High Availability for the Internet Edge – WAN Availability and QoS
3 min readWhen you have decided to have two Internet routers, each with a link to two different Internet service providers, you need to think about the logical design for the routers, including failover options. Logical Internet high availability design considerations include the following:
- Use a public BGP AS number for eBGP connections to the ISPs.
- Use provider-independent IP address space to allow for advertisement to both ISPs.
- Receive full or partial Internet routing tables to optimize forwarding outbound.
- Use HSRP/GLBP or an IGP such as EIGRP or OSPF internally.
Backup Connectivity
Redundancy is a critical component of WAN design for the remote site because of the unreliable nature of WAN links compared to the LANs that they connect. Many enterprise edge solutions require high availability between the primary and remote sites. Because many remote site WAN links have lower reliability and lack bandwidth, they are good candidates for most WAN backup designs.
Remote site offices should have some type of backup strategy to deal with primary link failures. Backup links can either be permanent WAN or Internet-based connections.
WAN backup options are as follows:
- Secondary WAN link: Adding a secondary WAN link makes the network more fault tolerant. This solution offers two key advantages:
- Backup link: The backup link provides for network connectivity if the primary link fails. Dynamic or static routing techniques can be used to provide routing consistency during backup events. Application availability can also be increased because of the additional backup link.
- Additional bandwidth: Load sharing allows both links to be used at the same time, increasing the available bandwidth. Load balancing can be achieved over the parallel links using automatic routing protocol techniques.
- IPsec tunnel across the Internet: An IPsec VPN backup link can redirect traffic to the corporate headquarters when a network failure has been detected on the primary WAN link.
- SDWAN with MPLS and Internet tunnel: With SDWAN using two transports, an Internet link can carry traffic to the corporate headquarters by load balancing with the MPLS link or during a failover event when a network failure has occurred.
Failover
An option for network connectivity failover is to use the Internet as the failover transport between sites. However, keep in mind that this type of connection does not support bandwidth guarantees. The enterprise also needs to set up the tunnels and advertise the company’s networks internally so that remote offices have reachable IP destinations. IP SLA monitoring can be leveraged along with a floating static route to provide failover.
Security is of great importance when you rely on the Internet for network connectivity, so a secure tunnel using IPsec needs to be deployed to protect the data during transport.
Figure 9-6 illustrates connectivity between the headend or central site and a remote site using traditional MPLS Layer 3 VPN IP connections for the primary WAN link. The IPsec tunnel is a failover tunnel that provides redundancy for the site if the primary WAN link fails.
Figure 9-6 WAN Failover Using an IPsec Tunnel
IPsec tunnels are configured between the source and destination routers using tunnel interfaces. Packets that are destined for the tunnel have the standard formatted IP header. IP packets that are forwarded across the tunnel also need an additional GRE/IPsec header placed on them. As soon as the packets have the required headers, they are placed in the tunnel with the tunnel endpoint as the destination address. After the packets cross the tunnel and arrive on the far end, the GRE/IPsec headers are removed. The packets are then forwarded normally, using the original IP packet headers. An important design consideration to keep in mind is that you might need to modify the MTU sizes between the source and destination of the tunnel endpoints to account for the larger header sizes of the additional GRE/IPsec headers.