Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1050
Views
0
Helpful
2
Replies

Primary/DR site - WAN connectivity

ramch1981
Level 1
Level 1

‎07-13-2009 01:37 PM - edited ‎03-04-2019 05:25 AM

Hi,

I am designing Primary and DR sites. Both site will be connected with internet provided by same Service Provider. Both sites switches will also connect with eachother through fiber optics.DMZ on both sides will have same sevices i.e. DNS, Web, SMTP Relay etc and other Applications that will be accessed from internet. Firewalls on both sites will be doing NAT for these serversand actual public IP addresses will be on firewalls. You can see physical topology in diagram attached.

Now i am confused on how everything will work.

What i am thinking is i will get one public ip address pool from service provider and configure one lan between routers and firewals of both sites as these all devices are connect with switches and switches are connect with each other.I will configure public ip addresses for services on both sites. Then i will run ebgp with service provider on both sites and ibgp and any igp in aforementioned lan. I will advertise this public ip pool to service provider from both sites and will advertise this network with high priority from Primary site.

Now first tell me is it right approach for my scenario. Internal users will also access these services But currently i am focused on external part. If this is right approach then here i am confuse,for example, for web servers on both sites i will have to different ip address. Now i configure in DNS server two ip address for same website. if any user access website from internet, he will get only one ip address against url from his dns. As per my understanding if that server is down still user will keep sending request on same ip address as this ip is saved in its cache. so how to resolve this issue.

I am expecting your positive response.

Regards

Labels:
Preview file
152 KB
0 Helpful
2 Replies 2

ramch1981
Level 1
Level 1

‎07-14-2009 11:49 PM

Anyone please answer....

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to ramch1981

‎07-15-2009 06:02 AM

Hello Ram,

I think a link between primary site and DR is needed also for database replication of the different servers that are in primary and DR site.

So an internal link may be needed

the DR edge router could use BGP conditional advertising to advertise the public IP address block when primary stops to advertise it.

So a link between the edge routers can be needed too with an iBGP session on it and it can be the one I see in the picture.

see

http://www.cisco.com/en/US/docs/ios/iproute/configuration/guide/irp_bgp_basic_net_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1055661

There is no use for the DR site to be alive when primary site is alive.

How the edge routers can detect the failure via the ASA is the most difficult part:

a BGP session can go through the ASA and can allow to primary to advertise public block if the internal subnets of primary site are alive.

(to be tested)

each server has to be mapped to a single public ip address and only one has to be active.

Hope to help

Giuseppe

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card