cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1048
Views
0
Helpful
4
Replies

Data center and GSLB

bermawer1
Level 1
Level 1

Hi,

I am relatively new to data center design and implementation.

I am designing a Intranet data center with active and standby sites which are 20 miles apart. One site (DC1) is active and all the user requests must be forwarded to this site.

The other site (DC2) does not accept any request from users while DC1 is up. In case of DC1 goes down or an Application or database server goes down, a failover of application happens, and all user requests must then be forwarded to DC2. Once the DC1 comes up the DC2 should go to standby mode and users must connect now to DC1. Im using 3 tier architecture for servers. In the 2nd tire I have got web servers and many other servers which will be accessing database servers located in 3rd tier.

We are using 6500 on both sites with firewall, CSM. Database servers are placed behind an external firewall as shown below.

DC1 (similar setup on DC2)

Dual Network Core

|

MSFC

|

FWSM --- CSM---------web and other servers

|

|

Firewall

|

DB servers

My concerns are.

1.Is this design including the placement of CSM correct?

2.What about IP addressing. Should I design different IP networks on DC1 and DC2 switches?

3.Do i need to run HSRP between the DC1 and DC2?

4. Application load balancing is my main concern. Can i use RHI? Will it work when CSM is place behind the firewall?

5. Can I use GSLB on CSM? Can u please provide a sample config for GSLB for Active and standby kind of setup

Plz can any one post standard design for Active/Standby datacenter design with GSLB config.

Thanx

4 Replies 4

Gilles Dufour
Cisco Employee
Cisco Employee

1.. this is a standard design - no problem there.

2.. you did not tell how you connect DC1 to DC2.

This is important to answer Q2 and Q3.

If you have a Layer 2 link, then you can use same ip addressing and you can use HSRP.

If this is L3, then you need different addressing and you can't use HSRP.

4.. RHI simply insert a static route in the MSFC routing table. The MSFC should then be configured to redistribute the static into the routing protocol. The information does not go on the wire, so the FW can't block the communication between CSM and MSFC.

The route will point to a CSM ip address.

So you will need another route to point this address to the firewall.

Honestly, I did not try it, but I believe it should work.

5.. We do not recommend using GSLB on the CSM. You should look for the GSS [Global Site Selector].

Gilles.

hi,

Thanx for the reply.

1.I was planning for a L3 Etherchannel between DC1 and DC2. But the im still have an open option to replace L3 channel with L2 or add another L2 link. what would you suggest which option would be better how its goin to affect other design parameters.

2. Since RHI install route on MSFC when it is directly connected to MSFC. I have a firewall between, Im not sure what cisco say about RHI with FWSM? any link??

3.We will be only having 2 sites with purely one active and another standby. so i believe CSM GSLB is a bette choice.

Biggest hurdle im facing is about Application failover. Imagine a DB server goes down in DC1, the DB server in DC2 reconiges the failure and becomes active on its own. However network will know about this? How user trafice will automatically directed to DC2???

Is GSLB the solution? is there some other solution?

thanx

I just did a test, and the MSFC will not install the route given by the CSM if they do not share a common vlan.

So, for RHI, the CSM must be connected to the MSFC.

For the applicaiton failover, you can use probes on the CSM. The CSM will probe both app server in DC1 and DC2.

If DC1 server fails, CSM1 can start using server in DC2.

If this is HTTP, the CSM could send a redirect to the client to force it to go to CSM2.

Otherwise, with GSLB, you can tell the CSM to respond to dns queries with CSM1 vip address, but when the app server fails, respond with address of CSM2 VIP.

That's the goal of GSLB.

Gilles

hi,

Can CSM send probes outside its server and client vlan. For example in my setup can it send probes to DB server which are away from CSM and seperated by 2 firewalls?

2.In one specific application, I have some Terminal servers behind CSM, which will be used to access DB servers.

In normal operation

users connect --- Terminal server on DC1--- Term server connect to DB server on DC1

But the when DB server on DC1 fails, user should not connect to termial server of DC1 (even though they are up), They must connect to terminal server on DC2

i.e

users connect---Terminal server on DC2-- terminal server on DC2 connect to DBserver on DC2.

This is becoz application on terminal server on DC1 cannot provide access to DB server on DC2 and vice versa

So network should treat DB servers failurs aslo as terminal server failures on a particular datacenter and all the traffice to those terminal server must be redirected to other datacenter

I hope im able to explain situation peoperly.

3. can u plz forward a link with sample GSLB config, and whether GSLB will work with my situation mentioned above

Thanks

Review Cisco Networking for a $25 gift card