FIRST OF ALL, HAPPY NEW YEAR!
I have a need to setup a failover link from my DC to DR for a project. The setup at dc is such that we have following:
Cisco 2811 router-->Checkpoint UTM-->L3 switch--> App and DB server.
( the web server is hosted at DMZ in UTM)
The setup at DR will comprise of following:
Cisco 2911 router-->fortinet 100D-->L3 switch -->App and DB server
(web server in DMZ in UTM)
The DC and DR will have a dedicated P2P link between them. This system will be accessed by external client organizations through a p2p link to our DC (app server access), whereas the web server will be accessible through internet.
Here i need to create a setup where if one of the server fails the services will be switched over to DR link and delivered from there. (for both webserver and app server) and failback when the link to DC is restored.
At the DB level, we have sql mirroring capabilities to setup the failover through the p2p link. Please suggest me on this. i am new to failover technologies. I was suggested that a vpn can be setup for the failover monitoring but i am not clear on the process.also the protocols to be used and other alternate solutions we may have for the requirement.Need to configure failover for both web server (internet) and app server& DB server (closed nw).
We have a single ISP link and single set of devices at each site currently.
looking at your drawing, to be honest I don't know if a network failover will be the right solution. You don't have redundant links, so the better solution seems to me to set up some sort of failover cluster at the server level. What is the trigger for the failover, server reachability, server load, or something else happening on the server ?
you could use Cisco's IP SLA to track the reachability of certain UDP and/or TCP ports. It depends on how the routing on the DC router is set up. IP SLAs work with (static) routes, so if your servers at the DC site are directly connected, you cannot override that with static routes unless you shut down the entire interface.
Can you post the configuration of the DC router ?
I don't think you can (and want to) achieve this by any Cisco or network related failover. Simply because a network failover means EVERYTHING fails over, and since you have several servers, you need to set up the failover on a more granular level. Microsoft Cluster failover would be a good example...
What are your servers running on ?
definitely, I would recommend to set up a cluster. That gives you very granular control over which services to monitor, and when to failover. In addition, a P2P link is permanent, so it is perfect to send keepalives between the cluster members.
as far as I recall, the servers in the cluster share a logical name. It can be compared to Cisco's HSRP standby address, which is an IP address shared by multiple routers.