On Fri, Feb 15, 2008 at 09:12:19AM -0800, Rami Sik wrote:
Hey there,
<snip>
> some of the services we are providing. These services include
> http/https/smtp/pop3/imap. We have a number of different domains for
> each service.
For per protocol or per service failover, you'll need to do something
like global server load balancing.
> So, I believe a DNS solution to fail over to a DR site is out of
> question since we have to maintain not only our own domain, but a number
> of customer domains. This leads me towards a BGP solution. I read an
> article from cisco for a BGP solution. They suggest at least 2 extra
> internal connections between data center and the DR site along with the
> main Internet connection. Here are my questions:
BGP will only help you in the event of an upstream provider failure,
or router failure.
> 2) What do you think about the extra connections as suggest in one of
> cisco's articles when building BGP based fail over to a DR site? Can I
> just use VPN over the main Internet feeds between data center and DR
> site?
I'd definitely stay away from using a VPN here. What if your upstream
provider fails? Then your VPN would be down too.
We are building DC1 with transit from Tranny1 and DC2 with transit from
Tranny2. Then we are getting a LES circuit (in essence GigE) directly
between the two.
We are then getting a /23 from RIPE, splitting it into two /24's and DC1
will announce A/24 with a route to B/24 whilst DC2 will announce B/24
with a route to A/24. Then if either link fails, traffic can route in
via the other datacentre.
'scuse my bad ASCII art but:
Tranny A Tranny B
| |
| |
A/24 B/24
B/24 A/24
| |
| |
Datacentre A --------IDL------------ Datacentre B
> 3) Do you have any example of such a project done with openBSDs?
Not yet :-)
-- joe.
How can people get so upset about the death of some guy that they
never even met?
