Date: Mon, 29 Jun 1998 23:18:19 -0400 From: Luis Munoz <lem@cantv.net> To: Tim Tsai <tim@futuresouth.com> Cc: Luis Munoz <lem@cantv.net>, Bo Fussing <bmf@gateway.net.hk>, Evren Yurtesen <yurtesen@ispro.net.tr>, freebsd-isp@FreeBSD.ORG Subject: Re: cisco Message-ID: <3.0.5.32.19980629231819.03a1f9a0@pop.cantv.net> In-Reply-To: <19980629194051.08954@futuresouth.com> References: <3.0.5.32.19980629092935.03b12830@pop.cantv.net> <Pine.BSF.3.96.980629091443.2917C-100000@finland.ispro.net.tr> <Pine.LNX.3.96.980629145211.10591J-100000@gate.gateway.net. hk> <3.0.5.32.19980629092935.03b12830@pop.cantv.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 07:40 PM 29/06/1998 -0500, Tim Tsai wrote: >> You can use 'policy routing' on your cisco to divert web traffic to your >> proxy, specially if you have little bandwidth. This also protects you from >> the death of your proxy, which is another support nightmare. > > Hmm, how does this protect from the death of the proxy server? If you >policy route port 80 traffic to the proxy sever, and the proxy server >dies, what happens? I am unaware of any mechanisms to provide redundancy >this way (short of something like Cisco's localdirector). Your proxy can advertise a route to a virtual interface using an IGP towards the cisco. The cisco can specify multiple next-hops for policy routed traffic. You can list the first next-hop as being the virtual interface in your proxy and the second one, an address in a stable external network, reachable either via a local default or a BGP learnt route. If the proxy dies, the advertisements cease and the router loses its ability to reach the virtual interface in the server. From that point on, all traffic will be sent outside following defaults or BGP routes because of the second next-hop in the policy route. You can also configure policy routing to use standard routing if the next-hop is not reachable. Both mechanisms would work, though I tend to prefer the latter. A local director doesn't work if you have a single proxy but it's a nifty feature to support multiple proxies. It gets trickier, however, to configure a fail-over but can also be done. Regards, -lem To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.19980629231819.03a1f9a0>