• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 334
  • Last Modified:

web server access redundancy

I have two internet sources. One our primary and the second is our fail over.
We have a web server behind our firewall that is linked to a public static IP from the primary internet provider- we are forwarding port 80 to web server. My question is if the primary internet goes down which we will then use our failover internet how will people from the outside be able to access our web server if the public DNS is pointing to the primary internet provider static public IP. Our second internet connection is also behind a firewall..
0
paul_techy
Asked:
paul_techy
4 Solutions
 
Dave BaldwinFixer of ProblemsCommented:
That is a difficult problem.  You would have to change the public DNS.  But since it is not an instantaneous change and it takes time to 'propogate' thru the DNS system, often the original IP address is back up and working by the time the change goes thru.  

I have a customer who had the same site on two different web hosts and that's what happened to him.  When the first went down, it was always back up and running by the time any DNS changes were seen by clients.
0
 
BanthorCommented:
Ah, Name Servers. The trick is that IP addresses belong to machines, humans should never use them. Separate your public presence NAME from your service name.
So www.mysite.com points to
  sitea.mysite.com AND siteb.mysite.com

Traffic on the internet is focused by response times so that if sitea.mysite.com is not responding and siteb.mysite.com is. traffic is directed there.

There are some caching network tendencies that make this intermittent for small sites and sites with a lot of traffic.  

There are services for large companies like Akamai and Amazons Route 53 for traffic management. I am going to check on GoDaddy Vanity name servers in a moment to see if that will also do the trick.

By Layering your DNS you should be able to switch from site to site micro downtimes.
Leverage AppFabric and BizTalk solutions for session management and you can achieve 100% uptime.  

How big is your Org?
0
 
BanthorCommented:
Godday Vanity service is a joke, no value
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
giltjrCommented:
Banthor:

"So www.mysite.com points to
  sitea.mysite.com AND siteb.mysite.com "

Looks like you are suggesting to depend on round robin DNS.  Doing this is no different that pointing to www.mysite.com to two different IP addresses.

"Traffic on the internet is focused by response times so that if sitea.mysite.com is not responding and siteb.mysite.com is. traffic is directed there. "

Really?  How?  What on the "Internet" is monitoring response time.  The only thing I know if is if you are using something GTM from BigIP that does global load balancing.


paul_techy:

If you have a full /24 from your ISP, you could apply for a ASN and do BGP with your ISP's (assuming they both allow this).  This will cause your IP subnet to routed across either of your ISP links.  If your primary link goes down, all traffic to/from your the IP addresses from that ISP will just be routed through your secondary ISP's network to you.

However, if you don't  have a full /24 could setup www.mysite.com to point to two IP addresses, one from each ISP.  

Most browsers today will see both IP addresses and will try one, if there is no response it will then try the other one.    Now, DNS will alternat which IP address is lists first, so if the IP address that is down is listed first, the user will see a long delay (about 30 seconds) before the browser tries the 2nd IP address.
0
 
SteveCommented:
Hi paul_techy,

There are several ways to provide failover in your circumstances but they can be costly.

In a nutshell, all you need to do is make sure the IP listed for your public www DNS record is amended in the event of a failure.

@Dave Baldwin is right that this can take time if done manually, but this option is free and easy. Within 2-12 hours, the majority of the internet would be accessing your backup line.

Alternatively, round robin DNS (as discussed above) is worth considering.
This simply means that BOTH IPs are listed for www using 2 separate DNS records. internet traffic will be randomly directed to one of the two IPs. In the event of a line failure, around half of the connection attempts will continue to work and around half will fail.

Also, you can purchase DNS hosting that includes failover facilities, where the DNS provider checks IPs vailidity and updates their records automatically if one drops. There is  still a small delay in this spreading around the internet but it's much quicker.
Unfortunately it can also be a bit expensive.
0
 
paul_techyAuthor Commented:
thanks for all your helpful advice
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now