Cisco Support Community
Community Member

Redundant internet link

The UAB Health System network is part, but separate from the uab campus network. The campus is basically our ISP. The drawing above shows the existing link (all the devices that are not highlighted in red). We are planning to add redundancy to our internet link. One option is to use another Hospital which is connected to the same fiber plant with us. Ideally, we would have these two links and be able to maintain our current DNS names which is a sub-domain off the uab campus domain ( Is this possible.


Re: Redundant internet link

A picture which did not require a specific vendor's operating system and application to view would have been much more useful... but I'll attempt to answer your question anyway.

Your picture focuses on physical connectivity, which is the easy part. Your challenge is the routing connectivity, which in an environment like this usually means BGP. If both and are already multihomed with their own ASN, and you are part of's ASN, then it is simply a matter of working out the details with childrens and all ISPs involved to advertise your IP address ranges to Children's and having them pass them upstream to their ISPs.

Depending upon how have allocated their IP address ranges, and what arrangements they have with their ISPs, you will probably have to jump through some configuration hoops to avoid having all your traffic coming through Children's. You also have not mentioned if Children's wants to use you as an alternate route to the Internet.

On the other hand, if all you care about is getting access to the internet with no BGP involved (so your users can surf, but there are no services inside your organization (other than email) which must be accessed from the outside, an automated NAT scheme could do the job.

Almost any combination is possible, but a thorough understanding of BGP is essential in order to send traffic via the routes you want. Keeping your DNS names is a separate issue, and should be easy unless you have a weird setup, even if you wind up using a completely new range of IP addresses (which I doubt you want to do :-)

At the risk of sounding self-serving, your best bet is to sit down with a competent consultant who understands the issues involved in redundant ISP connectivity and pay for some good advice. (Hint, if the conversation starts with a presentation of their solution to your problem, rather than probing questions into what the problem really is, you're talking to a sales droid rather than a consultant. Don't let the title on the business card fool you!)

Unfortunately, there are a lot of unanswered questions in your question which influence the choice of an appropriate solution, from how your upstream choices are connected to their ISPs to what services you want to support and with what availability and security and cost. There is no "perfect" technology, and you will need to make tradeoffs and decisions based on what is most important to your users and what they can afford.

Good luck and have fun!

Vincent C Jones

Community Member

Re: Redundant internet link

BGP issues will be handled between and

At this point I'm trying to determine if the Children's redundancy is even an option. I assume the BGP stuff "technically" can be worked through. I'm not sure how the DNS stuff will be. Our network had an internal DNS that using the DNS as a slave. (Network Registrar) I'm thinking that all names (ours being will resolve to the authoratative server. Therefore if the link is down, having a redundant link with will be of now benefit??


Re: Redundant internet link

You have a wide range of options for DNS which you will need to negotiate with For example, you could host a top level ( DNS inside your LAN, which would make resolution available even if went off line, or you could provide transit services so an existing DNS could be reached through your Children's link (one of the challenges which will need to be dealt with in your BGP config is limiting transit traffic to what you want to transit your network). Another option is to have Children's serve up top level on their DNS server.

Again, a lot will depend upon where and how you set up the connectivity. The key is that DNS is designed to work in a distributed, not so well connected environment, so you won't have protocol and consistency problems that have to be hacked to get the solution to work. It will take an understanding of your current environment and working relationships to set it up properly, but the problems are political rather than technical. Of course, you also realize that some of the most intractable networking challenges are political rather than technical...

Good luck and have fun. I've contributed about all I can without a consulting contract to pay for it, but one final suggestion is to move your questions over to the Network Infrastructure area where more BGP and DNS people hang out.

Vincent C Jones

CreatePlease to create content