I have to migrate some servers, which unfortunately are called by some applications with their IP addresses (yes, I know...), to a new subnet. Of course, this has to be done minimizing downtime.
What I'm thinking about is using anycast, like this:
-
add to an existing server (say 10.10.50.2) a loopback with an anycast address (say 10.44.50.2)
-
configure routing to reach the anycast address
-
DNAT the old ip (10.10.50.2) to the anycast address
-
when the time comes, plug the server into the new network (say 10.10.150.2). Server still has its anycast loopback. Now the server responds from its new subnet.
-
after a while, remove DNAT and anycast.
I'd rather not use a simple DNAT (from now on, translate 10.10.50.2 to 10.10.150.2) to avoid polluting our NAT policies.
I haven't got time to lab it yet, but it should work. What do you think about this approach? Am I crazy? Am I missing something? Have you ever done this before?
No comments:
Post a Comment