Edward Muller wrote:
On Sunday 13 November 2005 12:03 pm, kashani wrote:
Edward Muller wrote:
You will need at least 3 ip addresses. One ip for each box and one
'floating' ip for the services (like http, smtp, pop, etc). Having the
boxes at two separate ISPs is impossible since you won't be able to get
them to fail over the 'floating' ip address, unless they really know what
they are doing (both of them).
It's not a matter of the ISP's knowing what they are doing. It's that
no ISP will announce a host route, x.x.x.x/32 into BGP. And if any ISP
is retarded enough to announce it, no other ISP will accept it. So
unless you're prepared to shift at minimum an entire class C,
x.x.x.x/24, from one colo to the other any sort of IP sharing scheme is
impossible.
That's true. I spoke too soon and wasn't thinking, much. :-) But the point is
still valid that failing over an ip address (or even a lot of them) is a
non-trivial task that requires co-operation from your ISPs.
There are a number of interesting things you can do here if you have
larger systems.
1. Three sets of IP's. colo1 IPs, colo2 IPs, and the virtual IPs. You
announce the virtual IPs out of both sites. When something breaks that
site withdraws the virtual IPs from its BGP announcement. As long as
your failure determining mechanism works well you get complete failover
in about 30-90 seconds depending on BGP timers.
2. two sets of IP's. colo1 and colo2. Each announces its own space and
not the other site's space. When a failure is detected the working site
announces the broken site's space. However once you start doing this
it's hard to tell when the other site starts working again unless you've
got some back way into the system.
Both are variations on what you originally suggested. The hardest part
in both cases is telling which site is working so that you are actually
failing over to the right site. If your process is screwy you can knock
yourself right off the net. Also you don't want to be too hasty in your
BGP magic and have your routes flapping up and down or your upstream
will become unhappy.
I've know people that do #1, but they have a very specific data set
that doesn't update very often. I've actually moved an entire ISP using
#2, but it was far from automatic and needed a huge amount of baby
sitting. Having the ability to do that move allowed us the time to do
major maintenance without downtime and theoretically survive the total
loss of a single site.
kashani
--
[email protected] mailing list
