...in an attempt to torch the straw man...
We could talk at length about the pros and cons of the straw man you
present; if I understand the main question at hand the question is how to
provide some redundancy to the WAN link.
Short answer is that real-world solutions would include some type of
alternate or backup circuit (ISDN has already been mentioned on this thread)
connected to the same router or a redundant one.
To look at the hypothetical scenario you propose - I assume there is some
way to do as you propose, I don't know how you could have the router
interface active on both routers at once such that "automagic" failover was
possible. Aside from the physical-layer issues (splitting the wire(s),
noise, clocking problems, etc.) and the data-link layer issues (having three
devices on what is supposed to be a point-to-point circuit); consider the
network-layer problems.
If Core-Rtr1 is primary and Core-Rtr2 is backup connecting to some remote
router(s) (Remote-RtrX) and assume we're talking IP - say the network is
192.168.1.0/24. Then Each core router will need an (active) interface on
the 192.168.1.0/24 network but, Core-Rtr2 needs to send all traffic via
Core-Rtr1 when it is alive and well.
Well, I'm sure that somebody, somewhere is doing something pretty similar to
this (I continue to be amazed at what I find out there...) but I would make
sure that my pager number wasn't on the call list for support.
The closest thing I've seen to what you're talking about (in a common,
supportable, lowest $$ configuration) would be to utilize frame-relay and
connect every router into the cloud. Yes, you end up paying for the
additional local loop and F/R port charge for the 2nd core router but most
carriers offer "DR" PVCs at little or no cost to customers. Throw a little
ISDN into the pot to backup the frame network...just keep adding the $$
In the real world, it all boils down to how many 9's the company is willing
to pay for - I don't care how hard you try, you're not going to get 99.999%
availability on a "three-9's" budget.
Since this is purely an academic discussion...I think others will agree that
having a hot-standby router (especially a fairly costly one - you did say
7206, right) but only one serial link is probably a mis-direction of funds.
In my experience, serial lines fail much more frequently than hardware.
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Jon
Sent: Thursday, May 31, 2001 4:38 PM
To: [EMAIL PROTECTED]
Subject: RE: Redundancy design question [7:6646]
Keep in mind, this is not the typical "help me design/fix my network for
free" question. I have been reading various papers, chapters, and case
studies, and am trying to get my head wrapped around the details, now.
I've built some scenarios in my head, trying to see problems and
solutions, rather than ways to buy more gear. I'm also not trying to
solve the WAN redundancy problem, just trying to get the WAN to connect
into my LAN redundancy solution.
The fundamental problem I'm trying to solve is how to protect against any
hardware failure of my core devices knocking out normal operations. I am
not concerned with protecting against any other faults outside my direct
control (e.g. loss of WAN circuit, loss of server, Howard sets off a
tactical device in the CO, etc.).
For the sake of having a straw man to burn:
A remote site is connected to the main office over a SHNS/SONET DS-3
connection, with full SONET protection to the demarc equipment on the wall
of the MDF. (To limit the discussion scope, I will only describe the
remote site -- we will assume the main facility is impervious to faults).
The telco provides a coax connection for connecting the router to their
gear.
Equipment in the MDF includes: a 7206 with a DS-3 module and a FE module,
a Cat4006 with multiple GBIC blade and 10/100 blade. There are three IDF
wiring closets, one per floor, each with a Cat4006 fully populated with
10/100 blades. Each IDF switch is connected over a single GBIC/GigE
connection to the MDF switch. All users are connected to their IDF over a
single Cat5 run. All servers are connected (single-homed) to the MDF
switch.
To add some protection to this model, I will add a second Cat4006 in the
MDF, with the same blades as the first. I will also dual-home all the
servers to both MDF switches -- assume that the proper NICs are present to
allow this, and that they are properly configured.
I am now protected against the loss of one of my blades, or chassis, or
running over a single cable with my handy BOFH rolling chair. But, my
router might break, so I need to protect against that risk.
Add a second 7206, same blades, dual-homed to both switches. Except I
only have one coax cable from the demarc to carry the WAN signal. How do
I connect the coax to two router blades, so that both routers could use
the media? Or, is there a type of service available that allows for
physical failover of the connection, provided by the circuit provider --
note that this isn't a second complete circuit, just a split demarc
connection.
Any ideas? Or is this too theoretical -- not a real enough scenario?
Real world solutions might well include a second circuit, of sufficient
bandwidth to "get by" until a repair is effected. Or provisioning two
circuits for load balancing, with each capable of "get by" bandwidth in a
fault state. But, I'm seeing a few cases where the answer presented is to
double up on equipment -- never stating (perhaps always assumed) that
you'll also be doubling up on all your WAN circuits to make it work.
-jon-
--- Chuck Larrieu wrote:
> Asked because I don't know: how do you plan on making the switches
> redundant? How are your servers, for example homed on the switches? Is
> it
> real redundancy if closet switches are dual homed to core switches? Is
> your
> internet connection, your firewall, etc dual homed as well?
>
> Chuck
> The world is a single point of failure :->
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
> Jon
> Sent: Thursday, May 31, 2001 12:09 PM
> To: [EMAIL PROTECTED]
> Subject: Redundancy design question [7:6646]
>
> I've been reading about designing physical redundancy into networks, by
> having hot standby devices and using HSRP between them. As an example,
> if
> a site has a single router and a single core switch, these are points of
> risk. By adding a second core switch and a second router, any hardware
> failure should be overcome by the standby device taking over. If all
> the
> servers and wiring closet switches are multi-homed to both core
> switches,
> users shouldn't notice that a fault has occured. (I assume that the
> loss
> of a wiring closet switch is acceptable -- perhaps local spares are
> sufficient).
>
> However, if I only have one WAN circuit coming into the facility, it can
> only be connected to one router at a time, right? So, if the active
> router fails, how does the WAN connectivity fail over, short of an
> operator moving the cable to the second router? I'm not trying to
> address
> WAN circuit redundancy or multi-homing, that's a different worm-can to
> open.
>
> Is there some way to have both routers connected to the same WAN
> circuit?
> Something along the lines of a WYE-cable that connects both routers to
> the
> demarc connection? Or is this something that the circuit provider would
> address with their equipement (for a fee, I'm sure)?
>
> If this has been hashed over in the past, I couldn't find it in the
> archives. So, if we've covered this before, could someone share the key
> search words to locate the discussion?
>
> -jon-
__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35
a year! http://personal.mail.yahoo.com/
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=6745&t=6646
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
