Hi,
I need an advice to solve the following problem. I have a web server with some services (private cloud) that is directly connected to the Internet through ISP 1 (the web server has both software firewall and IDS/IPS and uses a fixed static IP provided by ISP 1). The PCs on the LAN connect to the web server by passing through a hardware firewall/router (openWRT) that is connected to the Internet via two connections ISP 1 and ISP 2.
Now, to improve the reliability of the server in the event of a connection interruption, I would like to move the web server behind such a firewall in its DMZ. In this case the PCs in the LAN would connect to it without going through the Internet. My questions:
-
Can I have only one fixed IP? If yes, does it necessarily have to be provided by one of these ISPs? What happens in case the connection of the ISP providing the IP is interrupted?
-
If configuration 1) is not possible, I need two fixed IPs, each provided by an ISP. What happens in case of an ISP connection failure? How can I update the DNS dynamically to point to the working IP?
Do you have any other advice?
Thanks in advance
Edit: after some research, I believe the only available solution is 2). In this case, the options are to use a load balancer or a round-robin DNS. Each of which has its advantages and disadvantages. What do you recommend that I do?