[119136] in North American Network Operators' Group
Re: Failover how much complexity will it add?
daemon@ATHENA.MIT.EDU (adel@baklawasecrets.com)
Sun Nov 8 15:17:44 2009
To: <nanog@nanog.org>
Date: Sun, 08 Nov 2009 20:17:03 +0000
From: adel@baklawasecrets.com
Reply-To: adel@baklawasecrets.com
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Thanks Seth and James,
Things are getting a lot clearer. The BGP multihoming solution sounds like=
exactly what I want. I have more questions :-)
Now I suppose I would get my allocation from RIPE as I am UK based?
Do I also need to apply for an AS number?
As the IP block is "mine", it is ISP independent. i.e. I can take it with =
me when I decide to use two completely different ISPs?
Is the obtaining of this IP block, what is referred to as PI space?
Of course internally I split the /24 up however I want - /28 for untrust ra=
nge and maybe a routed DMZ block etc.?
Assuming I apply for IP block and AS number, whats involved and how long do=
es it take to get these babies?
I know the SSG550's have BGP capabilites. As I have two of these in HA mod=
e, does it make sense to do the BGP on these, or should I get dedicated BGP=
routers?
Fixing the internal routing policy so traffic is directed at the active BGP=
connection. Whats involved here, preferring one BGP link over the other?
Thanks again, I obviously need to do some reading of my own, but all the su=
ggestions so far have been very valuable and definitely seem to be pointing=
in some
fruitful directions.
Adel
On Sun 6:31 PM , "James Hess" mysidia@gmail.com sent:
> On Sun, Nov 8, 2009 at 11:34 AM, <adel@
> baklawasecrets.com> wrote:[..]
> > connections from different providers I would
> still have issues. =C2=A0So> I guess that if my primary Internet goes dow=
n I
> lose connectivity> to all the publicly addressed devices on that
> connection. Like> dmz hosts and so on. =C2=A0I would be interested
> to hear how this> can be avoided if at all or do I have to use the
> same provider.
> You assign multi-homed IP address space to your publicly addressed
> devices,which are not specific to either ISP. You announce to both ISPs, =
and
> you accept some routes from both ISPs.
>=20
> You get multi-homed IPs, either by having an existing ARIN allocation,
> or getting a /22 from ARIN (special allocation available for
> multi-homing), or ask for a /24 from ISP A or ISP B for
> multihoming.
>=20
>=20
> If Link A fails, the BGP session eventually times out and dies: ISP
> A's BGP routers withdraw the routes, the IP addresses are then
> associated only with provider B.
>=20
> And you design your internal routing policy to direct traffic
> within your network to the router with an active BGP session.
>=20
> Link A's failure is _not_ a total non-event, but a 3-5 minute partial
> disruption, while the BGP session times out and updates occur in other
> people's routers, is minimal compared to a 3 day outage, if serious
> repairs to upstream fiber are required.
>=20
>=20
> --
> -J
>=20
>=20
>=20
