asked on Multiple ISP paths to one server - forced routes - failover routes
We will have a router that will have 2 ISP connections. The primary connection will be 5M, and the secondary connection of 3M will be in use at the same time. Outbound pc client traffic will default to the 3M gateway (possibly forced http) and server traffic will favor the 5M gateway.
We are aware that we can have a second MX record at an ISP to allow another route to our email server. What is the needed for the same effect to reach a web server in case a circuit goes down? This server is hosted internal and we want DNS to work if one circuit went down. Would both ISP have a DNS record listed with a separate public ip to the router? Would this cause sessions to be mixed across both circuits due to natural routing from cost? The web server will not be moved to a colocation anytime soon.
We are aware that we can have a second MX record at an ISP to allow another route to our email server. What is the needed for the same effect to reach a web server in case a circuit goes down? This server is hosted internal and we want DNS to work if one circuit went down. Would both ISP have a DNS record listed with a separate public ip to the router? Would this cause sessions to be mixed across both circuits due to natural routing from cost? The web server will not be moved to a colocation anytime soon.
Web ServersNetwork ArchitectureHardware Firewalls
Last Comment
Donnie4572
Would both ISP have a DNS record listed with a separate public ip to the router? -> who is responsible for Dns management of your domain ??
Would this cause sessions to be mixed across both circuits due to natural routing from cost? ->> what you meant by Session to be mixed accross both cricuits ??
Would this cause sessions to be mixed across both circuits due to natural routing from cost? ->> what you meant by Session to be mixed accross both cricuits ??
fosiul01 is not correct because if the first circuit is down the second dns server will never get a query for an A record.
MX record is different because a priority can be assigned to it and if the first times out the mail server queries for the second MX record so it is the mail server that actually makes the MX failover.
What you need is failover routers. I'm pretty sure the Cisco ASA supports both failover and load balance. Basically two routers/firewalls each with it's own circuit/gateway configured in a failover/load balance configuration. A public virtual IP between them is assigned to the web site.
Donnie
MX record is different because a priority can be assigned to it and if the first times out the mail server queries for the second MX record so it is the mail server that actually makes the MX failover.
What you need is failover routers. I'm pretty sure the Cisco ASA supports both failover and load balance. Basically two routers/firewalls each with it's own circuit/gateway configured in a failover/load balance configuration. A public virtual IP between them is assigned to the web site.
Donnie
What i have meant is :
you registered your own Domain -> now you have declared that you have 2 nameserver from Domain Control panel.
which is ns1.yourdomain.com
and ns2.yourdomain.com
now ns1.yourdomain.com -> is connected to Isp1
and ns2.yourdomain.com -> is connected to ISp2
now, if Isp1 is Fail. offcourse all request will go automaticaly ns2.yourdomain.com , because ns2 is the secondary dns server and its still alive.
here ns2.yourdomain.com -> in here, it will have record where is A record
so why , web request will not go to web server if ISP one or ISP 2 is dead!! i realy didnot understand.
if you have 2 ISP line is comming to your company, offcourse Some one will use Load balancing router like Cisco ( best one) or Cheap one nexland or lynsys
you registered your own Domain -> now you have declared that you have 2 nameserver from Domain Control panel.
which is ns1.yourdomain.com
and ns2.yourdomain.com
now ns1.yourdomain.com -> is connected to Isp1
and ns2.yourdomain.com -> is connected to ISp2
now, if Isp1 is Fail. offcourse all request will go automaticaly ns2.yourdomain.com , because ns2 is the secondary dns server and its still alive.
here ns2.yourdomain.com -> in here, it will have record where is A record
so why , web request will not go to web server if ISP one or ISP 2 is dead!! i realy didnot understand.
if you have 2 ISP line is comming to your company, offcourse Some one will use Load balancing router like Cisco ( best one) or Cheap one nexland or lynsys
ASKER
This may clarify further - we plan one only having one router locally with the web server hosted internally.
We have DNS hosting from a third party that is not the actual providers of the circuits. So we have ISP1, ISP2, DNS Hosting Co. for external sources.
So if I am understanding this correctly the DNS provider would need to list:
Web Server IP address/interface for the ISP1 on the DNS provider NS1 (preferred route for traffic)
Web Server IP address/interface for the ISP2 on the DNS provider NS2
The web server would need to have 2 NICs, one for each public connection.
NIC 1 ip address 216.xx.xxx.xxx.
NIC 2 ip address 81.xx.xxx.xxx.
The virtual public ip is interesting. Is this something that is provided by the DNS provider?
Would have a master entry webserver.domian.com is 216.xx.xxx.xxx then sub-listings
of other ip addresses to resolve? Or is this only referring to the router only. This seems like it is very similar to HSRP internally for routers.
We have DNS hosting from a third party that is not the actual providers of the circuits. So we have ISP1, ISP2, DNS Hosting Co. for external sources.
So if I am understanding this correctly the DNS provider would need to list:
Web Server IP address/interface for the ISP1 on the DNS provider NS1 (preferred route for traffic)
Web Server IP address/interface for the ISP2 on the DNS provider NS2
The web server would need to have 2 NICs, one for each public connection.
NIC 1 ip address 216.xx.xxx.xxx.
NIC 2 ip address 81.xx.xxx.xxx.
The virtual public ip is interesting. Is this something that is provided by the DNS provider?
Would have a master entry webserver.domian.com is 216.xx.xxx.xxx then sub-listings
of other ip addresses to resolve? Or is this only referring to the router only. This seems like it is very similar to HSRP internally for routers.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
You might also look at something like this...
It is not designed for what you are trying to do.
it is a service that monitors your ip address for a change, and dynamically updates your A record.
It is actually designed for a user that is provided a dynamic ip address from their ISP, much like a home user gets for the wan side of their router.
http://www.dyndns.com/services/dns/custom/
Donnie
It is not designed for what you are trying to do.
it is a service that monitors your ip address for a change, and dynamically updates your A record.
It is actually designed for a user that is provided a dynamic ip address from their ISP, much like a home user gets for the wan side of their router.
http://www.dyndns.com/services/dns/custom/
Donnie
ns1 and ns2
ns1 has one public IP and ns2 has another public IP
so if Ip 1 is not available , Request will go to ns2 ( which is IP 2)
so your web server would be availabe all the time ,
is that you wanted ??