Anycast. Implementing a High-Availability Web-Based Service with Anycast: A Success Story. Merit Networking 2013 December 12, 2013



Similar documents
Chapter 2 Lab 2-2, EIGRP Load Balancing

CCIE R&S Lab Workbook Volume I Version 5.0

Lab Configuring Syslog and NTP (Instructor Version)

Securing Networks with PIX and ASA

APNIC IPv6 Deployment

Hosting more than one FortiOS instance on. VLANs. 1. Network topology

CompTIA Exam N CompTIA Network+ certification Version: 5.1 [ Total Questions: 1146 ]

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

Routing Security Server failure detection and recovery Protocol support Redundancy

Cloud Security Best Practices

The Bomgar Appliance in the Network

Cisco Configuring Basic MPLS Using OSPF

How To Load Balance On A Cisco Cisco Cs3.X With A Csono Css 3.X And Csonos 3.5.X (Cisco Css) On A Powerline With A Powerpack (C

ASA/PIX: Load balancing between two ISP - options

VPN Only Connection Information and Sign up

Troubleshooting and Maintaining Cisco IP Networks Volume 1

SSVP SIP School VoIP Professional Certification

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP Edge Gateway for Layered Security and Acceleration Services

Deploying Virtual Cyberoam Appliance in the Amazon Cloud Version 10

Interconnecting Cisco Networking Devices Part 2

Local Area Networking technologies Unit number: 26 Level: 5 Credit value: 15 Guided learning hours: 60 Unit reference number: L/601/1547

SSVVP SIP School VVoIP Professional Certification

CCNA2 Chapter 11 Practice

Securing Networks with Cisco Routers and Switches ( )

SonicWALL NAT Load Balancing

Campus Network Best Practices: Core and Edge Networks

Recommended IP Telephony Architecture

Installation of the On Site Server (OSS)

Availability Digest. Redundant Load Balancing for High Availability July 2013

Deploying Silver Peak VXOA Physical And Virtual Appliances with Dell EqualLogic Isolated iscsi SANs including Dell 3-2-1

Cisco Virtual Office: High Availability Design Guide

CertificationKits.com EIGRP Sample CCNA Lab. EIGRP Routing. The purpose of this lab is to explore the functionality of the EIGRP routing protocol.

SonicOS Enhanced 4.0: NAT Load Balancing

Networking 4 Voice and Video over IP (VVoIP)

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

TCP/IP Network Connectivity and ION Meters

SAN/iQ Remote Copy Networking Requirements OPEN iscsi SANs 1

IPOP-TinCan: User-defined IP-over-P2P Virtual Private Networks

Configuring IPsec VPN with a FortiGate and a Cisco ASA

Building a small Data Centre

Table of Contents. Cisco How Does Load Balancing Work?

: Interconnecting Cisco Networking Devices Part 2 v1.1

NetSpective Global Proxy Configuration Guide

Disaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs

LinkProof DNS Quick Start Guide

Disaster Recovery White Paper

Skills Assessment Student Training Exam

Cisco Networking Academy CCNP Multilayer Switching

CNS Implementing NetScaler 11.0 For App and Desktop Solutions

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

IPSec-VPN as a backup for the RMDCN

Active Directory Domain Services on the AWS Cloud: Quick Start Reference Deployment Mike Pfeiffer

Designing a Windows Server 2008 Network Infrastructure

HP LeftHand SAN Solutions

Modeling and Simulation of Routing Protocols in the Cloud

Cloud Computing Disaster Recovery (DR)

Configuring WAN Failover with a Cisco 881 Router and an AirLink ES440

Table of Contents. Cisco Network Time Protocol: Best Practices White Paper

Configuration Guide BES12. Version 12.1

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES

Module 1: Overview of Network Infrastructure Design This module describes the key components of network infrastructure design.

Cisco Certified Network Expert (CCNE)

SLA para aplicaciones en redes WAN. Alvaro Cayo Urrutia

Bandwidth-based load-balancing with failover. The easy way. We need more bandwidth.

Configuration Guide BES12. Version 12.2

How to configure WFS (Windows File Sharing ) Acceleration on SonicWALL WAN Acceleration Appliances

Building Nameserver Clusters with Free Software

ACME Enterprises IT Infrastructure Assessment

NETASQ ACTIVE DIRECTORY INTEGRATION

Zscaler Internet Security Frequently Asked Questions

Managing Your Microsoft Windows Server Fleet with AWS Directory Service. May 2015

Operating System for Ubiquiti EdgeRouters Release Version: 1.4

Cisco Certified Security Professional (CCSP)

Juniper Solutions for Turnkey, Managed Cloud Services

Basic IPv6 WAN and LAN Configuration

Campus Network Best Practices: Core and Edge Networks

Global Server Load Balancing (GSLB) Concepts

Running Oracle on the Amazon Cloud

DEPLOYMENT GUIDE. This document gives a brief overview of deployment preparation, installation and configuration of a Vectra X-series platform.

Juniper Exam JN0-343 Juniper Networks Certified Internet Specialist (JNCIS-ENT) Version: 10.1 [ Total Questions: 498 ]

DEPLOYING PRAGMATIC TECHNIQUES FOR CAMPUS NETWORK DESIGN

Quick Note 53. Ethernet to W-WAN failover with logical Ethernet interface.

VPN Solution Guide Peplink Balance Series. Peplink Balance. VPN Solution Guide Copyright 2015 Peplink

Scenario 1: One-pair VPN Trunk

Network Configuration Example

The OpenDNS Global Network Delivers a Secure Connection Every Time. Everywhere.

Scaling Next-Generation Firewalls with Citrix NetScaler

Lab 4.4.8a Configure a Cisco GRE over IPSec Tunnel using SDM

PREPARED FOR ABC CORPORATION

COURSE AGENDA. Lessons - CCNA. CCNA & CCNP - Online Course Agenda. Lesson 1: Internetworking. Lesson 2: Fundamentals of Networking

PineApp Surf-SeCure Quick

Transcription:

Anycast Implementing a High-Availability Web-Based Service with Anycast: A Success Story Merit Networking 2013 December 12, 2013 Pete Hoffswell Davenport University

Abstract "Implementing a High-Availability Web-Based Service with Anycast: A Success Story" Pete Hoffswell, Network Manager, Davenport University Abstract: Davenport University has successfully developed and implemented a high-availability single sign-on system using Anycast and a cloud-based data center. We will revisit Adi Aditya's presentation on the subject of high availability HTTPS from last year s summit and discuss the details of a successful high-availability deployment. You will come away with a roadmap for deploying Anycast to allow for system redundancy and/or load-balancing.

The Challenge University Central Authentication Service (CAS) 1 CAS server Several Apps Blackboard Google Others HTTP/S Applications and Load-Balancing for Networking Folks -And Network Load-Balancing for HTTP/S Application Admins R.P. (Adi) Aditya, University of Michigan CAS

Anycast IP Overview How do I get to 10.98.2.11? Check Routing Table. Choose Best. Server A1 10.1.1.10 a10.98.2.11 Data Center 1 User Router Server A2 10.2.1.50 a10.98.2.11 Data Center 2 ping 10.1.1.50 ping 10.2.1.10 ping 10.98.2.11?

Anycast Example 12-Warren 9-CORE a10.202.1.1 39-LAN a10.202.1.1 ping 10.202.1.1

Anycast Example - Site 9 9-CORE#show run int lo202 interface Loopback202 12-Warren 9-CORE ip address 10.202.1.1 255.255.255.255 9-CORE#show ip route 10.202.1.1 Routing entry for 10.202.1.1/32 Known via "connected", distance 0, metric 0 (connected, via interface) Redistributing via eigrp 1 Routing Descriptor Blocks: * directly connected, via Loopback202 Route metric is 0, traffic share count is 1 39-LAN

Anycast Example - Site 39 39-LAN#show run int lo202 interface Loopback202 12-Warren 9-CORE ip address 10.202.1.1 255.255.255.255 39-CORE#show ip route 10.202.1.1 Routing entry for 10.202.1.1/32 Known via "connected", distance 0, metric 0 (connected, via interface) Redistributing via eigrp 1 Routing Descriptor Blocks: * directly connected, via Loopback202 Route metric is 0, traffic share count is 1 39-LAN

Anycast Example - Site 12 view 12-Warren#show ip route 10.202.1.1 Routing entry for 10.202.1.1/32 Known via "eigrp 1", distance 90, metric 258560, type internal 12-Warren 9-CORE Redistributing via eigrp 1 Last update from 10.201.2.9 on Vlan22, 00:08:25 ago Routing Descriptor Blocks: * 10.201.2.9, from 10.201.2.9, 00:08:25 ago, via Vlan22 Route metric is 258560, traffic share count is 1 Total delay is 5100 microseconds, minimum bandwidth is 20000 Kbit Reliability 255/255, minimum MTU 1500 bytes Loading 1/255, Hops 1 39-LAN

Anycast Example - Site 12 view Router 9 9-CORE(config)#int lo 202 9-CORE(config-if)#shut 12-Warren 9-CORE Router 12 12-Warren#show ip route 10.202.1.1 Routing entry for 10.202.1.1/32 Known via "eigrp 1", distance 90, metric 259072, type internal Redistributing via eigrp 1 Last update from 10.201.2.1 on Vlan22, 00:00:02 ago Routing Descriptor Blocks: * 10.201.2.1, from 10.201.2.1, 00:00:02 ago, via Vlan22 Route metric is 259072, traffic share count is 1 Total delay is 5120 microseconds, minimum bandwidth is 20000 Kbit Reliability 255/255, minimum MTU 1500 bytes Loading 1/255, Hops 3 39-LAN

Anycast impractical Example - NTP 12-Warren(config)#ntp server 10.202.1.1 12-Warren 9-CORE 12-Warren#show ntp status Clock is synchronized, stratum 4, reference is 10.202.1.1 nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**20 ntp uptime is 400 (1/100 of seconds), resolution is 4000 reference time is D651B436.79F0A238 (10:39:34.476 EST Tue Dec 10 2013) clock offset is 7.8133 msec, root delay is 41.64 msec root dispersion is 3981.61 msec, peer dispersion is 3937.51 msec loopfilter state is 'CTRL' (Normal Controlled Loop), drift is 0.000000000 s/s system poll interval is 128, last update was 2 sec ago. 12-Warren#show ntp associations address *~10.202.1.1 ref clock 10.1.1.1 st when poll reach delay offset disp 3 1 128 1 11.706 7.813 437.56 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured 39-LAN

Anycast impractical Example - NTP Ab b Res y No rma u l t Don s! l Any t do t his c a st i! NO s TS TAT EFU L! 12-Warren(config)#ntp server 10.202.1.1 12-Warren 9-CORE 12-Warren#show ntp status Clock is synchronized, stratum 4, reference is 10.202.1.1 nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**20 ntp uptime is 400 (1/100 of seconds), resolution is 4000 reference time is D651B436.79F0A238 (10:39:34.476 EST Tue Dec 10 2013) clock offset is 7.8133 msec, root delay is 41.64 msec root dispersion is 3981.61 msec, peer dispersion is 3937.51 msec loopfilter state is 'CTRL' (Normal Controlled Loop), drift is 0.000000000 s/s system poll interval is 128, last update was 2 sec ago. 12-Warren#show ntp associations address *~10.202.1.1 ref clock 10.1.1.1 st when poll reach delay offset disp 3 1 128 1 11.706 7.813 437.56 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured 39-LAN

The Challenge University Central Authentication Service (CAS) 1 CAS server Several services Blackboard Google Others Don t ever take the CAS Server Down. CAS

CAS Failover Backup CAS HTTP/HTTPS Internet-based User Internet Backup LDAP Cloud DC Firewall HTTP/HTTPS Internal User DU Net Prod LDAP Prod CAS DU DC

Complex Routes Backup LDAP EC2 Private Subnet 10.98.10.0/24 vdcsso.davenport.edu VDCWeb 10.98.1.11 sso.davenport.edu a10.98.2.11 107.23.210.206 LDAP VPN Tunnel ASA2 Firewall Router dcsso.davenport.edu lum4pprd2 10.1.30.91 sso.davenport.edu a10. 98.2.11 Internet EC2 Public Subnet 10.98.1.0/24 Virtual Data Center Amazon VPC 10.98.0.0/16 DU Networks 10.0.0.0/8 et al User can SSO to: https://dcsso.davenport.edu - (answered by DC server) https://vdcsso.davenport.edu - (answered by VDC Server) https://sso.davenport.edu - (answered by either server)

Controlling anycast routes 1. 2. 3. Route Advertisements From Server (Quagga) ip sla and track Manual Switch a. Adjust Route on Core b. Adjust Route/NAT on Firewall c. Script it SSO SSO FW Router

What Next? Experiment Find a Need (DNS?) Design, plan, deploy, test! http://www.internet2.edu/presentations/jt2012summer/20120716-aditya-using_ip.pdf http://www.nanog.org/meetings/nanog29/presentations/miller.pdf 12-Warren 9-CORE Questions? Pete Hoffswell - Davenport University pete.hoffswell@davenport.edu 39-LAN

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information