Hello,
Here is my scenario...
We have a medium sized private data center, this site is connected to the internet through a single ISP provider. This ISP gives us a block of IPs we use to publish various services to the internet (Exchange, Lync, VPN, Citrix, and our LOB applications).
Couple of internet outages go by and I am now pressed to find a redundant solution so that our site does not go dark when our ISP has an issue.
Searching around I keep ending up at SD-WAN solutions (bigleaf.net, aryaka.com, zscalar.com catonetworks.com, etc..) but I know very little about SD-WAN and it seems to be there are different types of SD-WAN providers (on-premise, cloud, backbone etc.).
I can get internet services from a 2nd ISP provider so that we have redundant ISP providers, this would ensure the last mile is also redundant and protect us against local line cuts.
I would need to be able to "bond" both ISPs together in a fail-over configuration and it seems SD-WAN can do this for outbound traffic.
What I can't wrap my head around is how the IP addressing is handled. If I have 2 different ISPs and 2 different set of IP addresses, how is the IP switching handled?
For example if Exchange's autodiscover DNS records are configured to resolve to IP from primary ISP, the secondary ISP IPs will be different. How can Exchange continue to work? This is just one example of the many other apps users need access to by IP or DNS.
I did came across BigLeaf (https://www.bigleaf.net/same-ip-address-failover/) and they market themselves as a SD-WAN provider, and on that page it seems to provide a solution to the exactly problem we are trying to solve.
Because with Bigleaf, when one of your Internet circuits has an outage, you don’t. Your IP address doesn’t change. Your VPN, remote desktop session, SSH session, VoIP call, Web Presentation, and every other application stays up!
So it sounds to be that some SD-WAN providers are able to provide a solution to our question.
Anyone have experience using SD-WAN solutions to provide both inbound and outbound fail-over and address our "same-ip-address-failover" requirement? I would like to come up with a short list of providers to reach out to for further discussions etc.
In case anyone suggests, I know we can keep the TTL on our critical DNS records low and update the IP addresses in case of outage, but this is not what we want. Looking for an automated and seamless solution.
Thanks for your help.
No comments:
Post a Comment