cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
367
Views
0
Helpful
6
Replies

Dual homing products/methods without using BGP

e.cormier
Beginner
Beginner

I have 2 internet t1 lines with different public ips on each. Is there a way to have a dual-homed solution without a BGP configuration. I am familar with that process, get an ASN, register with arin.... Not a good option for a small company that is just looking for a little reduancy/load balancing. I am thinking somewhere in the vast product lines of cisco there is a way to do this.

Somehow nat to a certain IP on a per connection basis and then route it out that isp's router. Maybe do a ping test or check the load on a line and then setup the connection. Maybe some of the CSS products can do this? Or using a few router features, policy routing, qos.... At the high end, I know Radware has a product that can do this.

thanks

Ed Cormier

CCNP

CCS-1

6 Replies 6

thisisshanky
Advisor
Advisor

Hi,

Radware is one good solution for your case...

But in case you want a Cisco solution, using NAT, policy routing etc, you could achieve outbound load sharing, but inbound load sharing is not guaranteed, for which you ll need to rely on BGP.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

stalk
Beginner
Beginner

There is a company called FatPipe that offers a product that will allow you to multi home your office without BGP. It is simply a tweaked version of DNS that allows it to work ( Similar to Round Robin, but with a stateful watch on the hosts behind it ). kind of pricey but no need for BGP.

vcjones
Contributor
Contributor

There are multiple ways to create a dual-homed solution without the use of BGP. Whether or not they will work for you will depend upon what you need to keep running when one of your two lines fails, whether or not you need to keep running if a line stays up but the ISP behind it fails, acceptable service disruption when a failure occurs, and perhaps most important, what services actually need to be kept running during a failure (it's one thing to allow internal users to continue surfing the Internet, quite another to keep video streaming from your web server to a browser out on the Internet). Available budget will also need to be considered.

There is a brief overview of the range of options in the "Multihoming -- connecting to two ISPs" white paper on my web site. Be forewarned that maintaining a reliable web presence (so that the public can reach your servers) generally requires BGP due to faulty implementations of DNS caching that are common around the Internet. Email, on the other hand, requires no effort at all other than defining a backup server in your DNS MX records.

Another approach to consider is outsourcing your web and DNS servers (which can have the side effect of greatly improving performance if your site gets popular) and using a low end, no BGP solution (such as Nexland Pro800 Turbo) to provide reliable access from your internal users to the Internet.

Good luck and have fun!

Vincent C Jones

www.networkingunlimited.com

Vincent,

can you elaborate on "faulty implementations of DNS caching that are common around the internet"?

Are you referring to caching DNS servers (or browser/OS dns caches) not respecting the TTL? Or are there other things to consider?

tia

Herbert

The primary problem in this application is "disrespect" for the DNS TTL. Whether this is considered a "fault" might be subject to debate, but the bottom line is that any design which depends upon a particular value of DNS TTL is doomed before it starts. This can be nasty, because the approach may appear to work during testing, and may actually work for some percentage of actual users when put into production, but Murphy's Law tells you that the one client for whom it does not work will be the most important one that you cannot afford to lose.

Vincent C Jones

www.networkingunlimited.com

n-meadows
Beginner
Beginner

Two solutions to your problem that I know of:

1. Big Ip (F5 Networks I think), for a Unix based solution.

2. Cisco Distributed Director.

Both a ridiculous price, both use DNS manipulation by becoming authoritative and manipulating via 'round robin', 'busy connection' and/or a number of other conditions which you can set. The CCS 11000 can do much the same and more, again very expensive but an excellent solution in a box.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: