<div dir="ltr">I'm just trying to share details about the network. I figure that's what people want to see here.<div><br></div><div>We recently migrated Seattle-ER1 from an RB2011 to a VM on an ESXi host. This was done for a few reasons, but most importantly, crypto is much faster in the new x86 CPU than in the RB2011. This will allow us to support more VPN terminations. (I believe the RB2011 maxed out around 18 Mbps of VPN traffic.) Seattle-SRV1 is another VM on the same host.</div><div><br></div><div>Today's outage was for a reboot of the ESXi host. Bart is more familiar with the details, but I understand the reboot was required to get the VMs to show up properly in vCenter server. This momentarily took out the two VMs, Seattle-ER1 and Seattle-SRV1. During the outage, the network re-routes around Seattle-ER1, but services only provided on Seattle-SRV1 remains inaccessible. After a few minutes, everything boots back up and service is restored.</div><div><br></div><div>The topology at the Westin looks something like this:</div><div><br></div><div>Seattle-ESXi</div><div> Seattle-ER1</div><div> Seattle-SRV1</div><div>Seattle-QueenAnne PtP</div><div><br></div><div>Each of these systems participates in OSPF, so if we have a failure of Seattle-ER1, Seattle-SRV1 will begin routing all traffic through Queen Anne. My guess is this will eventually make its way back to the Internet via our Tukwila datacenter. (The other possibility is exit through Corvallis via a VPN tunnel.)</div><div><br></div><div>For VM failover, we'd need a second ESXi host and configuration for automatic failover. My preference is that we make services redundant rather than systems, so if a VM or ESXi itself fail, another system at another site continues to provide the service. This is how we have DNS configured, for instance. I bet no one noticed any downtime for DNS during this maintenance event. Unfortunately, DNS is a lot simpler to make redundant than a SQL-backed website like <a href="http://hawan.org">hawan.org</a>.</div><div><br></div><div>Tom</div><div><br></div><div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, May 22, 2015 at 3:31 PM, John D. Hays <span dir="ltr"><<a href="mailto:john@hays.org" target="_blank">john@hays.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">You did note the smiley face?<div><br></div><div>BTW, two MikroTik routers in parallel can failover nicely.</div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Fri, May 22, 2015 at 2:36 PM, Tom Hayward <span dir="ltr"><<a href="mailto:tom@tomh.us" target="_blank">tom@tomh.us</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">The network itself has automatic failover and redundancy. The website <a href="http://hamwan.org" target="_blank">hamwan.org</a> (non-redundantly hosted on the Westin server) does not. IIRC, that's the only service at Westin that is not duplicated elsewhere.<span><font color="#888888"><div><br></div></font></span><div><span><font color="#888888">Tom</font></span><div><div><br><div class="gmail_extra"><br><div class="gmail_quote">On Fri, May 22, 2015 at 2:34 PM, John D. Hays <span dir="ltr"><<a href="mailto:john@hays.org" target="_blank">john@hays.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">What? No automatic failover and redundancy!!! <div><br></div><div>:)</div><div><br></div></div><div class="gmail_extra"><div><div><br><div class="gmail_quote">On Fri, May 22, 2015 at 2:22 PM, Bart Kus <span dir="ltr"><<a href="mailto:me@bartk.us" target="_blank">me@bartk.us</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello,<br>
<br>
I'll be doing a reboot of the Westin server @ 2:30PM PST today. This means all traffic and services there will stop for a few minutes. I'll send a second email when it's all completed.<br>
<br>
--Bart<br>
<br>
_______________________________________________<br>
PSDR mailing list<br>
<a href="mailto:PSDR@hamwan.org" target="_blank">PSDR@hamwan.org</a><br>
<a href="http://mail.hamwan.net/mailman/listinfo/psdr" target="_blank">http://mail.hamwan.net/mailman/listinfo/psdr</a><br>
</blockquote></div><br><br clear="all"><div><br></div></div></div><span><font color="#888888">-- <br><div><div dir="ltr"><br><hr><div style="float:left;padding-left:1em;color:blue">John D. Hays<br><span style="color:rgb(128,128,128)">K7VE</span></div><div style="float:left;padding-left:1em;color:blue"><span style="color:rgb(128,128,128)"><br></span></div><div style="float:right;text-align:right">PO Box 1223, Edmonds, WA 98020-1223 <div style="padding-top:0.5em"><a href="http://k7ve.org/blog" target="_blank"><img src="http://k7ve.org/images/blog-icon-box-red-26.png"></a> <a href="http://twitter.com/#!/john_hays" target="_blank"><img src="http://k7ve.org/images/Twitter-26.png"></a> <a href="http://www.facebook.com/john.d.hays" target="_blank"><img src="http://k7ve.org/images/Facebook-26.png"></a></div><div style="padding-top:0.5em"><br></div></div></div></div>
</font></span></div>
<br>_______________________________________________<br>
PSDR mailing list<br>
<a href="mailto:PSDR@hamwan.org" target="_blank">PSDR@hamwan.org</a><br>
<a href="http://mail.hamwan.net/mailman/listinfo/psdr" target="_blank">http://mail.hamwan.net/mailman/listinfo/psdr</a><br>
<br></blockquote></div><br></div></div></div></div></div>
<br>_______________________________________________<br>
PSDR mailing list<br>
<a href="mailto:PSDR@hamwan.org" target="_blank">PSDR@hamwan.org</a><br>
<a href="http://mail.hamwan.net/mailman/listinfo/psdr" target="_blank">http://mail.hamwan.net/mailman/listinfo/psdr</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div><div dir="ltr"><br><hr><div style="float:left;padding-left:1em;color:blue">John D. Hays<br><span style="color:rgb(128,128,128)">K7VE</span></div><div style="float:left;padding-left:1em;color:blue"><span style="color:rgb(128,128,128)"><br></span></div><div style="float:right;text-align:right">PO Box 1223, Edmonds, WA 98020-1223 <div style="padding-top:0.5em"><a href="http://k7ve.org/blog" target="_blank"><img src="http://k7ve.org/images/blog-icon-box-red-26.png"></a> <a href="http://twitter.com/#!/john_hays" target="_blank"><img src="http://k7ve.org/images/Twitter-26.png"></a> <a href="http://www.facebook.com/john.d.hays" target="_blank"><img src="http://k7ve.org/images/Facebook-26.png"></a></div><div style="padding-top:0.5em"><br></div></div></div></div>
</div>
</div></div><br>_______________________________________________<br>
PSDR mailing list<br>
<a href="mailto:PSDR@hamwan.org">PSDR@hamwan.org</a><br>
<a href="http://mail.hamwan.net/mailman/listinfo/psdr" target="_blank">http://mail.hamwan.net/mailman/listinfo/psdr</a><br>
<br></blockquote></div><br></div></div></div>