High Availability Networking
with Cisco


Vincent C. Jones



Listings

1. Reliability Theory.

The Need for Network Availability.
Mathematics of Reliability and Availability.
    LISTING 1-1. Sample extract from analysis of one year of 56 Kbps frame relay use
Network Vulnerabilities.
Designing for Improved Network Availability.

2. Bridging and Routing.
Basic Connectivity Considerations.
   LISTING 2-1. Configuring PPP link quality monitoring
Bridging for Higher Availability.
Routing for Higher Availability.
   LISTING 2-2. Floating static route will use fall back network only if required
   LISTING 2-3. Adjustment of RIP timers to minimize response time to link failure
   LISTING 2-4. Modifying OSPF timers for faster response to link failure
   LISTING 2-5. Modifying Cisco OSPF parameters for faster response to multiple link failures
   LISTING 2-6. Excerpt from the EIGRP topology table for Router A in Figure 2-17
   LISTING 2-7. Excerpt from the EIGRP topology table for Router C in Figure 2-17
   LISTING 2-8. EIGRP tuning for 5-second worst-case detection of link failure
   LISTING 2-9. Integrated IS-IS tuning for 1.5-second link failure detection and recovery

3. Multihomed Hosts.
Two Network Interfaces with Independent Addresses.
   LISTING 3-1. Passive RIP configuration using RIPv1
   LISTING 3-2. Passive RIP configuration using RIPv2
   LISTING 3-3. RIP redistribution of dynamic routes from OSPF
   LISTING 3-4. Controlling redistributed routes using route maps
Two Network Interfaces with O5e IP Address.
   LISTING 3-5. Typical ifconfig command to add an arbitrary loopback port
   LISTING 3-6. UNIX /etc/gateways added line for dual homing with RIP
   LISTING 3-7. Dual homed server support using RIP
   LISTING 3-8. GateD configuration for Linux dual homed server using OSPF
   LISTING 3-9. Router configuration for dual homed server using OSPF
Two Systems with One IP Address.

4. Dial Backup for Permanent Links.
General Considerations.
Dial Backup Approaches.
Basic ISDN Dial Backup.
   LISTING 4-1. Backup interface command
   LISTING 4-2. Calling router using backup interface commands
   LISTING 4-3. Called router using backup interface commands
   LISTING 4-4. Backup interface with bandwidth augmentation and shared BRI
   LISTING 4-5. Dialer watch calling router configuration revised 25Feb01
   LISTING 4-6. Dialer watch called router configuration
   LISTING 4-7. Dial-on-demand backup calling router configuration revised 25Feb01
   LISTING 4-8. Dial-on-demand called router configuration

5. Advanced Dial Backup.
Dial Backup over Asynchronous Links.
   LISTING 5-1. Asynchronous dial backup configuration on calling router revised 25Feb01
   LISTING 5-2. Asynchronous dial configuration on router being called
Combining Channel for Higher Bandwidth.
   LISTING 5-3. Multilink PPP using asynchronous modem links
   LISTING 5-4. Multilink PPP using a single BRI and legacy dialing
   LISTING 5-5. Multilink PPP using multiple BRIs and dialer profiles
   LISTING 5-6. Aggregated multilink PPP dial backup links--calling router
   LISTING 5-7. Aggregated multilink PPP dial backup links--called router
Supporting IPX along with IP.
   LISTING 5-8. Called router configuration for simple IPX dial backup
   LISTING 5-9. Calling router configuration for simple IPX dial backup
   LISTING 5-10. IPX dial backup driven by IP OSPF routing
   LISTING 5-10a. (NOT IN BOOK) IPX dial backup driven by IP OSPF routing--called router in Chicago
   LISTING 5-11. IP and IPX dial backup for dial backup--calling router (New York) configuration
   LISTING 5-12. IP and IPX dial backup for dial backup--called router (Chicago) configuration revised 25Feb01
BGP-Driven Dial Backup.
   LISTING 5-13. Called router one of two targets
   LISTING 5-13a. (NOT IN BOOK) Called router--second of two targets
   LISTING 5-14. Calling router with ISDN backup of two links

6. Multiple Routers at a Single Site.
Protecting LAN Users from Router Loss.
   LISTING 6-1. Minimal passive RIP example
   LISTING 6-2. Passive RIP support combined with active RIP and OSPF
   LISTING 6-3. Simple HSRP example, Router 1 configuration
   LISTING 6-4. Simple HSRP example, Router 2 configuration
   LISTING 6-5. Small-site load balancing with HSRP, Router 1 configuration
   LISTING 6-6. Small-site load balancing with HSRP, Router 2 configuration
   LISTING 6-7. Dual-LAN load balancing with HSRP, Router 1 configuration
   LISTING 6-8. Dual-LAN load balancing with HSRP, Router 2 configuration
   LISTING 6-9. Special needs HSRP example, Router 1 configuration
   LISTING 6-10. Special needs HSRP example, Router 2 configuration
Dial Backup by One Router for a Line on Another.
   LISTING 6-11. South Router with primary (Frame Relay) link to data center
   LISTING 6-12. North Router using dialer watch to control backup ISDN link
   LISTING 6-13. Router backup using dialer watch; data center router with Frame Relay and ISDN links
   LISTING 6-14. South Router with primary (Frame Relay) link to data center
   LISTING 6-15. North Router with ISDN backup link to data center
   LISTING 6-16. Router backup using dial-on-demand; data center router with Frame Relay and ISDN links
   LISTING 6-17. IP and IPX with BGP-driven ISDN, South Router
   LISTING 6-18. IP and IPX with BGP-driven ISDN, North Router
   LISTING 6-19. IP and IPX with BGP-driven ISDN, data center router revised 25Feb01
Protecting against LAN Segmentation.
   LISTING 6-20. Simple LAN segmentation resistant example, Router 1
   LISTING 6-21. Simple LAN segmentation resistant example, Router 2
   LISTING 6-22. Simple LAN segmentation resistant example, Router 3
   LISTING 6-22a. (NOT IN BOOK) Simple LAN segmentation resistant example--Cloud Emulation
   LISTING 6-23. Multiple protocol complete configuration, Router WarehouseA revised 25Feb01
   LISTING 6-24. Multiple protocol complete configuration, Router WarehouseB revised 25Feb01
   LISTING 6-24a. (NOT IN BOOK) Router Data Center 1, primary Frame Relay
   LISTING 6-24b. (NOT IN BOOK) Router Data Center 2, alternate Frame Relay
   LISTING 6-24c. (NOT IN BOOK) Router Data Center 3, ISDN backup server
   LISTING 6-24d. (NOT IN BOOK) Router Data Center 4, async backup server revised 25Feb01

7. Hub and Spokes Topology.
Routing Protocols for Hubs with Many Spokes.
   LISTING 7-1. Simple single router spoke using EIGRP Everywhere
   LISTING 7-2. Primary hub router using EIGRP Everywhere
   LISTING 7-3. Backup hub router using EIGRP Everywhere
   LISTING 7-4. Simple single router spoke using RIPv2 and OSPF
   LISTING 7-5. Primary hub router using OSPF and RIPv2
   LISTING 7-6. Backup hub router using OSPF and RIPv2
   LISTING 7-7. Dual router spoke using RIPv2 and OSPF router Spoke 101A
   LISTING 7-8. Dual router spoke using RIPv2 and OSPF router Spoke 101B
   LISTING 7-9. Second hub router using OSPF and RIPv2 highlighting changes from primary hub router configuration
   LISTING 7-9a. (NOT IN BOOK) First hub router using OSPF and RIPv2
Dial Backup with Multiple Dial Access Servers.
   LISTING 7-10. Single router spoke with redundant IP dial backup
   LISTING 7-11. Primary hub router using common IP unnumbered target
   LISTING 7-12. Backup hub router using common IP unnumbered target
   LISTING 7-13. Single router spoke with IP and IPX dial backup
   LISTING 7-14. Test Spoke for simplified testing of hub dial-in ports
   LISTING 7-15. Primary hub router for IP and IPX
   LISTING 7-16. Backup hub router for IP and IPX
   LISTING 7-17. Spoke router with unified ISDN and Async dial backup
   LISTING 7-17a. (NOT IN BOOK) Frame Relay (only) hub router
   LISTING 7-17b. (NOT IN BOOK) ISDN only hub router
   LISTING 7-18. Hub router for IP backup through ISDN and Async
Using More than One Hub.
   LISTING 7-19. Spoke router with ISDN backup driven by loss of hub or critical server
   LISTING 7-20. Primary hub router modifications for critical server protection

8. Connecting to Service Providers.
Multiple Links to an External Network.
   LISTING 8-1. User router HQrouter1 configuration for the baseline service access scenario
   LISTING 8-2. Service bureau router ServiceProvider configuration for the baseline service access scenario
   LISTING 8-3. Router HQrouter1 configuration for redundant service access using static routing
   LISTING 8-4. Router HQrouter2 configuration for redundant service access using static routing
   LISTING 8-5. Service provider side router configuration for redundant service access using static routing
   LISTING 8-6. Adjustment to router ServiceProvider to use backup link only if primary link is down
   LISTING 8-7. Router HQrouter1 configuration for redundant service access using dynamically driven static routing
   LISTING 8-8. Router HQrouter2 configuration for redundant service access using dynamically driven static routing
   LISTING 8-9. Service bureau router configuration for redundant service access using dynamically driven static routing
   LISTING 8-10. Router HQrouter2 configuration for access with dial backup to a private service provider
   LISTING 8-11. Service bureau router configuration for dial backup support
   LISTING 8-12. Backup router configuration using NAT
   LISTING 8-13. A tighter access-list for incoming traffic that affords more protection
   LISTING 8-14. Service bureau router configuration for dial backup with client NAT
Connecting to an Internet Service Provider.
   LISTING 8-15. Single connection to the Internet with router protection configured
   LISTING 8-16. Single external router with two links to the same ISP
   LISTING 8-17. Router External #1 with first link to the same ISP using static routing
   LISTING 8-18. Router External #2 with second link to the same ISP using static routing
   LISTING 8-18a. (NOT IN BOOK) ISP router for two links to the same ISP using static routing
   LISTING 8-19. ISP side of the BGP configuration to support router External #1
   LISTING 8-19a. (NOT IN BOOK) ISP side of the BGP configuration for router External 2
   LISTING 8-20. Router External #1 using BGP to detect ISP link status
   LISTING 8-20a. (NOT IN BOOK) Router External #2 with Frame Relay link to the same ISP using BGP-driven static rouing
   LISTING 8-21. Router External #1 using fully dynamic routing toward the Internet
   LISTING 8-21a. (NOT IN BOOK) Router External #2 using fully dynamic routing toward the Internet
   LISTING 8-22. ISP side of the filtered BGP configuration
   LISTING 8-23. Router External #1 with Frame Relay link to the same ISP using BGP-driven static routing with indirect determination of the default route
   LISTING 8-24. ISP with conditional advertisement of the default route
Connecting through Multiple Internet Service Providers.
   LISTING 8-25. Router External #1 with link to the ISP serving 100.0.0.0/24, using static routing and NAT
   LISTING 8-26. Router External #2 with link to the ISP serving 101.0.0.0/24, using static routing and NAT
   LISTING 8-27. Single router providing multihoming through BGP
   LISTING 8-28. Router External #1 speaking EBGP to one ISP and IBGP to router External #2 revised 3Jul01
   LISTING 8-29. Router External #2 configuration including typical protective features and access lists for an external router that is attaching to the Internet revised 3Jul01

9. Connecting through Firewalls.
Firewalls Concepts.
Firewalls in a Fully Redundant Network.
   LISTING 9-1. Inside Router R-1 supporting firewalls to the outside
   LISTING 9-2. Inside Router R-2 supporting firewalls to the outside
   LISTING 9-3. Outside Router R-A supporting firewall access to the inside
   LISTING 9-4. Outside Router R-B supporting firewall access to the inside
Automating Failover in Redundant Firewall Networks.
   LISTING 9-5. Router R-1 supporting redundant firewalls in routing mode
   LISTING 9-6. Router R-2 supporting redundant firewalls in routing mode
   LISTING 9-7. Router R-A supporting redundant firewalls in routing mode
   LISTING 9-8. Router R-B supporting redundant firewalls in routing mode
   LISTING 9-9. Router R-1 supporting redundant firewalls in end-system mode
   LISTING 9-10. Router R-2 supporting redundant firewalls in end-system mode

10. IBM Mainframe Connections.
Data Link Switching (DLSw) Protocol.
   LISTING 10-1. Token Ring redundant DLSw configuration Router 1A
   LISTING 10-2. Token Ring redundant DLSw configuration Router 1B
   LISTING 10-3. Token Ring redundant DLSw configuration Router 2A
   LISTING 10-4. Token Ring redundant DLSw configuration Router 2B
DLSw for Ethernet Attached Devices.
   LISTING 10-5. Backup peer configuration for Router 1A
   LISTING 10-6. Backup peer configuration for Router 1B
   LISTING 10-7. Backup peer configuration for Router 2A
   LISTING 10-8. Backup peer configuration for Router 2B
   LISTING 10-9. Backup peer configuration for Router 1A
   LISTING 10-10. Backup peer configuration for Router 1B
   LISTING 10-11. Backup peer configuration for Router 2A
   LISTING 10-12. DLSw+ Ethernet Redundancy configuration for Router 1A
   LISTING 10-13. DLSw+ Ethernet Redundancy configuration for Router 1B
   LISTING 10-14. DLSw+ Ethernet Redundancy configuration for Router 2A
   LISTING 10-15. DLSw+ Ethernet Redundancy configuration for Router 2B
DLSw through Firewalls.
   LISTING 10-16. DLSw through dual firewalls inside DLSw Peer Router R-1
   LISTING 10-17. DLSw through dual firewalls inside DLSw Peer Router R-2
   LISTING 10-18. DLSw through dual firewalls inside Firewall Router R-3
   LISTING 10-19. DLSw through dual firewalls inside Firewall Router R-4
   LISTING 10-20. DLSw through dual firewalls outside Firewall Router R-A
   LISTING 10-21. DLSw through dual firewalls outside Firewall Router R-B
   LISTING 10-22. DLSw through dual firewalls outside DLSw Peer Router R-C
   LISTING 10-23. DLSw through dual firewalls outside DLSw Peer Router R-D
   LISTING 10-24. Ethernet DLSw through dual firewalls inside DLSw Peer Router R-1
   LISTING 10-25. Ethernet DLSw through dual firewalls inside DLSw Peer Router R-2
   LISTING 10-26. Ethernet DLSw through dual firewalls outside DLSw Peer Router R-C
   LISTING 10-27. Ethernet DLSw through dual firewalls outside DLSw Peer Router R-D

11. Disaster Recovery Considerations.
Disaster Recovery Requirements.
Traditional Approaches.
Hot Backup Facility Approaches.
   LISTING 11-1. Primary router configuration for primary server using a virtual server address
   LISTING 11-2. Backup router configuration for backup server using a virtual server address
   LISTING 11-3. Primary router configuration for primary server using a virtual server address provided by an external source
Load Sharing Approaches.

12. Management Considerations.
Network Monitoring.
Configuration Management.
Total Quality Control.




 
 

| Home Page | Company Profile | Capabilities | Coming Events | Case Studies | White Papers | Book


Copyright 1999-2001 © Networking Unlimited Inc. All rights reserved.