Hi all, I'm looking for some help migrating a webserver farm from one ISP to another.
Our customers require zero down time, or as close to it as possible. We are not moving servers, just changing the IP addresses of these. Also we do not administer all of the DNS entries, so just "throwing a switch" would mean that all customers would have to get their DNS entries updated simultaneously, which obviously isn't practicle.
Our current senario is as follows:
Outside IP range (lets say) 62.190.3.x connected via Cisco PIX firewall maps all public IP's to 192.168.1.x
We have a second PIX, that we have put on the new link, with outside IP range (lets say) 195.188.1.x the PIX has been set up to translate all outside public IP's to 192.168.5.x
Now if we give all servers two IP addresses (ie. 192.168.1.128 and 192.168.5.128) there can obviously be only 1 default gateway - in our case the old firewall 192.168.1.1
If you try to ping 62.190.3.128 it works OK; if you try to ping 195.188.1.128, it works for some people, but not for others; I am guessing that this is because people behind firewalls are sending requests to 195.188.1.128 and getting a response from 62.190.3.128 and the firewall is blocking it.
Has anyone go any ways around this? Currently all hosts are Windows 2000, however we have some spare Sparcs or Linux boxes that we could deploy on a temporary basis if it would get around the situation.
Any suggestions?
Our customers require zero down time, or as close to it as possible. We are not moving servers, just changing the IP addresses of these. Also we do not administer all of the DNS entries, so just "throwing a switch" would mean that all customers would have to get their DNS entries updated simultaneously, which obviously isn't practicle.
Our current senario is as follows:
Outside IP range (lets say) 62.190.3.x connected via Cisco PIX firewall maps all public IP's to 192.168.1.x
We have a second PIX, that we have put on the new link, with outside IP range (lets say) 195.188.1.x the PIX has been set up to translate all outside public IP's to 192.168.5.x
Now if we give all servers two IP addresses (ie. 192.168.1.128 and 192.168.5.128) there can obviously be only 1 default gateway - in our case the old firewall 192.168.1.1
If you try to ping 62.190.3.128 it works OK; if you try to ping 195.188.1.128, it works for some people, but not for others; I am guessing that this is because people behind firewalls are sending requests to 195.188.1.128 and getting a response from 62.190.3.128 and the firewall is blocking it.
Has anyone go any ways around this? Currently all hosts are Windows 2000, however we have some spare Sparcs or Linux boxes that we could deploy on a temporary basis if it would get around the situation.
Any suggestions?