Solved

ISP Redundancy without BGP

Posted on 2004-08-08
6
1,062 Views
Last Modified: 2013-11-30
How can I have internet connection to 2 different ISPs without ISP? I heard there are appliances that let you do that.
0
Comment
Question by:athakur_us
6 Comments
 
LVL 8

Expert Comment

by:MarkDozier
ID: 11749877
You need to clearify what you are asking. You can not connect to any iSP if you do not an account with the ISP?
0
 
LVL 5

Expert Comment

by:dgroscost
ID: 11749886
You mean two ISP connections without BGP?

Try this -> http://www.fatpipeinc.com/xtreme/index.htm

0
 
LVL 6

Expert Comment

by:Ferrosti
ID: 11751339
This solution can only be done if the ISPs allow to update their DNS servers.
In case one has a DMZ and several services in it all these services will have to be reachable through all ISPs. This can only be achieved if the servers are listed in the ISPs DNS.

More information about the usage and the goals to be achieved would be nice.
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 27

Expert Comment

by:pseudocyber
ID: 11751596
There's a great article about doing it with Cisco routers at:
http://www.cisco.com/en/US/about/ac123/ac114/ac173/Q2-04/department_techtips.html

Snippet of the article ---------------------------------------------------------

Common Scenarios and Configurations
By Shyan Wignarajah and Asad Faruqui

One problem with static routing and policy routing has been the inability for the router to determine the state of the next hop. Routing protocols typically use "hello" mechanisms to determine if a neighbor is alive. However, policy and static routing offer no means to test whether the next hop is reachable. As a result, statically routed or policy routed packets risk being "black holed"—that unfortunate state of being forwarded to a dead neighbor.

The preferred path is via the primary Internet service provider (ISP). The cable- connected ISP provides flat rate service and higher bandwidth than the ISDN-connected ISP (which could bill on a per minute basis). However, if the primary ISP connection should fail, then the secondary ISP would be used.

So how does the CPE router determine when to use the primary ISP and when to use the secondary ISP? The Ethernet interface on the CPE router will remain up as long as it's plugged into the modem. However, there could be a problem with the cable cloud or some other part of the primary ISP's network. In order to detect these problems, the CPE router can't simply rely on the state of its own interface.

You could enable a dynamic routing protocol; however, this isn't always a viable solution, as the ISP may not be willing to run a routing protocol with you. Conversely, some customers may not want to run a routing protocol with their ISP.

-----------------------------------------------------------

0
 
LVL 4

Accepted Solution

by:
syn_ack_fin earned 250 total points
ID: 11751913
One appliance that can do what you want is Radware's Linkproof. Here is a link:
http://www.radware.com/content/products/lp/default.asp

It accomplishes load balancing inbound and outbound this by using a combination of Dynamic DNS and what they call Smart-NAT. I have installed a number of these, and they go in pretty painlessly. If you already have one ISP up and running, here's how it would work:
1) The Radware appliance gets installed on the first line between your firewall and the Internet router in a bridge mode. This makes it transparent to those devices and prevents you from having to re-IP the segment.
2) The second line gets assigned to the Linkproof and uses NAT outbound. You create a static map for each of your public servers and a dynamic nat for your client range.
3) You set path checking on each line so that it can tell if the line is up. This is where it differs from a standard router. Without path checking, a router can only tell if the next hop is up, not if the route to the destination is up.
4)  For incoming, you assign a DNS IP address to the Linkproof on each ISP's line. You then configure the servers you want load balanced with an NS record in your authoritative DNS to point to the Linkproof for those names.

What happens then is this, when a client asks to go to www.yourcompany.com, it asks your authoritative DNS for the IP. It tells the client to look at the Linkproof for this, the Linkproof responds with the IP of the line that is up and least congested of your two ISP's.

The beauty of this solution is that you do not have to involve your ISP's at all. Anyone who has had to deal with two different ISP's and getting them to deal with each other can appreciate this.

Good Luck.
0
 
LVL 27

Expert Comment

by:pseudocyber
ID: 11751938
We just got off of Linkproofs - they were very problematic for us ... but ...
1.) They were old and obsolete and were End of Life
2.) They were over utilized - we were pushing 10Mb+ through them with 3 different ISP's and entries in the connections table in the 100K's.

We went with BGP

The Linkproof's will do the job, but they are pretty expensive.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now