Problem Definition:


During certain Disaster Recovery Events, your statically assigned Internet IP Address may change. This may cause certain services to be disrupted if these services are not aware of the Standby IP Address.  Outbound Internet Access is not affected.


Cause:


CloudConnect does not failover Statically Assigned IP Addresses due to the time required for such address changes to propagate. As a result, when CloudConnect assigns your organization a Static Internet IP Address, it also assigns a corresponding “Standby IP Address” which resides at your configured Disaster Recovery Location.


Resolution:


How do I know if the Standby IP address has been promoted to the Active IP Address?


             If you have properly configured your external Network Resources in accordance with this KB Article, you should not notice the IP address change.  While you should not notice the IP address change, CloudConnect will still post a Change Notification with the affected IP Addresses on our Support Site Announcements page.


What is your Alternate/Standby IP Address?

 

Edge Gateway

Internet Access IP

Primary Public IP Address

Standby Public IP Address

172.29.253.XYZ

216.93.253.XYZ

96.233.53.XYZ

172.29.254.XYZ

192.203.253.XYZ

108.26.236.XYZ



For Example:


             If your Statically Assigned Internet IP Address (Primary Public IP Address) is 216.93.253.209, your Standby Internet IP Address is 96.233.53.209.


             If your Statically Assigned Internet IP Address (Primary Public IP Address) is 192.203.253.136, your Standby Internet IP Address is 108.26.236.136.


It is important to configure any Internet or on premise hardware services (that are dependent upon a CloudConnect Statically assigned Internet IP Address) to be aware of both your Primary and Standby IP Addresses.Failure to do so, will cause these dependent services to be interrupted during a Disaster Recovery Event where your IP Address changes.See Additional Information below for guidelines on configuring these external services to be multi-address aware.


Additional Information:


To avoid service interruptions during a Disaster Recovery event, CloudConnect recommends you strategically configure your Internet DNS Records and On-Premise hardware to reduce or eliminate service interruptions caused by a change in your Internet IP Address:


For Site-to-Site VPN Tunnels, please make sure your on premise Router has your Standby IP address specified as the “Alternate Gateway Address” for any VPN Tunnel that connects to a CloudConnect hosted infrastructure.  The Primary Public IP Address should be used as the Primary Gateway Address, and the Edge Gateway DMZ Address should be used as the peer (i.e. the CloudConnect) IKE Identifier.


For DNS Records, CloudConnect recommends utilizing a Dynamic DNS Provider. Dynamic DNS monitors your IP address and if certain failure criteria are met, the DNS records are automatically updated to the Standby IP address specified by you.Note that your SOA Record need not be transferred to the Dynamic DNS Provider for this to work.


If Dynamic DNS is not an Option:

For DNS Host (A) Records that point to a Statically Assigned CloudConnect Internet IP Address, configure the TTL of each record to 30 minutes or less.  The TTL time is your worst case propagation time.  If the IP Address changes, update the A record IP Address Value to your Standby IP Address. Do not delete and recreate the record as this will result in a service outage of up to 48 hours for that record.


For other DNS Records that point to a Statically Assigned CloudConnect Internet IP Address, CloudConnect recommends utilizing SRV records with priority handling where the Primary address is specified as higher priority for the Service, and the Standby Address is specified as a lower priority.For more information on provisioning SRV for High Availability, see: https://en.wikipedia.org/wiki/SRV_record#Provisioning_for_high_service_availability


Applies To:

CloudConnect Virtual Private Domain Virtual Router

CloudConnect mspCloud Virtual Router

CloudConnect vCloud Director Enterprise Edge Gateway Services