We help IT Professionals succeed at work.

same dedicated ip addresses, two different isp's

337 Views
Last Modified: 2013-12-27
We currently have 5 dedicated ip's with an isp (dsl) and we are looking for a backup isp (which will be cable) with 5 dedicated ip's. The problem is that I'm assuming we wont be able to get the same ip addresses, and I don't want to have to reprogram all the things that use those ip addresses in the event that we need to switch.

This will be a backup for times when the dsl goes down,. and we need a quick easy way to switch while the dsl gets repaired. I have no idea what we need to do... I was thinking some sort of router which will translate. Ideas?
Comment
Watch Question

Commented:
Do you perform inbound port/address mapping?  That's the only thing you can't fail over.  You can have DNS do a kind of round robin resolution, but you'll still have failures.  Out bound fail over is relatively simple.

Author

Commented:
We have our modem set up with one of the dedicated ip's.
We have our IP phone system set up with another.
We have our SSL VPN box set up with another.

What's out bound fail over?
Round robin?

Commented:
The problem with in bound failover, is that something is connecting to your IP addresses or resolving it from a DNS name.  If the IP address changes (i.e. when a failover occurs)  how will it now find you?  Round robin is putting all your IP addresses in your records so that they all resolve, A then B and then back to A each time a client tries to resolve the name.  The problem is when a fail over occurs, 50% of the attempts are going to fail now.  The good side is half are still getting through, not a perfect fail over.

The other option is to use something similar to dynamic DNS.  Whereas you run a client inside your network and it reports back its own IP address to a DNS server on the internet, when it's IP address changes (i.e. a fail over), it updates the DNS server.  This is great so long as down stream DNS servers don't cache their first resolution.  So that they'll still be resolving to the old address.

Outbound will work fine.  Your clients inside your network will go out whatever gateway they're told to use and the routers will decide which outbound path to use.  They will be none the wiser.  If the inbound address mappings you have are not fixed on the other end or external clients don't have to resolve them, then you should be fine.

Here's a couple of providers of Dynamic DNS services:
http://www.no-ip.com/
http://www.dyndns.com/
http://freedns.afraid.org/
http://www.dynip.com/
http://www.tzo.com/

Author

Commented:
So what would the inside client be? sorry for the newbie-ness. I'm confused. So would I need a router to switch between the two outbound modems?

Commented:
The inside clients would be your IP Phones, workstations, anything that accesses the network/internet.  If you want something fully redundant you'd most likely have two routers, that come back into two core switches, but if you're a smaller shop and/or your budget doesn't allow, you can probably get away with one router that has dual WAN ports.  I use this one:
http://www.netgear.com/Products/VPNandSSL/WiredVPNFirewallRouters/FVX538.aspx

But most any router that have dual WAN ports and at least one ethernet port for internal, would work:

http://www.networkworld.com/reviews/2004/0913rev.html
http://www.dslreports.com/forum/remark,10452186

Since Cisco routers can accept modules  you can custom tailor them to whatever needs you have.
http://www.cisco.com/application/pdf/en/us/guest/products/ps5855/c1031/cdccont_0900aecd8019dc1f.pdf

Author

Commented:
That netgear looks good, but it only has 10/100. Is there anything in that range with 10/100/1000? Or do you think that would even be a problem since it is only handling our internet connection and not our LAN?

Commented:
I don't think it'll be your bottle neck unless you're planning on getting a WAN connection that exceeds 100Mbps.  Something along the lines of an OC-1, T-4 or better.  I think you're safe.

Author

Commented:
One last thing... the round robin appraoch seems good, but you say it will fail 50% of the time. I only say it sounds good because it sounds easiest to set up and least likely to cause us grief due to possible outside circumstances. I dont really like the idea of going with any outside source like a website service for the dns. Is that your recommendation, though? Stay away from the round robin approach and get an outside dns service?
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.