redundant wan

redundant wan
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
redundant wan =?Utf-8?B?YXJjaGll?= 02-11-2008
---> Re: redundant wan David H. Lipman02-11-2008
---> Re: redundant wan David H. Lipman02-11-2008
`--> Re: redundant wan Dobromir Todoro...02-11-2008
Posted by =?Utf-8?B?YXJjaGll?= on February 11, 2008, 10:23 am
If you were  Registered and logged in, you could reply and use other advanced thread options
We have two connections to the internet (1 T1 and 1 DSL) setup for redundancy
purposes on a router with 2 wan ports. These connections both have their own
pool of IP addresses. Our name resolution is setup to point to IP addresses
bound to the T1. We recently had a situation where our T1 went down and we
had to disable that WAN port on our router until it was available again. In
this process we found that we needed to setup a second ftp subdomain
(ftp2.mydomain.com) and tell our customers to use that name.

My question is how can we make it so that we don't have to notify our
customers to use the other subdomain should this happen again without having
to make dns changes. In other words, if ftp.mydomain.com is bound to our T1
on 65.1.1.1 and out T1 goes down, what would we need to do to make sure
ftp.mydomain.com goes through our DSL line bound to 64.1.1.1 (IP addresses
are not real, just examples).

Would we need to change our topology, or is there a way to set a secondary
IP or route for our dns names? Any feedback is much appreciated.

Thanks,
Marc

Posted by David H. Lipman on February 11, 2008, 4:55 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

| We have two connections to the internet (1 T1 and 1 DSL) setup for redundancy
| purposes on a router with 2 wan ports. These connections both have their own
| pool of IP addresses. Our name resolution is setup to point to IP addresses
| bound to the T1. We recently had a situation where our T1 went down and we
| had to disable that WAN port on our router until it was available again. In
| this process we found that we needed to setup a second ftp subdomain
| (ftp2.mydomain.com) and tell our customers to use that name.
|
| My question is how can we make it so that we don't have to notify our
| customers to use the other subdomain should this happen again without having
| to make dns changes. In other words, if ftp.mydomain.com is bound to our T1
| on 65.1.1.1 and out T1 goes down, what would we need to do to make sure
| ftp.mydomain.com goes through our DSL line bound to 64.1.1.1 (IP addresses
| are not real, just examples).
|
| Would we need to change our topology, or is there a way to set a secondary
| IP or route for our dns names? Any feedback is much appreciated.
|
| Thanks,
| Marc

This is a networking question, not a security question.
Plaese ask in a networking or router based news group.

Off the bat, I'd say you need a Router with with two WAN ports.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Posted by David H. Lipman on February 11, 2008, 5:41 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

< snip >

|
| Off the bat, I'd say you need a Router with with two WAN ports.
|

I forget to mention that two WAN port Router should perform Load Balancing.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Posted by Dobromir Todorov on February 11, 2008, 7:45 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
First and foremost, your FTP server should be on an IP address (space) which
sits *behind* the T1 and ADSL links, not on the same address space as the
actual link addresses (which are typically point to point, /30s). You then
advertise (using BGP or static routes - on the ISP side) the FTP server IP
address across both links, one of them preferred, the other one - backup.
The provider will use the preferred link.

I guess the problem you are having is that you are advertising using BGP (or
your ISP is doing this) your IP address space 64.1.1.1 on the T1 link but
not on the ADSL link; when you WAN link is down, clients no longer know how
to reach the address space, advertisied on the T1. Assuming that this is the
same ISP, you can ask them to put a floatign static route for your FTP
server's IP address space to your ADSL port (which they are unlikely to do,
as they typically don't do that on ADSL links).

If the T1 and ADSL links are not from the same ISP, it is amazingly complex
to configure routing - you need to understand BGP multihoming, and metric
manipulation to do that, as well as portable and non-portable IP address
spaces... NAT will be rquired as well... So you better not go this way.

--
---
HTH,
Dobromir

Visit http://www.iamechanics.com

>
> < snip >
>
> |
> | Off the bat, I'd say you need a Router with with two WAN ports.
> |
>
> I forget to mention that two WAN port Router should perform Load
> Balancing.
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
>
>



Similar ThreadsPosted
redundant enterprise CA January 9, 2008, 10:41 am

The site map in XML format XML site map

Contact Us | Privacy Policy