High Availability Networking
with Cisco
Vincent C. Jones
Listings
1. Reliability Theory.
Mathematics of Reliability and Availability.
LISTING 1-1. Sample extract from analysis of one year of 56 Kbps frame relay use
Network Vulnerabilities.
Designing for Improved Network Availability.
2. Bridging and Routing.
LISTING 2-1. Configuring PPP link quality monitoring
Bridging for Higher Availability.
Routing for Higher Availability.
LISTING 2-2. Floating static route will use fall back network only if required
LISTING 2-3. Adjustment of RIP timers to minimize response time to link failure
LISTING 2-4. Modifying OSPF timers for faster response to link failure
LISTING 2-5. Modifying Cisco OSPF parameters for faster response to multiple link failures
LISTING 2-6. Excerpt from the EIGRP topology table for Router A in Figure 2-17
LISTING 2-7. Excerpt from the EIGRP topology table for Router C in Figure 2-17
LISTING 2-8. EIGRP tuning for 5-second worst-case detection of link failure
LISTING 2-9. Integrated IS-IS tuning for 1.5-second link failure detection and recovery
3. Multihomed Hosts.
LISTING 3-1. Passive RIP configuration using RIPv1
LISTING 3-2. Passive RIP configuration using RIPv2
LISTING 3-3. RIP redistribution of dynamic routes from OSPF
LISTING 3-4. Controlling redistributed routes using route maps
Two Network Interfaces with O5e IP Address.
LISTING 3-5. Typical ifconfig command to add an arbitrary loopback port
LISTING 3-6. UNIX /etc/gateways added line for dual homing with RIP
LISTING 3-7. Dual homed server support using RIP
LISTING 3-8. GateD configuration for Linux dual homed server using OSPF
LISTING 3-9. Router configuration for dual homed server using OSPF
Two Systems with One IP Address.
4. Dial Backup for Permanent Links.
Dial Backup Approaches.
Basic ISDN Dial Backup.
LISTING 4-1. Backup interface command
LISTING 4-2. Calling router using backup interface commands
LISTING 4-3. Called router using backup interface commands
LISTING 4-4. Backup interface with bandwidth augmentation and shared BRI
LISTING 4-5. Dialer watch calling router configuration revised 25Feb01
LISTING 4-6. Dialer watch called router configuration
LISTING 4-7. Dial-on-demand backup calling router configuration revised 25Feb01
LISTING 4-8. Dial-on-demand called router configuration
5. Advanced Dial Backup.
LISTING 5-1. Asynchronous dial backup configuration on calling router revised 25Feb01
LISTING 5-2. Asynchronous dial configuration on router being called
Combining Channel for Higher Bandwidth.
LISTING 5-3. Multilink PPP using asynchronous modem links
LISTING 5-4. Multilink PPP using a single BRI and legacy dialing
LISTING 5-5. Multilink PPP using multiple BRIs and dialer profiles
LISTING 5-6. Aggregated multilink PPP dial backup links--calling router
LISTING 5-7. Aggregated multilink PPP dial backup links--called router
Supporting IPX along with IP.
LISTING 5-8. Called router configuration for simple IPX dial backup
LISTING 5-9. Calling router configuration for simple IPX dial backup
LISTING 5-10. IPX dial backup driven by IP OSPF routing
LISTING 5-10a. (NOT IN BOOK) IPX dial backup driven by IP OSPF routing--called router in Chicago
LISTING 5-11. IP and IPX dial backup for dial backup--calling router (New York) configuration
LISTING 5-12. IP and IPX dial backup for dial backup--called router (Chicago) configuration revised 25Feb01
BGP-Driven Dial Backup.
LISTING 5-13. Called router one of two targets
LISTING 5-13a. (NOT IN BOOK) Called router--second of two targets
LISTING 5-14. Calling router with ISDN backup of two links
6. Multiple Routers at a Single Site.
LISTING 6-1. Minimal passive RIP example
LISTING 6-2. Passive RIP support combined with active RIP and OSPF
LISTING 6-3. Simple HSRP example, Router 1 configuration
LISTING 6-4. Simple HSRP example, Router 2 configuration
LISTING 6-5. Small-site load balancing with HSRP, Router 1 configuration
LISTING 6-6. Small-site load balancing with HSRP, Router 2 configuration
LISTING 6-7. Dual-LAN load balancing with HSRP, Router 1 configuration
LISTING 6-8. Dual-LAN load balancing with HSRP, Router 2 configuration
LISTING 6-9. Special needs HSRP example, Router 1 configuration
LISTING 6-10. Special needs HSRP example, Router 2 configuration
Dial Backup by One Router for a Line on Another.
LISTING 6-11. South Router with primary (Frame Relay) link to data center
LISTING 6-12. North Router using dialer watch to control backup ISDN link
LISTING 6-13. Router backup using dialer watch; data center router with Frame Relay and ISDN links
LISTING 6-14. South Router with primary (Frame Relay) link to data center
LISTING 6-15. North Router with ISDN backup link to data center
LISTING 6-16. Router backup using dial-on-demand; data center router with Frame Relay and ISDN links
LISTING 6-17. IP and IPX with BGP-driven ISDN, South Router
LISTING 6-18. IP and IPX with BGP-driven ISDN, North Router
LISTING 6-19. IP and IPX with BGP-driven ISDN, data center router revised 25Feb01
Protecting against LAN Segmentation.
LISTING 6-20. Simple LAN segmentation resistant example, Router 1
LISTING 6-21. Simple LAN segmentation resistant example, Router 2
LISTING 6-22. Simple LAN segmentation resistant example, Router 3
LISTING 6-22a. (NOT IN BOOK) Simple LAN segmentation resistant example--Cloud Emulation
LISTING 6-23. Multiple protocol complete configuration, Router WarehouseA revised 25Feb01
LISTING 6-24. Multiple protocol complete configuration, Router WarehouseB revised 25Feb01
LISTING 6-24a. (NOT IN BOOK) Router Data Center 1, primary Frame Relay
LISTING 6-24b. (NOT IN BOOK) Router Data Center 2, alternate Frame Relay
LISTING 6-24c. (NOT IN BOOK) Router Data Center 3, ISDN backup server
LISTING 6-24d. (NOT IN BOOK) Router Data Center 4, async backup server revised 25Feb01
7. Hub and Spokes Topology.
LISTING 7-1. Simple single router spoke using EIGRP Everywhere
LISTING 7-2. Primary hub router using EIGRP Everywhere
LISTING 7-3. Backup hub router using EIGRP Everywhere
LISTING 7-4. Simple single router spoke using RIPv2 and OSPF
LISTING 7-5. Primary hub router using OSPF and RIPv2
LISTING 7-6. Backup hub router using OSPF and RIPv2
LISTING 7-7. Dual router spoke using RIPv2 and OSPF router Spoke 101A
LISTING 7-8. Dual router spoke using RIPv2 and OSPF router Spoke 101B
LISTING 7-9. Second hub router using OSPF and RIPv2 highlighting changes from primary hub router configuration
LISTING 7-9a. (NOT IN BOOK) First hub router using OSPF and RIPv2
Dial Backup with Multiple Dial Access Servers.
LISTING 7-10. Single router spoke with redundant IP dial backup
LISTING 7-11. Primary hub router using common IP unnumbered target
LISTING 7-12. Backup hub router using common IP unnumbered target
LISTING 7-13. Single router spoke with IP and IPX dial backup
LISTING 7-14. Test Spoke for simplified testing of hub dial-in ports
LISTING 7-15. Primary hub router for IP and IPX
LISTING 7-16. Backup hub router for IP and IPX
LISTING 7-17. Spoke router with unified ISDN and Async dial backup
LISTING 7-17a. (NOT IN BOOK) Frame Relay (only) hub router
LISTING 7-17b. (NOT IN BOOK) ISDN only hub router
LISTING 7-18. Hub router for IP backup through ISDN and Async
Using More than One Hub.
LISTING 7-19. Spoke router with ISDN backup driven by loss of hub or critical server
LISTING 7-20. Primary hub router modifications for critical server protection
8. Connecting to Service Providers.
LISTING 8-1. User router HQrouter1 configuration for the baseline service access scenario
LISTING 8-2. Service bureau router ServiceProvider configuration for the baseline service access scenario
LISTING 8-3. Router HQrouter1 configuration for redundant service access using static routing
LISTING 8-4. Router HQrouter2 configuration for redundant service access using static routing
LISTING 8-5. Service provider side router configuration for redundant service access using static routing
LISTING 8-6. Adjustment to router ServiceProvider to use backup link only if primary link is down
LISTING 8-7. Router HQrouter1 configuration for redundant service access using dynamically driven static routing
LISTING 8-8. Router HQrouter2 configuration for redundant service access using dynamically driven static routing
LISTING 8-9. Service bureau router configuration for redundant service access using dynamically driven static routing
LISTING 8-10. Router HQrouter2 configuration for access with dial backup to a private service provider
LISTING 8-11. Service bureau router configuration for dial backup support
LISTING 8-12. Backup router configuration using NAT
LISTING 8-13. A tighter access-list for incoming traffic that affords more protection
LISTING 8-14. Service bureau router configuration for dial backup with client NAT
Connecting to an Internet Service Provider.
LISTING 8-15. Single connection to the Internet with router protection configured
LISTING 8-16. Single external router with two links to the same ISP
LISTING 8-17. Router External #1 with first link to the same ISP using static routing
LISTING 8-18. Router External #2 with second link to the same ISP using static routing
LISTING 8-18a. (NOT IN BOOK) ISP router for two links to the same ISP using static routing
LISTING 8-19. ISP side of the BGP configuration to support router External #1
LISTING 8-19a. (NOT IN BOOK) ISP side of the BGP configuration for router External 2
LISTING 8-20. Router External #1 using BGP to detect ISP link status
LISTING 8-20a. (NOT IN BOOK) Router External #2 with Frame Relay link to the same ISP using BGP-driven static rouing
LISTING 8-21. Router External #1 using fully dynamic routing toward the Internet
LISTING 8-21a. (NOT IN BOOK) Router External #2 using fully dynamic routing toward the Internet
LISTING 8-22. ISP side of the filtered BGP configuration
LISTING 8-23. Router External #1 with Frame Relay link to the same ISP using BGP-driven static routing with indirect determination of the default route
LISTING 8-24. ISP with conditional advertisement of the default route
Connecting through Multiple Internet Service Providers.
LISTING 8-25. Router External #1 with link to the ISP serving 100.0.0.0/24, using static routing and NAT
LISTING 8-26. Router External #2 with link to the ISP serving 101.0.0.0/24, using static routing and NAT
LISTING 8-27. Single router providing multihoming through BGP
LISTING 8-28. Router External #1 speaking EBGP to one ISP and IBGP to router External #2 revised 3Jul01
LISTING 8-29. Router External #2 configuration including typical protective features and access lists for an external router that is attaching to the Internet revised 3Jul01
9. Connecting through Firewalls.
Firewalls in a Fully Redundant Network.
LISTING 9-1. Inside Router R-1 supporting firewalls to the outside
LISTING 9-2. Inside Router R-2 supporting firewalls to the outside
LISTING 9-3. Outside Router R-A supporting firewall access to the inside
LISTING 9-4. Outside Router R-B supporting firewall access to the inside
Automating Failover in Redundant Firewall Networks.
LISTING 9-5. Router R-1 supporting redundant firewalls in routing mode
LISTING 9-6. Router R-2 supporting redundant firewalls in routing mode
LISTING 9-7. Router R-A supporting redundant firewalls in routing mode
LISTING 9-8. Router R-B supporting redundant firewalls in routing mode
LISTING 9-9. Router R-1 supporting redundant firewalls in end-system mode
LISTING 9-10. Router R-2 supporting redundant firewalls in end-system mode
10. IBM Mainframe Connections.
LISTING 10-1. Token Ring redundant DLSw configuration Router 1A
LISTING 10-2. Token Ring redundant DLSw configuration Router 1B
LISTING 10-3. Token Ring redundant DLSw configuration Router 2A
LISTING 10-4. Token Ring redundant DLSw configuration Router 2B
DLSw for Ethernet Attached Devices.
LISTING 10-5. Backup peer configuration for Router 1A
LISTING 10-6. Backup peer configuration for Router 1B
LISTING 10-7. Backup peer configuration for Router 2A
LISTING 10-8. Backup peer configuration for Router 2B
LISTING 10-9. Backup peer configuration for Router 1A
LISTING 10-10. Backup peer configuration for Router 1B
LISTING 10-11. Backup peer configuration for Router 2A
LISTING 10-12. DLSw+ Ethernet Redundancy configuration for Router 1A
LISTING 10-13. DLSw+ Ethernet Redundancy configuration for Router 1B
LISTING 10-14. DLSw+ Ethernet Redundancy configuration for Router 2A
LISTING 10-15. DLSw+ Ethernet Redundancy configuration for Router 2B
DLSw through Firewalls.
LISTING 10-16. DLSw through dual firewalls inside DLSw Peer Router R-1
LISTING 10-17. DLSw through dual firewalls inside DLSw Peer Router R-2
LISTING 10-18. DLSw through dual firewalls inside Firewall Router R-3
LISTING 10-19. DLSw through dual firewalls inside Firewall Router R-4
LISTING 10-20. DLSw through dual firewalls outside Firewall Router R-A
LISTING 10-21. DLSw through dual firewalls outside Firewall Router R-B
LISTING 10-22. DLSw through dual firewalls outside DLSw Peer Router R-C
LISTING 10-23. DLSw through dual firewalls outside DLSw Peer Router R-D
LISTING 10-24. Ethernet DLSw through dual firewalls inside DLSw Peer Router R-1
LISTING 10-25. Ethernet DLSw through dual firewalls inside DLSw Peer Router R-2
LISTING 10-26. Ethernet DLSw through dual firewalls outside DLSw Peer Router R-C
LISTING 10-27. Ethernet DLSw through dual firewalls outside DLSw Peer Router R-D
11. Disaster Recovery Considerations.
Traditional Approaches.
Hot Backup Facility Approaches.
LISTING 11-1. Primary router configuration for primary server using a virtual server address
LISTING 11-2. Backup router configuration for backup server using a virtual server address
LISTING 11-3. Primary router configuration for primary server using a virtual server address provided by an external source
Load Sharing Approaches.
12. Management Considerations.
Configuration Management.
Total Quality Control.
| Home Page | Company Profile | Capabilities | Coming Events | Case Studies | White Papers | Book
Copyright 1999-2001 © Networking Unlimited Inc.
All rights reserved.