Any business that depends on Internet-based applications needs more reliability than a single Internet service provider (ISP) can provide. All ISPs are subject to congestion and other performance problems, and most suffer service outages (even 99.5 percent reliability means 43 hours of downtime per year). To ensure that these problems don't cause operational disruptions and financial losses, businesses are using a technique called multi-homing to connect with multiple ISPs. Bandwidth aggregation and Internet load balancing techniques allow businesses to utilize the total bandwidth available from these ISPs, while Quality of Service (QoS) rules can be used to allocate bandwidth availability to specific applications. An essential component of multi homing is ISP failover, or the ability to automatically redirect both outgoing and incoming Internet traffic from failed ISP links to functioning connections.
ISP failover can be achieved in two ways. An antiquated solution is an ISP-level technique based on the Border Gateway Protocol (BGP). This approach requires a high degree of cooperation among multiple ISPs along with the installation and maintenance of expensive and specialized routers at both ends of a link. Another drawback of BGP is the time it requires to reroute Internet traffic, which can result in costly time lost to Internet delays.
The second approach to ISP failover is a far more economical and reliable business-based solution. This approach uses specialized appliances that sit between ordinary routers on a business LAN and the WAN port of the firewall. Each appliance has two or more ports (up to 15 depending on the appliance) to connect to multiple ISPs, and requires no special configuration in the ISPs' routers. When a session is generated from the LAN, the device computes which ISP link has the most available bandwidth and routes the session accordingly. If a link becomes congested, the device automatically reduces traffic going to that link and redirects traffic to links with more available bandwidth. If a link fails, the device automatically stops traffic to the link and redirects it to functioning links.
Inbound WAN failover is achieved by designating the device as the primary and secondary authoritative DNS name server for all the domains being hosted. If an ISP link fails, the device stops advertising that link's IP address to Internet DNS caching servers, which in turn drop that address from their records and redirect traffic to active links. By setting the host name record "Time to Live" to a few seconds, the failed link is quickly removed and reinstated automatically when link connectivity is restored.
The same technique can be used to provide site failover for business continuity and disaster recovery when the appliance is installed at a backup site. In this approach, the appliance at the backup site continually tests DNS resolution to the appliance at the primary site. If the appliance at the primary site does not respond, the appliance at the backup site immediately initiates the inbound ISP failover procedure described above. Inbound user traffic is then immediately redirected to the backup site, and Internet-based business operations continue as normal.
Ecessa™ and ISP Failover
For companies requiring multi homing ISP failover and disaster recovery site redundancy, the Ecessa PowerLink™ Series is the simple, integrated, low-cost alternative to BGP routing and global server load balancers.
Learn more...
|
