HPE Community
HPE Aruba Networking & ProVision-based
1819902 Members
2154 Online
109607 Solutions
New Discussion

Network design

 
Brad_199
Frequent Advisor

‎08-24-2013 03:21 AM

‎08-24-2013 03:21 AM

Network design

If there is one ISP/one internet connection with one physical cable into a building, is it possible to design a resilient network to provide constant internet connectivity? (subject to ISP related issues)

 

I've seen designs of two switches placed either side of firewalls (externally and internally) and spanning tree/or some other technology used but I can't see how that would work with one physical feed.

 

Am I answering my own question in that two seperate internet connections (from different ISPs) is the way to go?

0 Kudos
4 REPLIES 4
internalnews
Frequent Advisor

‎08-25-2013 03:58 AM - edited ‎08-25-2013 04:09 AM

‎08-25-2013 03:58 AM - edited ‎08-25-2013 04:09 AM

Re: Network design

Some examples:

 

One ISP with two lines (page 4)

For 2x 1 Gbe /10 Gbe lines take two HP A5500-EI/A5500-HI with one default route to your ISP and iBGP. No need for a router with full IP table support.

 

or if you like it "bigger"

 

Cisco VSS (page 14)

 

 

 

0 Kudos
Juggyv
Occasional Advisor

‎08-25-2013 11:06 AM

‎08-25-2013 11:06 AM

Re: Network design

If you have one ISP with one physical wire then the 'one' is always the problem. If ISP goes down the service is dead up to their demarc which is usually their router/fw. The best you can do is have a decent switch/router here that has dual power supplies. I would suggest more but I think the budget may blow. If you want full internet resilience for the internet you need to step back and design what you are trying to do and ask yourself how portable you want to be in the future. You can have a single ISP providing you with two links or a resilient service. However if this ISP has a problem they you are up xxxx streak. The other option is 2 different ISPs which again will work fine but your technical challange is going to be your public facing devices as the two ISPs will be on different IP ranges so you can either have a backup DNS record for entry into your business or if its non-stop or fast failover you are looking for you can look to get either an intelligent solution such as F5 with lb's or use something called PI space (provider independent). This will allow you to cut ISPs if they perform poorly and swap them with other ones. The biggest challenge I see is people not being able to move IP addresses without considerable pain so if you are about to expand then I would recommend PI space and give your current ISP the change to quote and get it all working for you in the first instance.
0 Kudos
Vince_Whirlwind
Trusted Contributor

‎08-25-2013 05:18 PM

‎08-25-2013 05:18 PM

Re: Network design

The best you can do is a warm standby: have a dual-redundant core (VSS, VRRP, IRF, etc...) and have one port on each chassis configured for the ISP uplink, with the "warm standby" patchlead installed into the ISP cabinet and clearly labelled.

 

If one of your chassis goes down, open the ISP cabinet and swap leads.

 

Also, there are routers that come with a backup 3G card in the case of ISP failure. I've seen Juniper do this, for example, and other vendors may have something similar.

0 Kudos
dl_wraith
Visitor

‎08-26-2013 03:38 AM

‎08-26-2013 03:38 AM

Re: Network design

If I'm reading you correctly and there's a single feed to the Internet from your building then I'm afraid the answer to your initial query is: "not without additional connectivity". That one line is always going to be your single point of failure, no matter how resilient you make the rest of your network.

 

Now, if what you are asking is whether you can design a diversified solution internally on your network to always give you a path back to that one line from whatever floor/building/department in your business then yes, you can, but you will always have to bear in mind that the line, and the router/NTE/whathaveyou that it's connected with will always be that single point.

 

Your network design is only as good as it's weakest point.

 

If you want resilience, look to multiple connectivity options. The aforementioned 3G idea is one way this can be achieved without new cabling feeds, usage of DSL style connections as backup is always a good low-cost option for smaller businesses and point-to-point wireless tech can grab you connectivity to a local ISP or to other buildings containing the connectivity you may need without doing big cable installs.

 

Hundreds of options available. Think about what you're trying to achieve and talk to your ISP about alternate or resiliant link options that they may specialise in. You'll be suprised at how easy some ISPs can make it for you.  

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.