Multihoming with Comcast and AT&T

Unanswered Question
May 29th, 2008

Has anyone successfully multihomed their site between Comcast and AT&T or similar types of WAN services? I currently have a broadband connection coming from Comcast and a 4xT1 connection from AT&T that I would like to use to divide primarily http requests and also for failover if necessary. The Comcast connection would be a Business Class 16Mbs down and 2Mbs up. The AT&T connection is 6Mbs up and 6Mbs down and would be our primary WAN connection. AT&T actually manages a 2800 series router on our premise. I have Linux firewall inside of that to do internal routing and NAT to the 2800 router. I have an ASA 5510 that I could swap in for the Linux box if that would make things easier.

Thanks,

Mark

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Richard Burts Thu, 05/29/2008 - 18:12

Mark

I have recently done something for a customer that I believe is very close to what you are describing. In our situation the customer has a dual T1 as their main Internet connection. They also have a Comcast Business class cable connection. Normal routing of traffic is through the T1s and we use Policy Based Routing to identify HTTP traffic from inside and send it over the cable modem connection. If the cable modem stops working the HTTP traffic goes over the T1s. And if the T1s stop working internal traffic will fail over to the cable modem. They have an outside router that terminates the T1s and the cable modem and feeds a pair of redundant PIX firewalls. It has been up for a couple of weeks and so far is doing well. As I understand it so far the main difference between their environment and yours is that they own and manage the outside edge router where yours is managed by AT&T.

HTH

Rick

mnleblanc Fri, 05/30/2008 - 04:12

Rick,

This is pretty much what I am attempting to do. I do have a few questions at this point. Does this customer host anything that would also be accessible from the outside through the Comcast connection? If I place an 871 broadband router inside the cable modem and then cable that and the AT&T 2800 router to separate interfaces on my Linux box, or possible my ASA 5510, could I reach my solution that way?

Thanks,

Mark

Richard Burts Fri, 05/30/2008 - 05:58

Mark

With my customer most of what would be accessed from outside is on a hosted site. As currently running there is not anything accessed from outside through the Comcast connection. We are planning to implement Remote Access VPN access through Comcast (as a backup to the existing Remote Access VPN through the T1s).

For this to work some box must take care of routing to the T1s, routing to Comcast, failover routing if one of those fails, separating traffic sending most to the 2800 and some to Comcast, and taking care of the appropriate address translations. If you are comfortable doing that in the Linux box then your suggested topology would work ok. In our case it was better to do that in a router - but we do have the advantage that we did not have to work around a managed router as part of the service.

HTH

Rick

mnleblanc Fri, 05/30/2008 - 06:57

Rick

Thanks again, I think it's time for me to put my head down in some documentation and see if I can hammer out the details. It does help me to know that you have made this work.

Mark

Richard Burts Fri, 05/30/2008 - 10:27

Mark

It is certainly doable. Have a go at the documentation. If you have more questions let me know.

HTH

Rick

Actions

This Discussion