
is to ignore them." -Celia Green
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6430B9FF-D4A7-11D6-A6AC-000A27D85A7E>