Multisite Redundancy for Internet Traffic

Unanswered Question
Aug 25th, 2007

Dear All,

We have has two office with Dual Internet Links at both the locations

Both the office are also connected over dual DS3 links for data replication.

All the four internet links (Two each from office1 and office2) are in active mode.

There are four IP Blocks of /25 running individually on each link.

Requirement is to segragate the LAN traffic of browsing (To Public cloud) and incoming web server access

(from Public cloud) to run on different links at both the offices.

e.g Office1 has got two links:-

In Normal Scenario - Link1 should be used for browsing only

Link2 should be used for Web access incoming traffic only

In case Link1 fails - Link2 should carry both browsing (Outgoing) and web access (Incoming) traffic.

Same should be true for Link1 if Link1 fails

Scenario2 - When both the Links (Link1 and Link2) of Office1 fails traffic (Browsing and web access)

should flow on the DS3 link to Office2 and should start working from there.

Same scenario should be possible for any link failure in Office2 also.

i.e If both the links fail in Office2 traffic should be routed from Office1 internet links.

All the internet links are having ethernet interface as the handoff.

Pls advice with example how can we achieve this type of configuration....(Will it be PBR+BGP or PBR+GRE+Floating Static route or -----?)

Attached architecture for reference.

Regards

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Joseph W. Doherty Sat, 08/25/2007 - 06:55

Sorry, there's insufficient information to provide more specific recommendations. However, options on how you might solve this also depend on what you have in regard to publicly registered Internet address blocks and ASs, and what routing you're doing both internally and externally. Often the more difficult issue for Internet link failure is not redirecting your traffic outbound, but insuring the Internet sees the failover path for inbound. Something you didn't clarify, as to requirements, is when all of one site's Internet link connections fail, whether you also expect the traffic, that redirected through the other site, to also keep the link path split.

deepakbihari Sun, 08/26/2007 - 03:03

Dear All,

ISP is same for both the sites.

Yes traffic should split on other links in case either link fails at office1 or office2

Regards

Joseph W. Doherty Sun, 08/26/2007 - 04:49

If the ISP is same for both sites, I presume you may not have a registered address block nor AS. If correct, you'll probably also need cooperation from your ISP to accomplish your goal. They'll need to support the redirection of your /25s on their side too.

Again, without additional details on how you're routing, difficult to offer options, and additionally, might need to know what your ISP is actually doing too.

Also again, if tight integration with what your ISP is doing is necessary, have you discussed this with them?

The good news is I believe you can accomplish what you require; implementation might be a bit complex.

anandramapathy Mon, 08/27/2007 - 01:51

You can do this with BGP + PBR with the above given url

Ask the ISP to send a Default route via BGP.

At each site, configure the best Default outbound route via set local-preference option with the appropriate weightage.

For incoming traffic set the priority for each IP range by using the set as-path prepend option

Run IBGP between the 2 Links for ROute Redundancy & configure PBR if you want to do policy based routing individually at each sites.

Run EBGP Multihop between the 4 Routers, using the internal DS3 Link instead of routing the Traffic via the ISP to reach the other site. This can be accomplished using a static Route.

Actions

This Discussion