[c-nsp] internet redundancy [7:99340]
Kern, Tom
tkern at CHARMER.COM
Mon May 16 09:18:42 EDT 2005
i need access from the internet to each site.
The NYC site has 400 users.
The Albany and Buffalo sites have 50 users each.
Here's what I'm lookin for-
Currently all sites use the NYC site's frame-relay for internet access(outgoing and incoming). The other sites just got internet access with their own isp's(frame-relay).
I would like each site to use their own internet connection for outgoing internet access. I want to set up redundancy so that if say, Buffalo's internet router or link or firewall should go down, they will be rerouted to the Albany or NYC site for internet access. The same would hold true for the other sites.
If i can get this set up with minimal pain, i would then look at achieving the same thing for incoming access. So if someone is trying to get to a webserver in Albany, but Albany's isp or router is down, they would be able to get to the website thru NYC or buffalo. I think this would involve using some DDNS solution as well, though.
I hope that kinda clears things up.
thanks for your help and interest in this.
Dom wrote:
> Still slightly confused. Sorry the provide moew questions not answers
> at this stage -
>
> Do you host at one site or all?
>
> How many users at each site?
>
> Are you trying to get -
>
> Resiliance between sites?
>
> Resiliant connections to the Internet?
>
> Resiliance to where your Internet facing hosts?
>
> Some/All of the above?
>
>
>
> Best regards,
>
> Dom
>
>
> -----Original Message-----
> From: nobody at groupstudy.com [mailto:nobody at groupstudy.com] On Behalf
> Of Kern, Tom
> Sent: 15 May 2005 22:51
> To: cisco at groupstudy.com
> Subject: RE: [c-nsp] internet redundancy [7:99340]
>
> yup.
> web,smtp,dns,ftp,etc.
> the only thing i get from my isp is a frame to the CO and depending
> on the site(albany and buffalo), a couple of public ip's
>
> In NYC(where i'm at), we have an entire class c network of our own.
> thanks
>
>
> -----Original Message-----
> From: Dom [mailto:dom at sysdom.demon.co.uk]
> Sent: Sunday, May 15, 2005 5:45 PM
> To: Kern, Tom; cisco at groupstudy.com
> Subject: RE: [c-nsp] internet redundancy [7:99340]
>
>
> And apart form resilient Internet connectivity, do you do your own
> hosting etc?
>
> -----Original Message-----
> From: nobody at groupstudy.com [mailto:nobody at groupstudy.com] On Behalf
> Of Kern, Tom
> Sent: 15 May 2005 22:33
> To: cisco at groupstudy.com
> Subject: RE: [c-nsp] internet redundancy [7:99340]
>
> 3 lans. the internet routers are NOT the same as the internal routers.
> Seperate internal routers with the T1's to each other.
> The internet routers are outside the firewalls.
> the 3 sites are Albany,Buffalo,and NYC.
> NYC is connected to Albany, Albany to Buffalo,Bufffalo to NYC.
> All point to point T1's. 3 isp's.
> thanks
>
> -----Original Message-----
> From: Dom [mailto:dom at sysdom.demon.co.uk]
> Sent: Sunday, May 15, 2005 2:39 PM
> To: cisco at groupstudy.com
> Subject: RE: [c-nsp] internet redundancy [7:99340]
>
>
> How many LANs do do have on each site?
>
> Does the inter-site T1 connection and the IPS connection use the same
> router?
>
> If yes to the above, why are you using EIGRP?
>
> If there are just three sites and three routers, why can't static
> routes be used?
>
> I must be missing something here
>
> Dom
>
> -----Original Message-----
> From: nobody at groupstudy.com [mailto:nobody at groupstudy.com] On Behalf
> Of Howard C. Berkowitz
> Sent: 15 May 2005 17:27
> To: cisco at groupstudy.com
> Subject: Re: [c-nsp] internet redundancy [7:99340]
>
> At 9:25 AM -0400 5/15/05, Kern, Tom wrote:
>> I'm looking to set up internet redudancy.
>> i have 3 internet connections in 3 diff sites. all sites are
>> connected
>> via point to point T1's.
>> Each site uses its own isp.
>> I use eigrp internally.
>>
>> i assume I would have to call the isp's and use BGP to sucessfully
>> do this? what would I need to set up on my end?
>
> With three involved, that's really your only alternative. Do you have
> dedicated links between your sites, or would the failover be via the
> Internet? In the latter case, how do you handle security? Encrypted
> tunnels? Of what sort?
>
>> How complicated is this?
>
> You will need to develop a routing policy and get your ISPs to agree
> to it. Once that is done, you will need an AS number, which, when I
> last looked, was $500 per year. One or more of your ISPs may be
> willing to help you get started, usually wanting to be preferred or
> charge professional service fees.
>
> The next step is to develop your routing policy, which will depend in
> part on how you go site-to-site. You need at least one BGP-speaking
> router at each site, and you might have more than one to protect
> against failure. At a minimum, have EIGRP default point at a BGP
> speaker.
>
> Assuming you have permanent links between your sites, the minimum
> approach could be for each site to advertise its address space to the
> ISP, but to prefer the direct links for inter-site communication.
> From each ISP, you could request full or partial routes, and share
> them by iBGP among your sites. Partial routes, for example, are
> usually the directly connected customers of that ISP.
>
> Again, I'm assuming a lot here. It's not necessarily hugely
> complicated, but it's easy to make errors. Before I could design
> something, I'd have to know details including the nature and speed of
> your inter-site links, your backup strategy, if the ISPs are widely
> geographically distributed, etc.
>
>
>
>
> Message Posted at:
> http://www.groupstudy.com/form/read.php?f=7&i=99347&t=99340
> --------------------------------------------------
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
More information about the cisco-nsp
mailing list