|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Emergency backup for a small net
In message <[email protected]>, Bradle y Dunn writes: > Hi, > > We have a small ISP customer that wants to run a circuit to another local > ISP and the ISPs would use that pipe only in the case of primary link > failure. The two ISPs would split the cost, etc. > > The obvious solution would be for both ISPs to set up BGP peering with > their upstreams and not announce anything in normal operation. The > upstreams would continue to statically route the smaller ISPs' blocks and > the smaller ISPs would default to their upstreams. The smaller ISPs would > also put in a default pointing at each other with a higher cost. Then in > the case of primary link failure the ISP who still has a path to the net > would begin announcing the other ISP's block(s) to their upstream. The > upstream would in turn see this as a valid announcement and propagate it > to the world. Therefore specificity should draw all the traffic to the > correct place. > > The problem is both ISPs are small and have /24s from their providers. The > /24s would be filtered by many, leading to only partial connectivity in > the case of failure. (Partial connectivity is better than no connectivity, > I guess...) One solution is to Get a /24 in a larger provider's aggregate. The two ISPs can agree to exchange the /24 but send it no further (if they peer with each other) and send the traffic across the preferred customer path. If they share a common upstream, then they can probably get the upstream provider to carry the more specific route. > Another possible solution I thought of is to use NAT. The small ISPs would > use RFC1918 internally and use a block from their provider to translate > into. When the primary link fails they switch over to using a block from > the other ISP's provider. They would also have to use very low TTLs for > their DNS zones and be prepared to switch the DNS zones to point to the > other block. Does the NIC consider this efficient utilization > to have a block lying around that only gets used when a link fails? I don't speak for the InterNIC, but I don't see why this wouldn't be considered legitimate since it is being done to provide better connectivity to the end user without loading the global routing tables. Failover using DNS would be neither fast or smooth. You'd need to failover using the GRE tunnel thing on the provider side of the links. Curtis - - - - - - - - - - - - - - - - -
|