Complex Intra/Extra network question?

Gentlemen;

While this is not specifically a linux question, as all the components
used in this situation are running on Linux. So here goes:

We currently have a multi-location situation. A main location with a
T1 link and four remote locations currently each with Adsl w/static
IPs. We have VPN's defined between each remote location and the main
location. So far - so good!

Occasionally one or more of the remote locations will experience a
circuit interruption meaning that there is NO traffic passing between
the main and that/those locations.

We wish to install and configure some sort of multiple circuit
arrangement where if a remote circuit goes down for any reason there
would be an alternate service/circuit that will take over and maintain
connectivity automatically. And, of course, revert back when service
is restored.

While I've seen some routers with internal v.9x modems which will
accommodate this they only work from one point to another. Therefore,
what happense when TWO or more of the nodes are down?

Also, my concerns are actually IP based - because this traffic and the
VPN's are all static IP based then how can one have alternative
service and be able to retain the IP values so the existing
connections would be able to continue?

My question(s) therefore are:

Is the a mechanism within software (linux service) that would support
multi-homing (multi IPs) and be able to logically connect either to
the destination IP (server, etc)?

Does anyone know of an external device (multi-homed router or other
appliance or adapter) that can connect to multiple ISPs yet deliver a
single IP to the gateway supporting the internal network?

Whew! I know this is a tall order but after spending hours and hours
searching the net and coming up empty handed I believe someone reading
this may have some suggestions.

So please, if you have any suggestions, recommendations, etc. a few
words pointing me in the right direction will be greatly appreciated.

Thanks,

Bob

Bob Mariotti wrote:
> Gentlemen;
>
> While this is not specifically a linux question, as all the components
> used in this situation are running on Linux. So here goes:
>
> We currently have a multi-location situation. A main location with a
> T1 link and four remote locations currently each with Adsl w/static
> IPs. We have VPN's defined between each remote location and the main
> location. So far - so good!
>
> Occasionally one or more of the remote locations will experience a
> circuit interruption meaning that there is NO traffic passing between
> the main and that/those locations.
>
> We wish to install and configure some sort of multiple circuit
> arrangement where if a remote circuit goes down for any reason there
> would be an alternate service/circuit that will take over and maintain
> connectivity automatically. And, of course, revert back when service
> is restored.
>
> While I've seen some routers with internal v.9x modems which will
> accommodate this they only work from one point to another. Therefore,
> what happense when TWO or more of the nodes are down?
>
> Also, my concerns are actually IP based - because this traffic and the
> VPN's are all static IP based then how can one have alternative
> service and be able to retain the IP values so the existing
> connections would be able to continue?
>
> My question(s) therefore are:
>
> Is the a mechanism within software (linux service) that would support
> multi-homing (multi IPs) and be able to logically connect either to
> the destination IP (server, etc)?

Set up IP aliases on each virtual circuit, as much on each interface as
you have locations.

Basically, this means you create a fully meshed network inside (on top
of) your VPN structure.

Then, run (E)IGRP over the VPN mesh to determine routing - "true" links
(i.e. the primary connections from A to B) get the highest preference,
and therefore the most routed traffic.
As long as each location has at least one link to every other the
network will continue to function...

Why EIGRP? Simply because route breaks, splits and updates are much more
efficient than with either RIP (ouch) or OSPF (useless on such a small
network).

If you need technical details check some Cisco docs or other general
routing info - it's not really that hard.

You can create a fully-meshed and routed network that can reach any
subnet through any combination of other subnets - pretty much
nuclear-winter-proof

For 5 locations the mesh will only come up to 40 routes or so - still
manageable for the average admin.

If that is too ridiculous (and I suspect it is ;-) just limit the
maximum hops to 3 or even 2.

--
J

Where does the shit go ?