There have been scenarios in Enterprise Data Center when we need to advertise Public IP Pool over 2 or more ISP Provider Links. Most of the times , a /24 or bigger Public IP Block is required especially when customer needs to advertise Web Hosted application (in DMZ Zone) which should be accessed from Internet based users. The dilemma occurs when network administrators and designers need to decide whether PI (Provider Independent) or PA (Provider Assigned) Public Address pool needs to be procured. (Note – For those seeking more detail on Provider Independent and Provider Assigned Public Address Block, please refer to this link – https://ipwithease.com/provider-independent-vs-provider-assigned-ip-address-space/).
Below is one such scenario where Internet based users need to access Web facing Servers in DMZ Zone of new Data Center –
Let’s understand the scenarios when PA (Provider Assigned) and PI (Provider Independent) Address Blocks are used to advertising the Webhosted applications over both Internet Links –
Using PA Address Block
Let’s see what happens we use PA (Provider Assigned) Public IP Pool.
As shown in the below diagram, ISP 1 has assigned a Public IP Pool of 184.108.40.206/24 to customer while ISP 2 has assigned a Public IP Pool of 220.127.116.11/24 . Now, the challenge comes when the ISP1 assigned IP Pool of 18.104.22.168/24 needs to be advertised from ISP2 link also and Vis versa. Mostly ISPs only advertise their own PA address pool or else PI Public IP Pool.
Now, let’s say Web Server “abc.com” is reachable through ISP1 via IP 22.214.171.124, in event of ISP1 link down, the outside users can’t access abc.com via ISP2 on IP 126.96.36.199. In this case the proposed solution is to use GTM based failover or Link Load balancer solution.
Using PI Address Block
Let’s see what happens we use PI (Provider Independent) Public IP Pool.
As shown in the below diagram, the customer buys the PI Public IP Pool from RIR (Regional Internet Registry) like AFRINIC , APNIC, ARIN, LACNIC and RIPE NCC based on geographical location of organization. The best part about PI Pool is that it is routable over all ISPs unlike PA Public Block which is routable over ISP who have been assigned the bigger Public IP address Pool Block. In the diagram , the R1 and R2 Routers are able to advertise same PI address Pool of 188.8.131.52/24 over BGP (using fine tuning via attributes like AS-Prepend etc.) to ISP1 and ISP2 respectively.
This infers that even if 1st Link (ISP1) is down, still the IP address assigned to domain abc.com (184.108.40.206) will be reachable via ISP2.Therefore, we will not be needing GTM/GSLB or else Link load balancing scenarios to meet Link level failover requirement.
Hope this document helps Solution designers and Network Administrators planning to design Multihoming and failover scenarios over Multiple ISP Links.