Mahmoud Al Jundi
asked on
URL Redirect
Hello
I have a couple of WAN connections and used by few users to access company services like : Mail,Web Applications...etc.
Both Lines have "A" Records with our ISP. if one line is down, is it possible to redirect the users to access services through the back up line ? or can you suggest best scenario ?
Best Regards
Mahmoud
I have a couple of WAN connections and used by few users to access company services like : Mail,Web Applications...etc.
Both Lines have "A" Records with our ISP. if one line is down, is it possible to redirect the users to access services through the back up line ? or can you suggest best scenario ?
Best Regards
Mahmoud
Mail allows for a backup (more than one MX record with different priorities), but other services do not.
Using two A records (one for each WAN link) leads to a round-robin usage, certainly not your intention.
In theory, you could send out a routing info update out when one WAN link fails. But usually that will not be available, unless your ISP would accept those announcements.
Using two A records (one for each WAN link) leads to a round-robin usage, certainly not your intention.
In theory, you could send out a routing info update out when one WAN link fails. But usually that will not be available, unless your ISP would accept those announcements.
Likely David's suggestion about HAProxy accomplishes what you're after... and... there are caveats...
1) HAProxy generally drop throughput by roughly 50%, because you have to go through HAProxy before connecting with your real service.
2) If your real service is on another machine, then your throughput will drop again, based on your networking infrastructure.
3) HAProxy can be challenging to get working.
4) If services require SSL wrapping, then HAProxy configs become even more complex.
5) If you're using HAProxy (especially with SSL), this isn't a setup once + forget situation. It's more like an old car, which will require you keeping an eye on it repeatedly... changing oil... checking logs to fix breakage of parts...
6) For actual services - SMTP + POP3S + IMAP4S + etc - you must redirect the port/protocol (TCP/UDP/etc) to another IP/port/protocol elsewhere.
For simplicity + stability + time/cost, best to setup services on actual host records... like mail.foo.com for smtp/pop/imap.
1) HAProxy generally drop throughput by roughly 50%, because you have to go through HAProxy before connecting with your real service.
2) If your real service is on another machine, then your throughput will drop again, based on your networking infrastructure.
3) HAProxy can be challenging to get working.
4) If services require SSL wrapping, then HAProxy configs become even more complex.
5) If you're using HAProxy (especially with SSL), this isn't a setup once + forget situation. It's more like an old car, which will require you keeping an eye on it repeatedly... changing oil... checking logs to fix breakage of parts...
6) For actual services - SMTP + POP3S + IMAP4S + etc - you must redirect the port/protocol (TCP/UDP/etc) to another IP/port/protocol elsewhere.
For simplicity + stability + time/cost, best to setup services on actual host records... like mail.foo.com for smtp/pop/imap.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
We do not have issues with Mx Records or mail delivery ,backup for mail is working fine.
Our majorConcern when a user wants to access our company services(Like Web Mail,Citrix,Applications) and Primary WAN line is down.
For example primary.company.com wanted redirected to secondary.company.com if primary.company.com is dead.
above URLs are company WAN IPs addresses to access data center services.
Thank You
Our majorConcern when a user wants to access our company services(Like Web Mail,Citrix,Applications) and Primary WAN line is down.
For example primary.company.com wanted redirected to secondary.company.com if primary.company.com is dead.
above URLs are company WAN IPs addresses to access data center services.
Thank You
You could use something like Azure Traffic Manager : https://azure.microsoft.com/en-us/services/traffic-manager/
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
(If you want to use the backup line only if the first one is not available, HAProxy can be configured to always tru the mail line first and then to use the 2nd one as backup)