The LIC carries business traffic. Two routes are provided for HA.
Connecting two computers with one cable is the simplest way of making one network. This is asking for trouble if you want reliability. In fact, the whole network must be duplicated to minimise the risk of annoyed customers. This means doubling up on many network bits and pieces.
|LIC topology: HA (High Availability)
for a complex network
|1. one network||2. extra network for HA|
Building an HA network means doubling up on everything. The network topography contains two sets of cables, two ethernet switches and two sets of NICs.
Figure 1 shows a complex network topology with many firewalls and DMZs. There is only one path linking these parts. If any one of these paths is broken, the network becomes a net-not-work. It's no good for your customers if you slice through one cable and take away their access.
Figure 2 shows the addition of HA for business traffic. A second network provides redundancy.
|LIC topology: routing around problems|
|3. primary route||4. Quelle horreur!|
Adding an HA network doesn't just mean a second set of cables. Each computer, such as a firewall and ethernet switch, must be doubled up to avoid a SPOF (Single Point Of Failure). The benefit of adding all this hardware is when a computer crashes the sites are still available for customer use. One network acts as the primary route that traffic takes and the other network acts as a secondary route.
Figure 3 shows computers (black boxes) and ethernet cables (black lines) connecting them together. All requests from the Internet to the web servers travel along the thick lines. This is the primary route.
Figure 4 shows a problem with the primary route. ifw01 caught fire. All traffic is redirected to the secondary route. Clever HA tricks make sure no requests are lost when the problem happens.
The HA network is designed to make it extremely unlikely that problems stop network traffic from getting through. Actually making this happen requires many networky bits and pieces.
Bear in mind this is not perfect: it is all about probability. A simple connection from the Internet to a home computer might go like this.
- router > cable > switch > cable > IBM PC.
If any one part fails, they all fail. The network traffic can't get through. It is unlikely that one of these parts will fail, but these things do happen. I can add a second set of parts to provide a second connection. If any one part fails, the network traffic can still get through. It is extremely unlikely that enough parts will fail to break both connections.
|LIC topology: network bits and pieces|
+-------+ | host | +-------------+ xcl01 +---------------+ | eth1 +-------+ eth2 | | | |port1 port1| +-----+----+ +-----+----+ | |port4 ISL port4| | | switch +--------------------------+ switch | | ces01 | | ces02 | +-+-----+--+ +---+----+-+ port3| |port2 port3| |port2 | | +-------+ | | | +-----+ host +-------------------+ | | eth1 | ifw01 | eth2 | | +-------+ | | +-------+ | +------------------------+ host +-----------+ eth2 | ifw02 | eth1 +-------+
Here is a description of the parts that make up both connections. The scary ASCII art diagram shows their relationships graphically.
- Host xcl01 has NICs labelled eth0 to eth3.
- The eth1 NIC is connected by a cat5 cable to the ethernet switch "ces01".
- The eth2 NIC is connected by a cat5 cable to the ethernet switch "ces02".
- The ethernet switches "ces01" and "ces02" are connected together by a cross-over cable to form one VLAN.
- The ethernet switch "ces01" is connected by two more cables to both firewall hosts "ifw01" and "ifw02".
- The ethernet switch "ces02" is connected by two more cables to both firewall hosts "ifw01" and "ifw02".