[169555] in North American Network Operators' Group
RE: ISP inbound failover without BGP
daemon@ATHENA.MIT.EDU (Ray)
Mon Mar 3 22:07:45 2014
From: Ray <sixsigma44@hotmail.com>
To: Matthew Crocker <matthew@corp.crocker.com>, Eric A Louie <elouie@yahoo.com>
Date: Mon, 3 Mar 2014 21:31:56 -0500
In-Reply-To: <5CE853F6-C5FB-46A9-94D9-11E4617CA849@corp.crocker.com>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Depending on their business=2C using dynamic DNS providers could be a reall=
y bad idea. If they deal only with home users who won't even know=2C it'll =
probably work. If their customers are security-aware businesses=2C they pro=
bably block all sites hosted with dynamic DNS systems.
Ray
> Subject: Re: ISP inbound failover without BGP
> From: matthew@corp.crocker.com
> Date: Mon=2C 3 Mar 2014 20:50:26 -0500
> To: elouie@yahoo.com
> CC: nanog@nanog.org
>=20
>=20
>=20
> Depends on the application=2C =20
>=20
> SIP=2C VPN=2C SMTP=2C etc just setup both IPs and let the end-user applic=
ation figure it out (SIP-UA register to both IPs for example)
>=20
> HTTP/HTTPS setup a proxy server in a colo that is multi-homed to frontend=
the requests. Then it can load balance traffic over both IPs.
>=20
> DNS TTL =91tricks=92 are just that=2C they work =91kinda=92
>=20
> Fatpipe? Crazy expensive IMHO but I hear they work ok.
>=20
> -Matt
>=20
> --
> Matthew S. Crocker
> President
> Crocker Communications=2C Inc.
> PO BOX 710
> Greenfield=2C MA 01302-0710
>=20
> E: matthew@crocker.com
> P: (413) 746-2760
> F: (413) 746-3704
> W: http://www.crocker.com
>=20
>=20
>=20
> On Mar 3=2C 2014=2C at 8:11 PM=2C Eric A Louie <elouie@yahoo.com> wrote:
>=20
> > This may sound like dumb question=2C but... I'm used to asking those.
> >=20
> > Here's the scenario
> >=20
> > Another ISP=2C say AT&T=2C is the primary ISP for a customer.
> >=20
> > Customer has publicly accessible servers in their office=2C using the A=
T&T address space.
> >=20
> > I am the customer's secondary ISP.
> >=20
> > Now=2C if AT&T link fails=2C I can provide the customer outbound Intern=
et access fairly easily. So they can surf and get to the Internet.
> >=20
> > What about the publicly accessible servers that have AT&T addresses=2C =
though?
> >=20
> > One thought I had was having them use Dynamic DNS service. =20
> >=20
> > Are there any other solutions=2C short of using BGP multihoming and hav=
ing them try to get their own ASN and IPv4 /24 block?
> >=20
> >=20
> > It looks like a few router manufacturers have devices that might work=
=2C but it looks like a short DNS TTL (or Dynamic DNS) needs to be set so w=
hen the primary ISP fails=2C the secondary ISP address is advertised.
> >=20
>=20
>=20
=
