05-27-2003 10:43 AM - edited 03-02-2019 07:40 AM
Here is the scenario: We have our main site with 2 ISP connections, our own /24 external subnet and AS number. We are running BGP on the router connecting us to the ISP's. We are looking to bring up a "warm" site for our DR Plans. What is the best choice for setting this up? We are considering either having the backup site use the same subnet as the primary with route suppression or we can use our /28 subnet (new for hotsite link) and use a DNS redirection approach. Any suggestions?
05-27-2003 04:02 PM
The problem with using DNS for failover is DNS caching. A lot of DNS servers will ignore your TTL values and cache your DNS entries, potentially for days. This causes big problems when you try to failover via updated DNS entries -- a lot of networks will continue to use your old entries because they're cached somewhere.
We use a separate /24 at our two sites and always announce them both from each site. The metrics are such that site-A's route for it's address block is preferred over site-B's route for site-A's block, and vice-versa for site-B. If site-A fails, both of site-B's routes become preferred. Then we use NAT at site-B to translate traffic destined to site-A IP addresses to the respective IP addresses in site-B's block.
05-28-2003 06:24 AM
DNS redirection can be problematic for disaster recovery unless you have control over all DNS caches involved. BGP routing will work if you can guarantee that the backup site will never takeover while the primary is still functional. This can be hard to guarantee under all possible failure modes, so the usual approach is to either require manual intervention to initiate failover or ensure that both systems can provide service simultaneously without introducing database inconsistencies (load sharing with automatic failover).
There is discussion of the various approaches and their shortcomings in Chapter 11 of my book High Availability Networking with Cisco. You should also read Marcus & Stern's Blueprints for High Availability for the coverage of the application level aspects (which make the networking aspects appear trivial).
Good luck and have fun!
Vincent C Jones
05-29-2003 04:54 AM
Consider using conditional advertisement in BGP so the backup site doesn't advertise the overlapping routes unless the primary site has failed.
http://www.cisco.com/warp/public/459/cond_adv.html
Russ
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide