Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 825
  • Last Modified:

Redirect IP traffic to 2nd datacenter

Hi,
I have servers and public IP addresses in 2 distant datacenters, with 100 Mbps fiber optic connectivity between them:

- DataCenter 1 with 32 public IP addresses, ISP controls the IP segment
   Web Servers are here
   Vyatta router here, static routing

- DataCenter 2 with 254 public IP addresses, BGP, my own routing segment
   No web servers here, only routers, VPN...etc
   Mikrotik RouterOS here, BGP+Static routing

Well, what I would like to do is to setup a dozen of WEB sites in DC1, but bind them to public IP addresses from DC2. Mainly for SEO optimization.
The method and performance is not important - important is only the principle, that these web sites must resolve to DC2's IP address and load themselves from DC1, where actual web server is located.

Any idea?
0
Andrej Pirman
Asked:
Andrej Pirman
  • 2
  • 2
1 Solution
 
meverestCommented:
easiest way to do that is to just bridge the lan segments at each datacenter.  You can do this with eoip tunnel with MikroTik, or L2TP with most others.

Requests will still enter via the DC2 site, but those reply packets will be sent via the DC1 (so long as the interim networks don;t try to block it! ;-)
0
 
Andrej PirmanAuthor Commented:
Excellent!

Just some more info:
Do I need to setup some VPN tunnel between both sites first, and them create EoIP tunnel on top of this VPN?
...or can it be done without VPN tunnel as a base?

Regarding return packets:
wouldn't it be better to create some rule on remote site (DC1) to return packets coming from EoIP tunnel back to this tunnel when they are ponged back?

EDIT:
Hmmm...one more thing:
at DC1 I have Vyatta configured with NAT to local servers,
while at DC2 (with 254 IPs) I don't have NAT, but static routing instead.

any thoughts how this influence the EoIP config?
0
 
meverestCommented:
Hi,

you can usually do it with, or without any initial tunnel but for security you may want to initiate ipsec first.  You could use encrypted pptp as alternative, but watch out for MTU sizes (pptp will consume some overheads that may cause trouble with packet sizes)

you can route return packets back to DC2 is you want to - it just double handles bandwidth between the two sites - if that is not important to you, then that will work just fine!

It doesn't matter if you use NAT or routing at either end.  Once the local nets are bridged, then they act as if your switches are connected together by a cable.

Cheers!
0
 
Andrej PirmanAuthor Commented:
Thankyo! That was just what I wanted.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now