Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Enterprise Multihoming

  • From: Howard C. Berkowitz
  • Date: Fri Mar 12 12:20:58 2004

At 4:06 PM +0000 3/12/04, Stephen J. Wilcox wrote:
I think its too easy, thats the problem.
Hoping that I don't sound too much like Bill Clinton, that depends on what you mean by "it." If "it" is multihoming, with your own ASN, to two providers, your raise some valid points.

Is there an intermediate alternative before you go all out? Yes, I think so, assuming your current provider has multiple POPs. Let me examine some of your points if we consider RFC 1998-style multi-POPping (I just invented that highly technical term) using PA address space.

For <$1000 (excluding bandwidth/ccts)
you can buy a box, connect to your two providers, get an ASN and IPs and you're
away.
Alternatively, another POP link, and preferably another router. If you are more concerned with loop failures than router failures, not a completely unreasonable assumption, you could get away with one router that has multiple interfaces, and spend some of the savings on backup power -- possibly a backup power supply in addition to the UPS, such as a Cisco RPS on their smaller routers. While you'll probably take a performance hit, or if you can reduce to critical traffic on an outage, you might get away with a second smaller router.

I dont agree that connecting to two+ upstreams makes you better. In my
experience end networks have a couple of orders of magnitude more downtime than
a PoP in any reasonably large ISP. Ie the percentage theoretical improvement is
small.
Like everything else, It Depends. My experience is that access links fail more often than provider routing systems, especially with a clueful provider. Since you can't guarantee that your physical connectivity to two different ISPs doesn't involve a shared risk group in the lines, there are still some things you may not be protected against.

One option, depending on the plant in your area, is that if you are considering a second router, consider putting it in a nearby building, reachable by WLAN (if you are minimizing costs), where that building minimally has different ducts to the telco end office, and ideally goes to a different end office. Not always possible, but to be considered. Longer-range wireless (radio or optical) links get more expensive.


In addition you seriously increase the complexity of your system, chances are
you're using the cheapest kit you could find (or at least cheaper and smaller
than what I would use).. its not great at BGP and may fall over when you get a
minor DoS attack, you probably generate flaps quite a bit from adhoc changes and
if you're announcing a /24 then thats going to get you dampened quickly..
That's a motivation for PA address space, where the provider aggregate is less likely to be small and easily damped.

so you
actually create a new weakest link. Also most of the corporates I've dealt with
take defaults rather than full tables.. so if the provider does have an issue
you still forward the traffic, theres no failover of outbound routing.
Again looking at intermediate solutions, there are always partial routes such as customer routes of the provier.


Even if you spend (waste) the money on some decent gear, you're on your own and
when a problem occurs the ISPs are going to be less helpful to you (not by
choice, I mean they dont have control of your network any more.. there knowledge
of whats causing problems is limited to the bit that they provide to you), so
chances are your problems may be more serious and take longer to diagnose and
fix.
Again, an operational advantage of multiPOPping and working with one carrier, although you aren't going to be protected against insanity of their BGP/


IMHO avoid multihoming. You will know when you are big enough and you *need* to
do it, if you're not sure or you only want to do it cause you heard everyone
else is and its real cool then I suggest you dont.
MHO would be to look at "multihoming" as a spectrum of solutions rather than a binary choice of single-provider-single-link versus multiple-provider. In given situations, you might also want to look at DSL or cable for diversity, tunneling to an ISP since the broadband provider is unlikely to be willing to speak BGP. Even dialup/ISDN, sometimes for critical workstations, has its place.

Shameless plug: I do go through these options in my book, Building Service Provider Networks (Wiley). Even there, though, I only run through the alternatives. You will still have to make your own cost-benefit decisions based on business policy, budget, clue level and cost of alternatives.




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.