-1

I want to setup as below

I have two ISP with different static IP, terminated in single server with two NIC, make virtual IP for this NIC, want to bind my local web serve to this Virtual IP, so that if any ISP will fail will not affect to my webserver accessing from outside. How can I do it with Linux.

SDhimar
  • 1
  • 1
  • What do you mean by "virtual IP" (awful term because it is not well-defined and everybody means different things)? What this does in common virtualization, do you have a virtual machine or a container? And, finally, to have a redundancy in such a way you ether need to have a provider-independent IPs and set up BGP or rely on automatic DNS updates (dynamically remove addresses that don't work at this moment and add them back once they work). All in all, just don't try to host an important server at home, better put it into some cloud or datacenter, it has already such setup working. – Nikita Kipriyanov Dec 12 '22 at 09:15

1 Answers1

1

For a single IP address, you can't do it the way you're envisioning.

For that to work at the IP address level, you'd need to have an Autonomous System Number (ASN) and run a BGP dynamic routing protocol that would tell all the world's Internet backbone routers how to reach your virtual IP.

Unfortunately, a single IP address is in practice too small a chunk to be dynamically routable in this way. Most ISPs won't accept incoming BGP announcements from home/small-business customers, and even if you got past that hurdle, Internet's routers would ignore BGP announcements for single IP addresses. In order to maintain their routing performance, and not have the backbone routers' routing tables grow to absurd lengths, the backbone routers will want to deal with larger chunks of IP address space only.

To really have virtual IPs like that, you would need to be a fairly sizeable organization with a significant-sized block (/24 would qualify) of public IP addresses. Being able to reciprocally accept other organizations' traffic to be routed through your network links would also help.

Of course, if your two ISPs were both clients of the same internet backbone provider, and you were willing to negotiate and pay for a custom solution, something could probably be arranged... but for most people, that would be wasting a lot of money and effort to something that can be achieved much easier by choosing a different approach.

A more realistic strategy for implementing ISP failover for a single server would be to use any available dynamic DNS service. You would have one public (not necessarily static) IP address for each of your uplinks, and you'd use a DDNS client to update the DNS A record for your web server's fully-qualified hostname to point to the currently active IP address.

If an uplink goes down, you'd just update the A record, wait for the old record's Time-To-Live to expire (most dynamic DNS services keep the TTLs pretty short - like 60 seconds or so) and be accessible again. Of course doing it this way would cause any existing connections to drop, as your IP address would change on failover. But if your ISPs do any stateful firewalling at all, it would happen anyway on failover, even if you had your virtual IP.

Alternatively, you could just rent a cloud server from any major cloud operator, and let them deal with redundant network links and all that complexity - at their scale, they'll pretty much have to do it as a matter of course.

telcoM
  • 4,448
  • 15
  • 25