On Sat, Dec 13, 2008 at 10:23 AM, Benjamin Zachary - Lists <[email protected]> wrote: > I guess the overall question is what is required on our end to make this > scenario work ...
As MBS says, the right way to do this is with IP routing. You obtain your own IP address space from an IP registry. You obtain an ASN (Autonomous System Number) from IANA. You configure your routers with various connections to clueful Internet providers. You advertise routes to your Internet providers using BGP. If a connection fails, the rest of the world routes around it. If you need to a fail over an entire site, you adjust your interior routing appropriately. > I was also looking at global dns providers which apparently offer this kind > of masking service ... Failover using DNS trickery is not nearly as reliable as failover using IP routing. DNS trickery will almost always encounter situations where some do not see the tricks the way you want them to. Generally due to caching. Normal caching, deliberate caching beyond TTL by some systems, or other weird side-effects of the way DNS works keeping cached records alive longer than you want. If you're okay with a random minority of users not being able to fail over when you want them to, DNS trickery is fine. If so, you don't need expensive devices or services. You just need some scripts which change DNS records when a failure is detected. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
