Connectivity Fault Tolerance for Mission Critical Systems

Marconi Foundation
Aug 27, 2019 · 3 min read
Image for post
Image for post

Many businesses today operate out of multiple locations that need to communicate with each other and one of the most common ways of connecting them is via site-to-site VPNs. Site-to-site VPNs create secure connections between locations over the public internet and make computing resources in one location available in another location. Connecting over the public internet provides a lot of flexibility, but it also puts these businesses as the mercy of ISP outages which, unfortunately, are fairly common. Outages can be caused by human error, physical cable disconnects/damage, technology failures in the ISP’s network stack or a host of other issues. No matter the cause, site-to-site VPNs can’t operate during an outage which means that the business loses critical access to resources. For many businesses this can mean lost revenue, reputational damage or worse.

How is this solved today?

The only way to reliably achieve fault tolerance when an ISP suffers from an outage is to leverage multiple ISPs. While that sounds simple in concept, it’s not easy to implement with site-to-site VPNs. The VPN software must be configured to detect a failover and then subsequently route traffic from the primary connection to the backup. There is a long established protocol for handling this, but it’s not easy to configure and it’s a proprietary protocol which means you’re locked into using specific hardware which typically comes at a steep cost. Newer solutions exist which are far easier to setup, but those still require proprietary hardware and licenses. Alternatively, businesses with very savvy network engineers can manually configure automatic failover, but that type of expertise is hardly common anymore and it’s likely not easy to maintain anyway.

High Availability Site-to-Site VPN with Marconi

Marconi can be an easy to manage, cost effective solution for businesses needing site-to-site VPNs. However, with just a few additional commands it’s possible to use Marconi to create a fault tolerant network with automatic failover to redundant ISP connections. The Marconi Protocol can create multiple mPipes across different physical connections backed by different ISPs and then, using Marconi’s unique L2 bridging functionality, merge those connections to back a single virtual IP. Each site now has a Marconi virtual IP that apps & services in each site can be configured to use with confidence. Even if primary ISP goes down, that IP will still be operational since Marconi will seamlessly failover to the redundant mPipe connection. This can all be achieved on commodity hardware with Marconi’s open source software. Configuration is also minimal since much of the traditional configuration & information exchange needed for VPN setup is handled automatically through the blockchain.

Image for post
Image for post

If you’re interested in learning more about how to set this up in your own corporate network or datacenter today contact hello@marconi.org.

MarconiProtocol

Smart Ethernet Protocol

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store