[c-nsp] Conditional BGP

Hank Nussbacher hank at efes.iucc.ac.il
Sun Oct 19 13:53:16 EDT 2008 

On Sun, 19 Oct 2008, Jay Hennigan wrote:

> Hank Nussbacher wrote:
>> At 09:47 PM 18-10-08 +0500, Masood Ahmad Shah wrote:
>> 
>> I am curious if anyone else uses conditional BGP as a poor man's DRP?
>> 
>> Suppose you have site A with 192.168.1.0/24.  The site is connected to 2 
>> upstream ISPs and they have a number of servers at site A.  They now create 
>> a DRP site (site B), which is also connected to 2 upstream ISPs and they 
>> create a mirror copy of those servers from site A over at site B and assign 
>> them the *exact* same IP addresses as at site A.  They have the router at 
>> site B do conditional BGP, checking to see if it sees 192.168.1.0/24 from 
>> the Internet.  As soon as it disappears (site A is gone), site B starts 
>> announcing 192.168.1.0/24 to the Internet and all the DRP servers at site B 
>> are suddenly active.  Ignoring the syncing of the servers from site B to 
>> site A, what is the downside of such a "poor mans' DRP solution?
>
> It has possibilities, but consider:
>
> How do you get it to fail back to site A when site A is restored?

Conditional BGP should handle that.  My tests have shown about 90 seconds 
for the trigger to work, which is within the parameters they need for 
"poor mans DRP".

>
> How do you protect against a temporary or transient failure?
>

I have found that conditional BGP doesn't kick in after just 10-20 second 
failures.

> What mechanism is in place to prevent both sites from being live at the same 
> time?

None.  That I'll have to think about and see if they can live with it for 
1-2 minutes of both being live.

-Hank

>
>
>
> I think there should be some form of out-of-band communication between the 
> two sites to keep things in sync.
>
> --
> Jay Hennigan - CCIE #7880 - Network Engineering - jay at impulse.net
> Impulse Internet Service  -  http://www.impulse.net/
> Your local telephone and internet company - 805 884-6323 - WB6RDV
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list