I've attached my network diagram where I've tried to give the big picture of a 'Dual-homed Single ISP' solution since their traceroute meets at the same device on the very next hop. How can i make the transition of this network to a multihomed network. I've thought that I can use a Router (keeping things simple for now) and have it connected to the internet using another ISP. Connect the inside interface of that router to my DMZ and LAN switches separately ? Would that be correct solution ?
Now, secondly (and this is a potential flaw i see ) all the major services are hosted on the DMZ; the DMZ has a public subnet. Our ISP (Telstra) is responsible for routing traffic to this DMZ subnet statically (not BGP) . Say when I connect the router that i've proposed in the diagram attached to another ISP and connect its inside interface to DMZ, how is that ISP going to find out on how to route to this DMZ subnet; this is obviously assuming a case of failure occuring at first ISP and we need to use this second ISP. I can route traffic from inside--> to internet fine; but how about traffic coming from outside the internet to this DMZ ? How is this second provider going to know about it about this public DMZ subnet. Which things are in our control and which things are not in our control in such scenarios is also another query ?
Any further info. I can provide, let me know. Your help will be appreciated -:) multihome.jpg
”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.
-Mike Kapnisakis, Warner Bros
With your subscription - you'll gain access to our exclusive IT community of thousands of IT pros. You'll also be able to connect with highly specified Experts to get personalized solutions to your troubleshooting & research questions. It’s like crowd-sourced consulting.
We can't always guarantee that the perfect solution to your specific problem will be waiting for you. If you ask your own question - our Certified Experts will team up with you to help you get the answers you need.
Our certified Experts are CTOs, CISOs, and Technical Architects who answer questions, write articles, and produce videos on Experts Exchange. 99% of them have full time tech jobs - they volunteer their time to help other people in the technology industry learn and succeed.
We can't guarantee quick solutions - Experts Exchange isn't a help desk. We're a community of IT professionals committed to sharing knowledge. Our experts volunteer their time to help other people in the technology industry learn and succeed.