We're about to colo in a remote facility. The services provided are time-critical and very high traffic, but do not require a large IP allocation. I have an AS from ARIN, but have nowhere near the IP utilization requirements to justify a full /24 delegation, much less a direct /22 ARIN assignment. The core question here is how can we implement redundancy and load-sharing if we cannot justify a /24 delegation from the ISP? Even is we could justify the delegation, I've heard that most ISP's will not allow you to advertise a different provider's IP delegation. We're only talking about 35 - 50 IPs at the site.
If that is true how do most organizations handle service-provider redundancy and load-sharing with small IP spaces? We will be pushing a very high volume of time critical traffic and want service-provider redundancy. So what does that leave me with? I must assume other people have these type of requirements. We have a very high-bandwidth application but as a startup I cannot afford 6500 series gear. My best ROI comes from 3750s right now, but they do not support assigning a NAT for each providers IP space to each virtual IP. Is the only option to upgrade to 4500 or 6500's in order to NAT at very high traffic volumes (few hundred Mbs)? Is there a solution I'm not aware of?
Jesse, it is true that most ISPs will not allow anything less than a /24. Here is a great white paper on BGP multi-homing.
Have you ever thought about just hosting your app with a provider?
If you go with a provider, a lot of your HA/Redundancy issues go away. I can't speak to how small organizations do it--I have only worked at large organizations that had their own address space from ARIN.
Its true that the internet society doesn't allow less than a /24 to be advertised to the internet backbone, but the problem is that for you to have redundancy with 2 providers via BGP, you need at least a /24 PI (Provider Independant) address space, but i think that RIPE for example can take this scenario as a justification, please try to contact them for clarification.
Unfortunately while the minimum block size for BGP advertisements is /24, the minimum block for end-user IP assignments is a /22. This thoroughly knocks us out of consideration for a direct delegate from ARIN/RIPE, etc...
It certainly looks like we'll remain single -homed until we can get a larger router like a 4500 or 6500, I was just hoping there was a solution that I didn't know about.
Thanks for your assistance,
I think that the minimum block of /22 is in the case of LIRs not for end-users, kindly check it out.
Here ya go, I checked it before I came to the site to ask questions today. ;)
22.214.171.124 Multihomed Connection
For end-users who demonstrate an intent to announce the requested space in a multihomed fashion, the minimum block of IP address space assigned is a /22. If assignments smaller than a /22 are needed, multihomed end-users should contact their upstream providers. When prefixes are assigned which are longer than /20, they will be from a block reserved for that purpose.
Micro-allotments of /24 are available in certain circumstances, but only if you provide a critical internet service.
We have a customer that is undergoing this scenario (only a /24 address space allocation with redundancy through us and another provider), i'll try to check it out for you.
Apply to ARIN for a /22. That is the best solution to your problem. We were able to get a /22 with much less hassle than I expected. We do have two sites, but don't come near the specified address requirement. It is at least worth a try -- no guts, no glory I always say.
Do you use a load balancer like a CSS? That would let you set up multiple virtual IPs NAT'd to the same backend services.
Please rate helpful posts.
How much of that /22 is utilized in the justification? based on how you phrased that it sounds like you didn't meet the 25% immediate utilization requirement, did they authorize the assignment without that? This will be our second co-location, third direct-internet access point, and by the end of the year our original DC will be multi-homed as well, so this might be an option.
I'd like nothing more than to handle this without BGP until we achieved a size where it was more justified. Unfortunately I haven't seen a load-balancer within my budget that will pass the traffic levels I need to be ready for through NAT. I would even be fine implementing a direct-route LB through NATs on the router, but I believe the lowest level router that will support that is a 4500, which is another few months out.
I'm currently routing between two ISPs using BGP with two /24 network segments that are provided by the ISPs without issue.
The only requirements I had were to provide the ISPs with the networks I would be advertising out each link and then do a route registration with Arin to state that which provider ASNs my ASN would be peering with.
Talk to your primary provider, tell them what you need, and find out what solutions they can offer.
You can also 'pad' your Arin allocation request by stating that you have 50 hosts now, will have 76 within a year, then assign two class C networks as being broken out as used for private vendor/customer communication to prevent RFC1918 network space overlap. Then assign some more as being assigned for VPN user IPs or whatever.
Thank you, very helpful. I hadn't been taking several of those uses into account. Taking the whole organization into account changes the picture significantly with no padding at all.
Thank you much,