Re: Multihoming an end user
Problem is, getting address space from ARIN doesn't tell the rest of
the world how to route traffic to you. You would be able to work out
how your two ISPs can route to you, but how would you tell everyone
else to route that traffic to them in the first place? Looking at it
the other way, what is it about a "direct from ARIN" block that makes
a network "multihomeable"?
Ok, so getting an ASN is key. I guess the real question remains then,
would a DSL provider route BGP4 over a DSL link or do we need to upgrade
our service to T1 levels first.
For your situation, I'd consider something like having the Linux
router run NAT for inside addresses while a process monitors your
primary Internet link. If the link goes down, have the router
automatically switch to using IPs from the secondary link for the
public side of the NAT.
This wouldn't help with your Watchguard, though. If your primary link
went down, clients would have to change how they connected. One
possibility would be if you controlled your own DNS (and if the
clients connected by name instead of IP), you could have the same
script that monitors your Internet connection take care of changing
the DNS entry to point to a secondary IP on the Watchguard (from the
secondary ISP's IP block).
Still some issues remain, like changing the default route on the
Watchguard.
--Rich
It's the Watchguard VPN that does make the NAT/script idea fall apart if
we want full redundancy. We have a few employees that work offsite but
more importantly we have several employees who work in our building
employed by our parent company using the VPN to their offices. Internet
could route fine with the new route, email would continue with a
secondary MX on the other IP, but the VPN needs set to a static IP.
Reply to: