#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2011
    Posts
    2
    Rep Power
    0

    Active/passive broadband connections to maintain various IT services


    plan to buy a firewall support active and passive internet connections, when active internet connection down, will failover to passive internet connection automatically, when active internet connection back on, will rollback to active internet connection automatically. Found a sonicwall should able to do this already.


    public ip, default gateway and dns are different for active and passive internet connections, so when failover or rollback, they will change as well


    IT services to maintain when active internet connection down are
    - office internet access
    - email service provided by exchange 2007
    - internal/external web-based erp service provided by apache tomcat


    office internet access
    - achieve by add passive internet connection DNS to Windows DNS forwarder


    email service provided by exchange 2007
    - smtp achieve by additional MX record with passive internet connection's public IP and larger Preference Number (lower priority)
    -

    internal/external web-based erp service provided by apache tomcat
    - By additional A record with passive internet connection's public IP for apache tomcat



    Any comments?


    Any idea what need to do to maintain Outlook Anywhere and Outlook Web Access? Just additional A record as well?


    Thx a lot!
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Feb 2008
    Posts
    601
    Rep Power
    43
    Some of ideas don't make sense.

    office internet access
    - achieve by add passive internet connection DNS to Windows DNS forwarder
    ??? This is on your LAN? If so, no action, unless it resolves DNS for external users, too.

    nternal/external web-based erp service provided by apache tomcat
    - By additional A record with passive internet connection's public IP for apache tomcat
    Again, is this on your LAN? If so, again, no-action required here.

    The issue you have is that you appear to have users external to your network, that need to know when your primary service is down so that they know to use the alternative connection and public IP address.

    You need some mechanism that can dynamically update your DNS so it reflects the current config accurately (with caveats) or otherwise re-design your DNS completely so that you are performing DNS resolution for your domain.

    The problem is that DNS is fairly dumb, so once a client has asked "where is xyz.com", unless it knows or you tell it that the IP is different, it will just respond as normal, and the user will face a connection error.

    If the original DNS request relies on contacting your (down) server, it will try a list of DNS servers until it gets a response. This will enable you to have two DNS servers serve two different IPs for the domain, or one server sever different IPs depending on which IP address the request came from (I'm not sure which software can do this).

    I hope this makes sense. In summary, it is your external users that will have problems; your internal network should be largely unaffected if the router does its job in switching connections.

    Best regards,
    AstroTux.

IMN logo majestic logo threadwatch logo seochat tools logo