Solved

web server access redundancy

Posted on 2014-01-09
6
312 Views
Last Modified: 2014-03-24
I have two internet sources. One our primary and the second is our fail over.
We have a web server behind our firewall that is linked to a public static IP from the primary internet provider- we are forwarding port 80 to web server. My question is if the primary internet goes down which we will then use our failover internet how will people from the outside be able to access our web server if the public DNS is pointing to the primary internet provider static public IP. Our second internet connection is also behind a firewall..
0
Comment
Question by:paul_techy
6 Comments
 
LVL 82

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 50 total points
ID: 39769039
That is a difficult problem.  You would have to change the public DNS.  But since it is not an instantaneous change and it takes time to 'propogate' thru the DNS system, often the original IP address is back up and working by the time the change goes thru.  

I have a customer who had the same site on two different web hosts and that's what happened to him.  When the first went down, it was always back up and running by the time any DNS changes were seen by clients.
0
 
LVL 10

Assisted Solution

by:Banthor
Banthor earned 150 total points
ID: 39769105
Ah, Name Servers. The trick is that IP addresses belong to machines, humans should never use them. Separate your public presence NAME from your service name.
So www.mysite.com points to
  sitea.mysite.com AND siteb.mysite.com

Traffic on the internet is focused by response times so that if sitea.mysite.com is not responding and siteb.mysite.com is. traffic is directed there.

There are some caching network tendencies that make this intermittent for small sites and sites with a lot of traffic.  

There are services for large companies like Akamai and Amazons Route 53 for traffic management. I am going to check on GoDaddy Vanity name servers in a moment to see if that will also do the trick.

By Layering your DNS you should be able to switch from site to site micro downtimes.
Leverage AppFabric and BizTalk solutions for session management and you can achieve 100% uptime.  

How big is your Org?
0
 
LVL 10

Expert Comment

by:Banthor
ID: 39769131
Godday Vanity service is a joke, no value
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 150 total points
ID: 39769140
Banthor:

"So www.mysite.com points to
  sitea.mysite.com AND siteb.mysite.com "

Looks like you are suggesting to depend on round robin DNS.  Doing this is no different that pointing to www.mysite.com to two different IP addresses.

"Traffic on the internet is focused by response times so that if sitea.mysite.com is not responding and siteb.mysite.com is. traffic is directed there. "

Really?  How?  What on the "Internet" is monitoring response time.  The only thing I know if is if you are using something GTM from BigIP that does global load balancing.


paul_techy:

If you have a full /24 from your ISP, you could apply for a ASN and do BGP with your ISP's (assuming they both allow this).  This will cause your IP subnet to routed across either of your ISP links.  If your primary link goes down, all traffic to/from your the IP addresses from that ISP will just be routed through your secondary ISP's network to you.

However, if you don't  have a full /24 could setup www.mysite.com to point to two IP addresses, one from each ISP.  

Most browsers today will see both IP addresses and will try one, if there is no response it will then try the other one.    Now, DNS will alternat which IP address is lists first, so if the IP address that is down is listed first, the user will see a long delay (about 30 seconds) before the browser tries the 2nd IP address.
0
 
LVL 27

Accepted Solution

by:
Steve earned 150 total points
ID: 39771235
Hi paul_techy,

There are several ways to provide failover in your circumstances but they can be costly.

In a nutshell, all you need to do is make sure the IP listed for your public www DNS record is amended in the event of a failure.

@Dave Baldwin is right that this can take time if done manually, but this option is free and easy. Within 2-12 hours, the majority of the internet would be accessing your backup line.

Alternatively, round robin DNS (as discussed above) is worth considering.
This simply means that BOTH IPs are listed for www using 2 separate DNS records. internet traffic will be randomly directed to one of the two IPs. In the event of a line failure, around half of the connection attempts will continue to work and around half will fail.

Also, you can purchase DNS hosting that includes failover facilities, where the DNS provider checks IPs vailidity and updates their records automatically if one drops. There is  still a small delay in this spreading around the internet but it's much quicker.
Unfortunately it can also be a bit expensive.
0
 

Author Closing Comment

by:paul_techy
ID: 39952119
thanks for all your helpful advice
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now