In case of power failure, you bought backup batteries for all your of servers and critical workstations. You assembled mirrored disk drives to make sure you are covered in case of a disk crash on your servers. You have a secondary long-distance provider to handle those times when your primary telephone carrier is off-line. And you have a backup plan to save to tape every night the files that have changed during the day. Most of us would think this is all well and good, but something is missing: How about a backup Internet connection?
Getting a redundant link to the Internet isn't as easy as buying a big battery for your power supply. You have to understand the Internet naming schema called DNS first off. Then you have to understand the paths that the various Internet providers take from your doorstep to where they connect to the Internet backbones. And you also have to understand where any single points of failure are in your own network, so that you don't buy more redundancy than you actually need or can use.
Two events over the past few weeks have brought this to top of mind. First was when a construction crane brought down many of the Internet connections used by Computer Associates to link their trade show in New Orleans with their corporate network. While CA bought several T-1s to various places around the country, all the T-1s fed through a single path outside of New Orleans. It just so happened that this path was in the way of the crane that cut all lines out of the city.
Here is another example: you use ISP A to maintain your identity and provide dial-up access to the 'net. An employee (call him Smith) leaves A to start up his own company across town, call it ISP B. However, the president of A doesn't like the fact that Smith left his company and so configures his routers so that any Internet traffic going to B through his network is blocked.
Or ISP C gets a range of IP addresses from ISP D to use and proceeds to allocate them to various customers of C. One day, ISP D is sold to another company, call them ISP E. Company E decides to re-use this range of addresses without telling any of ISP C's customers. These customers wake up one morning and find that their service has stopped for no particular reason or action on the part of their own ISP.
These are real stories: I haven't provided many details because my point isn't to highlight the particular players, but talk about the consequences of their actions. As a friend of mine said whom this happened to, "It is the equivalent of someone walking up to a place of business and cutting all their phone lines – in other words, criminal." But right now all of this is usual and customary behavior on the 'net.
So what can you do to avoid this? One suggestion I have is to split your Internet access and identity into two different providers: use a larger vendor such as the phone companies, Uunet, PSI, or BBN for the access (they have lots of modem banks around the country and pay people to maintain them) and a smaller one for your identity. Why go with a smaller outfit? Mainly because you want to be able to call up the president and have him or her do something quickly. In a larger ISP, try even getting any email returned by the president of the company.
This is what I have done: I actually use three ISPs: Uunet for my ISDN access (even though they don't have a local phone number for my ISDN calls, but that is another issue), Apex-IT in Blacksburg, Virginia for my identity and domain service, and Sohonet in New York City to host my web site. While it costs more to split things up, it isn't much more and there are built- in redundancies that help.
But it isn't completely redundant: I still rely on my Uunet connection to get my access, and if anything is wrong with their dial-up modem pool or their backbone connection, I don't get any Internet access. So I have a contingency plan for backup dial-up access using either Compuserve or Microsoft Network. Compuserve is actually a better backup, since it uses a different network for dial-up and has different backbone connections to the Internet. MSN uses many of the same dial-up modem pools and backbone connections that Uunet does. However, with both Compuserve and MSN, I am limited to using a single computer, rather than having my ISDN router connect my entire office network to the Internet.
What if you want to use two different ISPs for access for your network, and have them active all the time? This isn't so easy, and I would urge you to find someone that understands DNS and Internet topology before proceeding. Doing this for a large network can be difficult, because you can introduce large routing loops that can cause problems for the ISPs if they aren't aware that you have two Internet connections active and serving the same series of IP addresses. I would recommend you take a look at an article that was published in Connexions, describing an Swedish experiment that occurred earlier this year where they did exactly this.
This essay is composed in HTML and can be read in your browser. This is not always a simple process, and I'll be happy to provide help if I can. If you are getting this directly from me, or if someone is forwarding it to you, and you want to change that situation, let me know. Subscriptions are always free of charge. Entire contents copyrighted 1996 by David Strom.
+1 516 944 3407
Link to this essay on our site
Back issues of Web Informant essays
WebCompare, comparison and features of over 90 web servers!