[c-nsp] Simple NAT based IOS failover between providers

Ted Mittelstaedt tedm at toybox.placo.com
Thu Sep 29 04:38:49 EDT 2005



>-----Original Message-----
>From: Robert Boyle [mailto:robert at tellurian.com]
>Sent: Wednesday, September 28, 2005 4:01 PM
>To: Ted Mittelstaedt; Vinny Abello; cisco-nsp
>Subject: RE: [c-nsp] Simple NAT based IOS failover between providers
>
>
>At 10:27 AM 9/28/2005, Ted Mittelstaedt wrote:
>>There are lots of things a Cisco router can do that there is no
>>posted configuration for.  That is why you have a service contract.
>
>True, however, the people we spoke to at the TAC said this couldn't be
>done.

I've got the same thing from TAC before as well.  Some TAC people are
better than others.  You have to call back in and get it shifted to a
different tech, it's easy enough.

> I didn't believe them and Rodney has shown all of us a working
>config. This is a great thing and it would be nice if it made
>its way to
>the cookbook one of these days.
>

It isn't a working config, as I keep telling you, it is dependent on link
state
which isn't a reliable indicator of connectivity.  It only works for a
very
narrow set of failures.

>
>You didn't read ours very carefully. :) These are customers in outlying
>areas which we can't serve with a second connection any other
>way. (They
>are outside our DSL footprint, they can only get cable, they are in an
>independent telco area, etc.) They are in really remote
>locations such as
>rural Montana or rural Oregon.

Uh huh.  Well I happen to live in Oregon and the ISP I work for happens
to
service some of those rural customers in Bend, OR.

Nobody living in rural OR seriously expects 24x7 reliability.  Of course
they
will never admit that to YOU or to me either.  Some of the yappiest dogs
we have are out in the sticks as a matter of fact.  But we have stared
down
a few of the most obnoxious ones and they have ended up admitting that
they knew they
wern't going to get it.  The problem is that the rural mindset is that
they
have to fight for everything, and they love fighting for it.  But, they
don't expect
to win, they just enjoy the argument for the sake of the argument.  You
have
to, to survive and thrive out in the sticks.

> I am not going to drop an ATM T1
>or DS3 with
>Pa's phone company to serve one customer - that's assuming they
>can get DSL
>and that Pa's phone company even allows independent ISPs to use
>their network.
>

I understand that.  And if you need to spend a lot of money on
multiple connections to some po-dunk place in Eastern OR to make
the foolish person that owns your business and doesen't understand
the realities of networking happy, then you got to spend the money.

But don't come into a tech forum and try to browbeat us into believing
that what your trying to get is anything more than a big joke.  That's
why it's on $79 Asian routers and not in the Cisco configs.

I'd bet money that most of those rural areas your serving only have a
single fiber line into them, if they even have fiber at all, and every
damn thing that feeds the community runs on it - voice, data, emergency,
radio, etc. etc. etc. You get farmer Billy out in the back 40 digging
post
holes and he slices that fiber, and it don't matter a damn how many
different providers you have feeding into it - all of them are on the
same line and everyone's down.

>
>Please don't assume you understand our business model or our customers'
>motivations. You clearly don't from your message. We provide an
>end-to-end
>hosted solution for our clients which must be up 24x365. The secondary
>connection is for our piece of mind. We get the bill and we are the
>customer of record with the phone company, cable company, other
>ISP, etc.

>We also monitor BOTH connections 24x7 from our NOC. This is one of our
>methods of meeting our strong application level SLA commitments. I
>understand that this could be seen as a hack in certain
>circumstances. In
>our situation, it actually will work well as a pretty elegant solution
>which will give them (relatively speaking) seamless fail-over
>should our T1
>to their location fail.

OK, it's obvious that you won't believe anything until experience slaps
you
upside the head.  Report back here in a years
time after you have had a couple dozen failures of the primary circuit
and let us all know how well it worked.

In the meantime my employer will continue actually providing service to
the rural folks
and I'll continue dealing with the realities of phone poles that get used
for target practice
by the local good old boys when they get liqored up on Friday night.
And yes, I've
dealt with some of our lovely sweet idiot Ma and Pa telephone systems -
like Canby
Telephone - who still think that that thing with the string and the two
tin cans worked
pretty good.

Ted



More information about the cisco-nsp mailing list