We have a website that sits behind two firewalls, main and failover. Main and failover firewall have different IPs, and different Internet connections from different providers. How to provide failover when main failover or main internet connection dies that clients automatically connect to website over second IP?
The failover over of firewalls works, they are both stateful. It is not important which model, lets imagine that they work.
We know that we can go in DNS and manually change the website IP to failover IP, but is there a more elegant and faster solution?
Best Answer
Not unless a) both your providers support BGP and b) they'd be willing to advertise your routes and c) you have your own ASN. Otherwise DNS is your only option. It's not a horrible choice though if you set your TTL really low and using one of the smarter DNS provider that can redirect traffic based on non-responsive ping. CloudFlare is also an option if your site is primarily static information that can be cached and served to users in the event of an outage.
Really though, if you truly need this level of HA, you should be hosting in a datacenter.