nanog mailing list archives
Re: ISP inbound failover without BGP
From: William Herrin <bill () herrin us>
Date: Mon, 3 Mar 2014 23:19:36 -0500
On Mon, Mar 3, 2014 at 8:11 PM, Eric A Louie <elouie () yahoo com> wrote:
One thought I had was having them use Dynamic DNS service. Are there any other solutions, short of using BGP multihoming and having them try to get their own ASN and IPv4 /24 block?
Hi Eric, I went through this a couple years ago with continuity of operations planning. The bottom line is: with the notable exception of low-activity electronic mail, switching the address record in the DNS entry will generally not work as expected. For folks serious about reliable access to their servers, BGP isn't just the best way, it's the only way. Reasons why dynamic DNS fails to perform as expected include: * Web browser DNS pinning can result in a customer's web browser holding the old IP address indefinitely. * Host-level caching of looked up names which discards the TTL. Remember: your desktop or laptop performs lookups against multiple name services, e.g. DNS, /etc/hosts, lmhosts, NIS+. DNS TTL is no longer in scope once the name to address map enters the generic host lookup mechanism. Most OSes have a fixed timeout of one sort or another, some old ones as long as 24 hours. * Custom applications with either IP addresses hardcoded into the configuration or with getaddrinfo() called only once and the resulting IP address held for the lifetime of the application. * Anti-spam systems block IP addresses when receiving large quantities of email from formerly-quiescent IP addresses. This is a problem if your mail server sends a lot of email and suddenly switches to a new sending IP address. Regards, Bill Herrin -- William D. Herrin ................ herrin () dirtside com bill () herrin us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
Current thread:
- Re: ISP inbound failover without BGP, (continued)
- Re: ISP inbound failover without BGP Eric A Louie (Mar 03)
- Re: ISP inbound failover without BGP Joe Greco (Mar 03)
- Re: ISP inbound failover without BGP Randy Carpenter (Mar 03)
- Re: ISP inbound failover without BGP Arturo Servin (Mar 03)
- Re: ISP inbound failover without BGP Eric A Louie (Mar 03)
- Re: ISP inbound failover without BGP Faisal Imtiaz (Mar 03)
- Re: ISP inbound failover without BGP Justin M. Streiner (Mar 03)
- Re: ISP inbound failover without BGP Jon Lewis (Mar 03)
- Re: ISP inbound failover without BGP Seth Mattinen (Mar 03)
- Re: ISP inbound failover without BGP Vlade Ristevski (Mar 04)
- Re: ISP inbound failover without BGP William Herrin (Mar 03)
- Re: ISP inbound failover without BGP Sebastian Spies (Mar 04)
- Re: ISP inbound failover without BGP Justin M. Streiner (Mar 03)
- Re: ISP inbound failover without BGP Hank Nussbacher (Mar 03)