RE: BGP Anywhere - Global Redundancy
I definitely want 100% of traffic going towards the Primary Site during normal operation. LocalPref/MED can be controlled by community strings with my direct peers. As you said, I'm paying them for the service, but how will the advertisement behave after it propagates to their upstream peers? At that point AS Path should be the only determining factor, yes? Are ISP to ISP transit routes manipulated at MED or LocalPref levels? I suppose some ISPs may mark some peer with a preferential MED. I was turned on to BGP anywhere when reading up on UltraDNS. Looks like they use it for Global load balancing in which a DNS server on the East Coast will respond to DNS queries to my East Coast DC and the same for the west coast. They guarantee 100% DNS response, so I imagine it works for them. Has anyone on the list performed BGP Anywhere? There has to be someone on Nanog that has done this. Anyone from UltraDNS? -=Vandy=- -----Original Message----- From: Steve Gibbard [mailto:scg@gibbard.org] Sent: Wednesday, April 06, 2005 5:48 PM To: Vandy Hamidi Cc: nanog@merit.edu Subject: Re: BGP Anywhere - Global Redundancy On Wed, 6 Apr 2005, Vandy Hamidi wrote:
All, We're an ASP and are considering adding a secondary Backup Datacenter (BDC) in the US to protect our web presence.
My goal is to ensure automatic failover of my Primary DC's (IP)
traffic
to the BDC in the event of a catastrophic failure of the PDC.
I'm considering geographic load balancing and BGP Anywhere as the two options. I'm clear on how the Geo LB works, but have some doubts about BGPAW as I've never implemented it before and documentation online is pretty weak to non-existent.
Below is how I believe it should be done.
From PDC: -Advertise CIDR block to all peers w/good metric (0 hop count) From BDC: -Advertise same CIDR block to all peers w/poor metric (+20 hop count)
To clarify, you want no traffic coming into the backup site when the primary site is up, right? Assuming a random set of peers and upstreams, this won't actually do what I think you're trying to do. Since local-preference overrides MEDs and AS path lengths, and since you don't have control over what goes on in other networks, you'll likely get some traffic coming into your backup site even when you don't intend it to. You could *maybe* get around this by having the same transit provider (probably just one in this case, which is scary for other reasons) in both locations. If you're paying somebody money, you have a much better chance of getting them to follow your desired routing policy. Still, it's really not good to be making a routing announcement somewhere where you don't want to receive traffic. You'd probably be better off looking into Cisco's "conditional routing" feature (I assume other vendors do something similar). This allows you to set a router to make an announcement only if it stops receiving some route, so you could have your backup site look for the primary site to go away and then start sourcing the route. Failover time would probably be at most a minute or two, maybe better. You could also look into various DNS-based ways of doing this. -Steve
On Wed, 6 Apr 2005, Vandy Hamidi wrote:
I definitely want 100% of traffic going towards the Primary Site during normal operation.
LocalPref/MED can be controlled by community strings with my direct peers. As you said, I'm paying them for the service, but how will the advertisement behave after it propagates to their upstream peers? At that point AS Path should be the only determining factor, yes?
Nope. You're at the mercy of whatever traffic engineering or local-preffing other networks decide to do, and you won't have any control over it.
Are ISP to ISP transit routes manipulated at MED or LocalPref levels? I suppose some ISPs may mark some peer with a preferential MED.
Yes.
I was turned on to BGP anywhere when reading up on UltraDNS. Looks like they use it for Global load balancing in which a DNS server on the East Coast will respond to DNS queries to my East Coast DC and the same for the west coast. They guarantee 100% DNS response, so I imagine it works for them.
Has anyone on the list performed BGP Anywhere? There has to be someone on Nanog that has done this.
This is more often known as Anycast. I run the network infrastructure for the PCH Anycast DNS network. It works well for trying to get traffic to come into multiple places. When we have a site go down, we withdraw the routing announcements from that location. Trying to get traffic to go to only one place while sourcing BGP announcements from multiple places won't work very well. -Steve
participants (2)
-
Steve Gibbard
-
Vandy Hamidi