Solved

Multihoming with BGP

Posted on 2011-03-01
3
572 Views
Last Modified: 2012-05-11
I have a client that does monitoring for alarm security systems.  The alarms in the field, which I will call clients, send a UDP packet to a piece of hardware that I will call the alarm server to indicate the alarms.  The current solution to build redundancy and failover to the setup, is to add a second server which is connected to a second ISP.  The two servers are on the same LAN, but use different default gateways.  Clients in the field are set to communicate with the primary server and only use the seconary server if the primary fails.  This setup allows us to keep monitoring the alarms if a single ISP fails or and single server fails.  However, if the primary ISP and secondary server both fail at the same time, we are not longer able to monitor the alarms.

With a multihomed setup with BGP, I understand that the primary and secondary IP addresses could be reached over either ISPs.  If the primary ISP fails, the clients will still communicate with the primary server, but through the secondary ISP.  If the primary server fails, the clients will communicate with the secondary server through whichever ISP.  While the alarm monitoring only need the two IP addresses, by the time we setup the routers we would still only need 5-10 addresses.  Would it be worth while setting this up using BGP?

0
Comment
Question by:SterlingMcClung
3 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 250 total points
ID: 35013401
Bottom line is that while, yes, having your own IP subnet and using BGP to broadast that subnet to mulitple ISP's is "the" solution, reality is that to use BGP, you must have need for, justify, and qualify for a full /24 public IP subnet and your own BGP AS number. That will be 1) very hard to do if you only have use for 5-10 addresses and 2) very expensive since the IPV4 address space is virtually depeleted. We're talking 10's of thousands of $$.

If your application works with primary/secondary choices and 2 servers, what is the feasibility of adding a 3rd tertiary server and 3rd ISP circuit? You would have to lose 2 ISP circuits and 2 servers out of the 3 at one time.

Maybe even a loadbalancer that gets hosted a 3rd party hosting center that itself can determine which server is up and available and the clients only need a single primary IP address that is virtually guaranteed to always be available.

0
 
LVL 24

Assisted Solution

by:rfc1180
rfc1180 earned 250 total points
ID: 35018985
Yeah, from a reachability prespective BGP would makes sense in this case no doubt, but really not need in your situation. I have successfully deployed a few central stations that utilized alarm receivers that were POTS and IP; as a matter fact, the entire environment was redundant, from the receviers to the ISP. All of which was accomplished without BGP; the load balancer solution was used on several occasions, but PBR with OER was was on the majority.

Now too bad IPv6 is not as widely deployed as it should have been; some vendors support IPv6 in the alarm receivers and central station monitoring software, but many alarm system IP communication boards do not; IPv6 could be used for IP Anycast with BGP or without (ISP could advertise your space for you). The list goes on, there are several ways to accomplish what you are trying to accomplish.


Billy
0
 
LVL 7

Author Comment

by:SterlingMcClung
ID: 35027690
@lrmoore:
That is exactly what I was begining to conclude.  BGP is the solution, but not feasible given the size of the network.  SharedBand is a hosted loadbalancer that I have found, but it does not appear to be usable in Canada.   Do you have any ideas of other such providers?

@rfc1180:
I had not heard of PBR or OER, but have done some limited reading on it, now that you mention it.  I am not sure how those would help provide ISP redundancy for each receiver/server.  If a field alarm sends traffic to an IP from ISP1 do these features allow that traffic to arrive through ISP2, ISP1 has failed?  These features appear to provide more options for traffic that originated from within the reciever/server network and for traffic that is destined to the recievers/servers.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now