What's the best solution for a hotsite configuration?

Toggle sidebar Toggle sidebar
F

FreshPrince

Diamond Member
Dec 6, 2001
8,361
1
0
For uninterrupted service, what would you suggest that will allow for seamless load balanced web sites located in different geographical locations?

I've read about 3DNS, but I have no clue where to start..point me to the right direction :)

edit: 1 other thing, this geographical redundancy has to support SSL, which presents a whole new problem :(
 
Garion

Garion

Platinum Member
Apr 23, 2001
2,331
7
81
3DNS is a very effective product. It's also big $$. Generally, you need to pick up a few 3DNS boxes, scatter them across the country (usually one at the main site, one at the hot site). They are, essentially, intelligent DNS servers which watch the health of devices. If a device fails they return back the IP of the standby box. They can also do active / active configs, where both websites are getting traffic and users are routed to the closest website based on DNS topology.

We use them quite a bit (along with various other F5 products), let me know if you need more details.

- G
 
F

FreshPrince

Diamond Member
Dec 6, 2001
8,361
1
0
Originally posted by: Garion
3DNS is a very effective product. It's also big $$. Generally, you need to pick up a few 3DNS boxes, scatter them across the country (usually one at the main site, one at the hot site). They are, essentially, intelligent DNS servers which watch the health of devices. If a device fails they return back the IP of the standby box. They can also do active / active configs, where both websites are getting traffic and users are routed to the closest website based on DNS topology. We use them quite a bit (along with various other F5 products), let me know if you need more details. - G
Click to expand...

that's exactly what we want to do, can you tell me which F5 product you're using?

also, we're a foundry shop, do you know if they have something similar? Basically this is just load balancing on a DNS level correct? If so, I've played with round-robin dns, but it seems to want to stick to one web server LOL!
 
N

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Round robin typically hands out the next available IP address. What Garion says 3DNS does (I don't have any experience with them) is they "watch" the networks they are stationed at and keep each other up to date on the health of that network.

Round Robin is basically "passive," while 3DNS is more of an active load balancing.

There was an AT article a while back about using a Linux product to do load balancing, but I can't remember what it was called. I also don't remember if it was just round robin or if it monitored the health of the system...

EDIT: ugh this window popped up between the two monitors :p

2001 upgrade. This article mentiones the Linux Virtual Server Project, and possibly some other things.

From page 4:
Speaking of fail over support, one of the benefits of this setup vs. a software solution working with Round-Robin DNS is that there is seamless fail over support should a web server go down. With the software/round-robin solution we had to remove the failed box from the Round-Robin DNS setup otherwise people could be redirected to a machine that wasn't up. In this case, as soon as a box fails, the load balancer takes it out of the cluster.
Click to expand...

2002 Server Upgrade article. In this article they mention load balancing by Pogo Linux. It seems they also use it to keep track of log files.

HTH!
 
F

FreshPrince

Diamond Member
Dec 6, 2001
8,361
1
0
I think the AT load balancer is LAN based while I'm looking for a WAN based load balancer. interesting read though :)
 
Garion

Garion

Platinum Member
Apr 23, 2001
2,331
7
81
Originally posted by: FreshPrince
Originally posted by: Garion
3DNS is a very effective product. It's also big $$. Generally, you need to pick up a few 3DNS boxes, scatter them across the country (usually one at the main site, one at the hot site). They are, essentially, intelligent DNS servers which watch the health of devices. If a device fails they return back the IP of the standby box. They can also do active / active configs, where both websites are getting traffic and users are routed to the closest website based on DNS topology. We use them quite a bit (along with various other F5 products), let me know if you need more details. - G
Click to expand...

that's exactly what we want to do, can you tell me which F5 product you're using?

also, we're a foundry shop, do you know if they have something similar?  Basically this is just load balancing on a DNS level correct?  If so, I've played with round-robin dns, but it seems to want to stick to one web server LOL!
Click to expand...

We use F5 BigIP's for load balancing and 3DNS for Global Server Load Balancing (GSLB). Good stuff.

FYI, DNS round-robin isn't much of a solution, unless you mix it with something else. If you blow a server / site, you will deny half your requests.

There are some other vendors that do GSLB - Cisco has a product, but it's not very impressive.

It does look like the Foundry ServerIron switches can do this - From their site they say "Multi-site scalability with Global Server Load Balancing" Probably worth looking into, especially if you've already got them installed.

- G
 
F

FreshPrince

Diamond Member
Dec 6, 2001
8,361
1
0
sad news.....bigip 3dns --> $25K a pop, which means $50K :(

I'll look into foundry's GSLB, since we have it, might as well use it. We only paid $16K for both our serverironxl's :)
 
Garion

Garion

Platinum Member
Apr 23, 2001
2,331
7
81
SSL shouldn't matter - The GSLB servers work at the DNS layer (usually), so what service run you run it (SSL or not) shouldn't matter.

Now, if you're talking about SSL accelerators, that's a whole different matter.

- G
 
F

FreshPrince

Diamond Member
Dec 6, 2001
8,361
1
0
My understanding is that SSL binds the domain name to a specific IP address. So, when you purchase a SSL cert from verisign or thawte for www.domainname.com it is bound to one of your external IP's correct?

if that's the case, GSLB loadbalances websites to different geographical locations, which will have different IP's...how will GSLB work for e-commerce sites that rely on SSL enabled websites?

I guess my question is...is there a product out there that will allow 1 SSL for multiple IP's? Is there such a product?
 
Garion

Garion

Platinum Member
Apr 23, 2001
2,331
7
81
Originally posted by: FreshPrince
My understanding is that SSL binds the domain name to a specific IP address.  So, when you purchase a SSL cert from verisign or thawte for <A href="http://www.domainname.com">www.domainname.com</A> it is bound to one of your external IP's correct?

if that's the case, GSLB loadbalances websites to different geographical locations, which will have different IP's...how will GSLB work for e-commerce sites that rely on SSL enabled websites?

I guess my question is...is there a product out there that will allow 1 SSL for multiple IP's?  Is there such a product?
Click to expand...

Actually, no. A SSL certificate is just based on the host's fully-qualified domain name (FQDN). It isn't tied to the IP address in any way. As long as the name in DNS matches what you have a certificate for on the server, you're good.

- G
 
Garion

Garion

Platinum Member
Apr 23, 2001
2,331
7
81
Originally posted by: Santa
Here is a good price on a pair of used F5 540 boxes.. I do not know how reliable this souce is but give it a try...

[L=</blockquote>">[L=</blockquote>[L=http://]http://www.networkliquidators.com/viewProduct.asp?ID=8954<h">http://www.networkliquidators.com/viewProduct.asp?ID=8954
Click to expand...
http://]http://www.networkliquidators.com/viewProduct.asp?ID=8954<h[/L]]http://www.networkliquidators.com/viewProduct.asp?ID=8954<h[/L][/L]]http://]http://www.networkliquidators.com/viewProduct.asp?ID=8954<h">http://www.networkliquidators.com/viewProduct.asp?ID=8954[/quote]http://]http://www.networkliquidators.com/viewProduct.asp?ID=8954<h[/L]]http://www.networkliquidators.com/viewProduct.asp?ID=8954<h[/L][/L][/L] [/quote]

Those are F5 BigIP's - Load balancers. What FreshPrince is looking for is a 3DNS - Different platform.

One other note - careful buying used F5 products. All warranties and software licenses are to the original purchaser. They do NOT transfer. I saw some F5 cases down at the local PC recycle place and asked our F5 guy if I could buy them and then resell them on e-bay. No dice!

- G
 
S

Santa

Golden Member
Oct 11, 1999
1,168
0
0
oh whoops I guess I saw their other 3DNS boxes and thought these were the same thing.

Model numbers are close and it confused me.. 520 540 blah hehe.

Well they do have some older versions of their 3DNS boxes on there if you are interested..

http://www.networkliquidators.com/viewProduct.asp?ID=8719

Way cheaper than the $25k but then again take the words of wisdom when it comes to license and warrenty.
 
Garion

Garion

Platinum Member
Apr 23, 2001
2,331
7
81
And those are at code version 3.0 - Probably barely functional. They are up to v 4.5 now, and there are HUGE differences between code revs. Not worth it, unless you can cut a deal with F5 to take over the license.

- G
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom