I have a requirement to implement inbound traffic load balancing across 2 different ISP circuits terminating into a single perimeter device. The business has 2 /29s so we cannot advertise outbound.
The idea is to have a hosted load balancer that listens to external DNS requests, then is health-checking the 2 outside interfaces of the perimeter device and balancing routing and failover accordingly. The issue right now is that the top services I have reviewed (CloudFlare, AWS Route 53, Azure Traffic Manager) all use either HTTP/S GETs or TCP establishment. In order for that to work with the equipment we're dealing with, those requests would need to pass through the perimeter to a device behind the router. This isn't ideal since then the health checks would hinge on that one endpoint listening device being up or down. Technically speaking I could whitelist ranges via ACLs to have the management pages respond to the above checks, but I'm really not in love with that idea at all (albeit that may be misplaced reservation, I'm open to having my mind changed).
I'm a bit stumped as to my options, and maybe I'm going about this the wrong way. I think we'd want to use something just pinging our outside interfaces periodically and that would be sufficient, but please correct me if I'm wrong. I'm not really able to find anything that does that.
No comments:
Post a Comment