North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: BGP Anywhere - Global Redundancy

  • From: Vandy Hamidi
  • Date: Thu Apr 14 18:59:00 2005

Bill,
Excellent suggestion to advertise a more specific block at the Primary
Datacenter and a less specific block at the Backup DC.

I can't get a /20, but I can justify a /23.
With that I can advertise, for example:
	192.168.0.0/24 at the PDC
	192.168.0.0/23 at the BDC

If the PDC advertisements fail due to a disaster/failure the less
specific /23 will route to the BDC.

Question for NANOG:
If I advertise a /24 and /23, are you aware of any ISPs that would drop
the /24 advertisement but keep the /23.  If that were to happen, I could
get some traffic sent to the BDC?  Or would it be ok as my direct peer
ISP wont (shouldn't) drop the /24?

	-=Vandy=-

-----Original Message-----
From: Bill Stewart [mailto:[email protected]] 
Sent: Wednesday, April 13, 2005 10:01 PM
To: Vandy Hamidi
Subject: Re: BGP Anywhere - Global Redundancy

Depending on what your address space needs are, you might also
consider advertising the PDC with a more specific address space and
the BDC with a less specific space, and make sure that the transit
providers you're using at both ends will accept routes for the more
specific space (e.g. /20?  /24?)  That rule is supposed to trump AS
Path Length rules and just about anything else, so if you're using
both to point traffic to the PDC, you're likely to win.  It also lets
you address specific destinations in the BDC-only space if you want to
reach them when the PDC is up.

And I'm puzzled that somebody said 15 minutes +/- 5.  Typical BGP
timers are set for ~30-60 seconds, so you should see recovery in
90-180 seconds, or faster if the failure can be detected by Layer 2 or
Layer 1 protocol handling at your upstream provider (e.g. backhoe
problems should be detectable almost immediately; router CPU flakeouts
will need to wait for timeout.)

On 4/6/05, Vandy Hamidi <[email protected]> wrote:
> 
> All,
> We're an ASP and are considering adding a secondary Backup Datacenter
> (BDC) in the US to protect our web presence.
> 
> My goal is to ensure automatic failover of my Primary DC's (IP)
traffic
> to the BDC in the event of a catastrophic failure of the PDC.
> 
> I'm considering geographic load balancing and BGP Anywhere as the two
> options.  I'm clear on how the Geo LB works, but have some doubts
about
> BGPAW as I've never implemented it before and documentation online is
> pretty weak to non-existent.
> 
> Below is how I believe it should be done.
> From PDC:
>         -Advertise CIDR block to all peers w/good metric (0 hop count)
> From BDC:
>         -Advertise same CIDR block to all peers w/poor metric (+20 hop
> count)
> 
> During normal operation, all ASes will route production traffic to
PDC.
> In the event of catastrophic failure at PDC; PDC advertisements will
> cease, BDC route will become the only one on the net and traffic will
> route to the BDC.
> 
> Questions:
> 1) Will this work?
> 2) Other suggestions or alternatives?
> 3) Any chance that traffic could flow to BDC for any reason?
> 4) Any internet etiquette I could be ignoring?
> 5) What would you estimate the failover time would be?
> 6) Assuming the routers at PDC and BDC pull down full routing table,
how
> will the receipt of the PDC CIDR advertisement be treated?  BGP rules
> say it will be dropped as a routing loop.  What alternatives would I
> have if I want to be able to route that CIDR block traffic from the
BDC
> to the PDC.  Confed?  Cisco conditional advertisements?
> 
> Thanks all.  This is the only place I can think of that would have the
> expertise to comment.
> 
>         -=Vandy=-
> 
> 


-- 
----
             Thanks;     Bill

Note that this isn't my regular email account - It's still experimental
so far.
And Google probably logs and indexes everything you send it.