BGP for 2 T1's to one LAN [7:7511]
We are trying to have the web servers in our LAN accessible to the internet via 2 T1's from different providers -- more for redundancy than load sharing, though that matters too. Currently we have 2 T1's, each giving us a different set of IP addresses. That just lets us put some sites on each T1 -- doesn't give us an ounce of redundancy. I've been told that if we get a router with 2 WIC's that can speak BGP (Cisco 2600 or better) that may solve our problem. I'm very new to routing, so can someone answer some basic questions? Is the idea with this solution that we will be running just one set of IP addresses? And that, because of BGP on our router, either ISP will be able to route traffic to that set of IPs on the T1 it provides? Thanks in advance. -- Daniel Wilson, BSCS, MCP Application Developer http://www.compusoftsolutions.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=7511&t=7511 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP for 2 T1's to one LAN [7:7511]
The quick responses on this group are great! Thanks for the help so far. The content is not static. The sites in question run e-commerce. We could look at setting up access from both servers to the same DB server over an internal network ... so that would answer that objection to the solution you offered. I started by asking questions on a different group about round-robin DNS. What I was told was that since we don't control anyone else's DNS caching settings (our TTL entries etc. are really only suggestions) that when one T1 goes down & we change the DNS settings to point to only the other line clients & other DNS servers would still try to access the downed T1. Is this accurate as far as you know? If round robin DNS will provide fault-tolerance, that's great. If not ... we need to look elsewhere. Thanks! -- Daniel Wilson, BSCS, MCP Application Developer http://www.compusoftsolutions.com/ Vijay Ramcharan wrote: > I believe what you're looking for is a way to load balance traffic to > your web servers. You also wish to achieve a degree of fault tolerance > in case one server goes down. If both servers have the same content and > the content is static, you could use a feature called DNS round-robin > which basically returns a list of IP addresses to a querying client for > any single hostname. If one server becomes unavailable the client can > use the other IP addresses given by the DNS server to access the same > site. There's no routing protocol involved here and I don't think it's > possible to do what you need using a routing protocol. The good thing > about DNS round-robin is that the IP addresses of the web servers could > be totally unrelated. > This seems to be more of an application specific need for fault > tolerance. If this is possible using a routing protocol I'd be happy if > someone pointed out the error of my ways. I'm always open to > suggestions. > > Vijay Ramcharan > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Daniel Wilson > Sent: Thursday, June 07, 2001 9:39 AM > To: [EMAIL PROTECTED] > Subject: BGP for 2 T1's to one LAN [7:7511] > > We are trying to have the web servers in our LAN accessible to the > internet via 2 T1's from different providers -- more for redundancy than > > load sharing, though that matters too. Currently we have 2 T1's, each > giving us a different set of IP addresses. That just lets us put some > sites on each T1 -- doesn't give us an ounce of redundancy. > > I've been told that if we get a router with 2 WIC's that can speak BGP > (Cisco 2600 or better) that may solve our problem. I'm very new to > routing, so can someone answer some basic questions? > > Is the idea with this solution that we will be running just one set of > IP addresses? And that, because of BGP on our router, either ISP will > be able to route traffic to that set of IPs on the T1 it provides? > > Thanks in advance. > > -- > Daniel Wilson, BSCS, MCP > Application Developer > http://www.compusoftsolutions.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=7527&t=7511 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Salary Rating [7:7549]
Take a look at Dice.com for real job opportunities & real salary figures. hth -- Daniel Wilson, BSCS, MCP Application Developer http://www.compusoftsolutions.com/ William wrote: > How many salaris of a Network Engineer OR a System Adm OR a System Engineer > OR a pre-sales Consultant OR a IT Sales person ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=7557&t=7549 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP for 2 T1's to one LAN [7:7511]
> If the ISP dies then, yes you'll lose both sites, but the world is a single > point of failure. Unfortunately, all the ISP's we've worked with are much more likely to fail than the world is or the Internet at large is. Both ISP's we have now (names withheld to protect the guilty) have bad habits of messing up their routing tables and cutting us off. We will do a trace from the outside and find to routers looking at each other. Makes for comical traceroutes, but doesn't keep e-commerce running. With one ISP we have to wade through support personel who think that bringing us cell phones will be a temporary solution before we finally (maybe) talk to someone who knows a router from a microwave oven. The other ISP will tell us "we can't telnet to your router. Go power-cycle it & call back." Or they'll say, "we are connected to your router. Are you sure there's a problem?" So we are trying hard to get out of being dependent on any one provider. Thank you all for all the help -- Daniel Wilson, BSCS, MCP Application Developer http://www.compusoftsolutions.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=7551&t=7511 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP for 2 T1's to one LAN [7:7511]
Thanks. Someone else also mentioned the need for 2 routers for full redundancy. What I'm not understanding is why we need to IP blocks to achieve loadbalancing. That we'd need DNS round robin if we're running 2 blocks makes sense, but why the 2 blocks? Also, are both your lists assuming that the ISPs run BGP with us? Thanks for the help. -- Daniel Wilson, BSCS, MCP Application Developer http://www.compusoftsolutions.com/ "Sergei G." wrote: > Redundancy and loadbalancing are possible. The hardware is insufficient, > though. > > Redundcy and Load balancing requirements. > -- > 2 ISPs > 2 /24 > ASN > Two routers capable of 256 Mb of DRAM (3600 and higher) > web servers with two IPs, from each block > DNS round robin > > Redundancy only > -- > 2 ISPs > 1 /24 > ASN > Two routers capable of 256 Mb of DRAM (3600 and higher) > > -- > Sergei G""Daniel Wilson"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > We are trying to have the web servers in our LAN accessible to the > > internet via 2 T1's from different providers -- more for redundancy than > > > > load sharing, though that matters too. Currently we have 2 T1's, each > > giving us a different set of IP addresses. That just lets us put some > > sites on each T1 -- doesn't give us an ounce of redundancy. > > > > I've been told that if we get a router with 2 WIC's that can speak BGP > > (Cisco 2600 or better) that may solve our problem. I'm very new to > > routing, so can someone answer some basic questions? > > > > Is the idea with this solution that we will be running just one set of > > IP addresses? And that, because of BGP on our router, either ISP will > > be able to route traffic to that set of IPs on the T1 it provides? > > > > Thanks in advance. > > > > -- > > Daniel Wilson, BSCS, MCP > > Application Developer > > http://www.compusoftsolutions.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=7706&t=7511 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
advertising IP blocks [7:11191]
We are looking into multi-homing our network and running BGP on our router. I was told by some of you before that some ISPs won't advertise a block of IP's smaller than /22 and many won't do any smaller than /24. That leads to this question. Are our ISPs the only ones that need to advertise our block? Or does everybody out there need to advertise the block? Thanks! -- Daniel Wilson CompuSoft Solutions and The Worthwhile Company http://www.worthwhile.com Your complete e-business solution partners. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=11191&t=11191 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: advertising IP blocks [7:11191]
Thank you for the response, John. Accessibility from just about anywhere, especially in the US, keeps me happy too. But our ISPs have a tendency to mess up routing table entries or otherwise shut us off. We have outgrown a single T1, and want to add some redundancy. I need a solution that will mean that a *single* mistake outside of our control doesn't shut us down. There's an ISP in town that's willing to run BGP with us -- and they want us to get both lines from them. But would that put us back into the position of being vulnerable to a single mistake at their location? If *both* our ISPs mess up at the same time -- well, that's exceptionally bad luck. I realize we have to accept some risk for things that are so unlikely. But yesterday morning, one ISP was down for 45 minutes, taking down most of our sites. This afternoon the other one is down, taking down one of our newest clients. You're right we don't quite need a /24 ... /25 or probably even /26 would work. And the ISP in town wants to set us up on one of their private ASN's. They're also trying to talk us out of running BGP, though they'll do it if we insist. If an ISP -- either our current one or another one -- can provide us circuits that follow different paths, would that give us the level of redundancy we're looking for? Thanks again! -- Daniel Wilson ""John Neiberger"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Keep in mind what is actually occurring when using BGP. You are > advertising prefixes from your AS into your provider's AS. They in turn > either include your specific prefix in their announcements to other > providers, or they aggregate your smaller prefix into larger > advertisements. It is at this stage that you need to worry about what > other providers are doing as far as filtering. > > If your provider is advertising your specific prefix, a /24 for > instance, but the other companies won't accept anything less than a /22, > then you're up a creek. We are advertising a /24 to two separate > providers and I haven't seen any reachability problems from anywhere in > the world. As far as I'm concerned, if we can be reached by either path > from just about anywhere, especially in the US, then I'm happy. > > I've been following your posts and I'm curious about your motivation > for adding a second provider. This adds a measure of complexity that > might not be necessary, depending on your goals. Can your current > provider give you a circuit that follows a separate path then your first > circuit? If so, that would eliminate a couple of issues. > > First, you wouldn't even necessarily need to run BGP, although I would > prefer to do so. But instead of getting full routes, you could accept > defaults-only from your provider and advertise your addresses on both > links. > > Second, you wouldn't worry about getting an entire /24--or > larger--block of addresses. In this scenario, your provider will > aggregate your prefix into their larger announcements, but when traffic > destined for your network arrives in their network, internally they'll > see two available paths. This has the additional benefit of not wasting > registered addresses since you probably don't really need an entire > /24. > > Third, you won't have to apply for your own AS number from Arin. If > you run BGP over two links to the same provider, they will either let > you use their ASN or let you use a private ASN that will only be seen by > their network. > > Would a solution like this work for you? > > Regards, > John > > -- > John Neiberger > Firstbank Data Corporation > 12345 W. Colfax Ave. > Lakewood, CO 80215 > (303) 235-1093 > > > >>> "Daniel Wilson" 7/6/01 12:23:46 PM >>> > We are looking into multi-homing our network and running BGP on our > router. > > I was told by some of you before that some ISPs won't advertise a block > of > IP's smaller than /22 and many won't do any smaller than /24. That > leads to > this question. > > Are our ISPs the only ones that need to advertise our block? Or does > everybody out there need to advertise the block? > > Thanks! > > -- > Daniel Wilson > CompuSoft Solutions and The Worthwhile Company > http://www.worthwhile.com > Your complete e-business solution partners. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=11207&t=11191 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: NAT [7:11245]
A very basic description is that it uses the ports of the public address(es) to map to more private addresses. I'm picking these port numbers out of the air, so don't take them literally. But suppose your public IP from your ISP is 24.2.2.2. Internally, you're running a 192.168 network. One of your internal machines (192.168.0.3) makes an http request. The system running your NAT is its default gateway, so your .0.3 machine routes the request to your NAT system. The NAT system then repackages the request that really came from 192.168.0.3:80 as (say) 24.2.2.2:201. It then sends the request on to the web server. When the web server replies, it replies to 24.2.2.2:201. The NAT machine then, still having that port mapping repackages it as a packet for 192.168.0.3:80 and sends it appropriately. Hope this is some help. I'm hoping to find time to read the resources Charles & Howard have referred to so I can understand more completely. -- Daniel Wilson CompuSoft Solutions and The Worthwhile Company http://www.worthwhile.com Your complete e-business solution partners. ""a. ahmad"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > hi, > can any one describe NAT Function in detail (many-to-one). Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=11263&t=11245 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ASN -- Unique routing policy [7:12267]
Please pardon another newbie question. But to get an ASN from ARIN, we need, not only to be mulithomed, but also to explain that we have a "unique routing policy" that differs from that of our provider. Does simply having 2 different providers with whom we intend to do BGP peering for redundancy & load sharing constitute a "unique routing policy"? Or is there something else that ARIN is looking for? Thanks! -- Daniel Wilson CompuSoft Solutions and The Worthwhile Company http://www.worthwhile.com Your complete e-business solution partners. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=12267&t=12267 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ASN -- Unique routing policy [7:12267]
Thanks. That's what I needed to know. -- Daniel Wilson CompuSoft Solutions and The Worthwhile Company http://www.worthwhile.com Your complete e-business solution partners. ""John Neiberger"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > If you're multihomed and your BGP advertisement policy differs from your > providers--which it will--then you'll have no problem getting an ASN. > If you are advertising only your assigned addresses, then your policy is > obviously different than your providers and it requires a unique ASN. > > HTH, > John > > >>> "Daniel Wilson" 7/13/01 8:05:58 AM >>> > Please pardon another newbie question. But to get an ASN from ARIN, > we > need, not only to be mulithomed, but also to explain that we have a > "unique > routing policy" that differs from that of our provider. > > Does simply having 2 different providers with whom we intend to do BGP > peering for redundancy & load sharing constitute a "unique routing > policy"? > Or is there something else that ARIN is looking for? > > Thanks! > > -- > Daniel Wilson > CompuSoft Solutions and The Worthwhile Company > http://www.worthwhile.com > Your complete e-business solution partners. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=12272&t=12267 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: network traffic too slow [7:15063]
Approximately how many computers are on the network? What OS's are involved? What protocols are being used? Is it 10 MB or 100 MB -- or something else? -- Daniel Wilson CompuSoft Solutions and The Worthwhile Company http://www.worthwhile.com Your complete e-business solution partners. ""parky chan"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Dear > Our office network trafic too slow, > I have used switch replace hub > but the traffic also slow. > what 's problem i need to slove. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=15137&t=15063 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
