BGP Multihomed/Multi-location best practice
We're in the process of designing a new iteration of our network where we improve resilliency by adding a second datacentre.
We'll be adding a second datacentre, with an identical configuration of servers as our primary location. To achieve network connectivity, we're looking into a couple of possible methods. See earlier questions Best way to improve resilience? and DNS Round-robin failover and load balancing
I'm pretty convinced that BGP is the right way to go about this, and this question is not about RRDNS.
1) If we have 2 locations, do we announce the same IP address block from both locations?
2) If we did this, but had a management ssh interface on x.x.x.50 from datacentre A, but it was on x.x.x.150 in datacentre B.
What is the best practice mechanism for achieving this? Because if I were nearest to A, then all my traffic would go to x.50, but if i attempted to connect to x.150, I'd not be able to connect, because this address wouldn't be valid at A, but only at B.
Is the best solution to announce 2 different netblocks, one at each location, facilitating the need for RRDNS, or to announce a single block, and run some form of VPN between the two sites for managment traffic?
I think that what you need here is a link between your two datacentres. I'm thinking dark fiber would be your best option as you can do pretty anything you want with it but any other L2 link will do the trick.
Considering such a link, you will be able to have all your edge routers in the same VRRP/HSRP/CARP group. You will need to configure them in the same way. I think you should do this for every network equipement that has a reason to be in each datacenter.
Using such redundancy, the primary router will announce your routes to the world and the secondary router will just wait for it to fail. If your datacenter fails, the secondary will take over. If your primary router fails, it will also take over which could be a problem. This is why you want to have bidirectionnal communication between your datacenters.
This link will also be extremely helpful for other tasks such as SAN replication which you will most likely want.
You have a few IPs (or a whole network) in each datacenter that are only announced from there for management and monitoring purposes. Only have the "public services" running on the IPs that are announced in both places.