1. Home
  2. Networking
  3. Integrated cisco and unix network architectures

Simple but Effective Approaches to Server HA

Let us consider the network vicinity of a server in the context of its connected network interface cards (NICs), its LAN switch environment, VLAN membership, and exit gateways. Note that two or more NICs attached to redundant switch access ports provide sufficient redundancy, and channel bonding or interface teaming provides another useful combination of link aggregation (with an added redundancy benefit).

Route equalizing per destination or per packet can be configured to exit the two VLAN broadcast domains to which a server is usually hooked up. Beyond VLANs, dynamic routing protocols provide sufficiently fast rerouting around failures. It is fairly straightforward to provide redundant VLAN trunks and trunk termination (redundant routers on a stick) via Virtual Router Redundancy Protocol (VRRP) or Hot Standby Router Protocol (HSRP). This can be combined with equalized default routes (Linux) or floating static route concepts. Manual load distribution can be manipulated via manually tuned more-specific prefix routes. Return-packet load balancing originating from distant sites is an entirely different story; Domain Name System round-robin (DNS RR), Border Gateway Protocol (BGP) approaches (MED or path prepending), or dedicated load-balancing devices represent possible solutions.

When experimenting with special load-distribution approaches, keep in mind that Internet Control Message Protocol (ICMP) redirects might affect what you try to accomplish. sysctl provides a hook to disable dissemination of ICMP redirect messages (as shown in Example 12-1).

Example 12-1. Disabling ICMP Redirects for Special Cases

[root@ganymed:~#] sysctl -a | grep redirect

net.inet.ip.redirect = 1

net.inet6.ip6.redirect = 1

Address Resolution Protocol (ARP) cache latency is another issue that considerably affects certain setups. How long an ARP entry remains in a cache until it is removed is implementation-specific and might require manual intervention. To compensate for long timeouts, failover concepts such as VRRP/HSRP use gratuitous ARP featuring unsolicited updates.

Split-view DNS setups are popular, especially in enterprise networks where Network Address Translation (NAT) is used. Split-view DNS essentially means that an internal name server responds to queries for names associated with corporate RFC 1918 addresses and consults the external name server if it fails to resolve global records. Therefore, for true redundancy, two internal and two external DNS servers are advisable.



    		Command Syntax Conventions
    		Chapter 1. Operating System Issues and Features-The Big Picture
    		Chapter 2. User-Space Routing Software
    		Chapter 3. Kernel Requirements for a Full-Featured Lab
    		Chapter 4. Gateway WAN/Metro Interfaces
    		Chapter 5. Ethernet and VLANs
    		Chapter 6. The Analyzer Toolbox, DHCP, and CDP
    		Chapter 7. The UNIX Routing and ARP Tables
    		Chapter 8. Static Routing Concepts
    		Chapter 9. Dynamic Routing Protocols-Interior Gateway Protocols
    		Chapter 10. ISP Connectivity with BGPv4-An Exterior Gateway Path-Vector Routing Protocol for Interdomain Routing
    		Chapter 11. VPN Technologies, Tunnel Interfaces, and Architectures
    		Chapter 12. Designing for High Availability
    		Increasing Availability
    		Withstanding a (D)DoS Attack
    		Network HA Approaches
    		Simple but Effective Approaches to Server HA
    		DNS Shuffle Records and Round-Robin (DNS RR)
    		Dynamic Routing Protocols
    		Firewall Failover
    		Clustering and Distributed Architectures
    		The Service Routing Redundancy Daemon (SRRD)
    		IPv4/IPv6 Anycast
    		A Few Words About Content Caches and Proxies
    		Load Balancing
    		Cisco HA and Load-Balancing Approaches
    		VRRP
    		OpenBSD CARP
    		IRDP
    		Summary
    		Recommended Reading
    		Endnotes
    		Chapter 13. Policy Routing, Bandwidth Management, and QoS
    		Chapter 14. Multicast Architectures
    		Chapter 15. Network Address Translation
    		Appendix A. UNIX Kernel Configuration Files
    		Appendix B. The FreeBSD Netgraph Facility