Network Redundancy – Second Theme

Terry Slattery
Principal Architect

Follow-on to the prior blog entry titled “Understanding Network Redundancy

The second theme in network redundancy design is the desire to make the most efficient use of the network.  Some organizations are so focused on maximizing network utilization that they begin using redundant links to the extent that redundant operation is compromised.

Management sees network utilization reports that show links are running less than 50% utilization and want to increase the utilization as a way to hold costs down while the business grows.  Let’s assume that you’ve designed primary and backup paths.  If the total volume of data on both paths is greater than what will fit on one of the two paths and still provide acceptable performance, you don’t have a fully redundant configuration.   You’ll need 95th percentile performance figures (see 95th Percentile Tech Tip) so that you know the network utilization over periods of time.  If the sum of the 95th percentile on both primary and backup links is greater than 100%, then when a failure occurs, all the traffic will be using one path and that path will be over 100% subscribed and will be nearly 100% utilized (I say ‘nearly’ because there will always be some level of inefficiency on a link or path).

For true redundancy, the primary and backup paths should have enough reserve capacity to handle the full load when one of the two paths fails. A viable alternative is to allow operation at reduced capacity.  For example, if the sum of the load on both paths is 120% of one path, a failure of one path will cause some traffic to be lost, causing the applications using that path to run at reduced capacity.

Adding additional paths would seem to answer the problem of insufficient backup bandwidth, but it increases network complexity, makes it difficult to monitor, and increases difficulty in troubleshooting.  The result is seldom acceptable (see the prior blog entry for an example).

How do you learn about good network redundancy design?  Cisco has a number of whitepapers, including the Solution Reference Network Design guides (SRNDs) that describe best practices for redundancy.  Some of these documents include ways to configure fast failover so that time sensitive applications often don’t notice the failure of one path and the switch to the backup path.  There is also a Cisco Press book that is a good resource, Building Resilient IP Networks.



Re-posted with Permission 

NetCraftsmen would like to acknowledge Infoblox for their permission to re-post this article which originally appeared in the Applied Infrastructure blog under


Leave a Reply


Nick Kelly

Cybersecurity Engineer, Cisco

Nick has over 20 years of experience in Security Operations and Security Sales. He is an avid student of cybersecurity and regularly engages with the Infosec community at events like BSides, RVASec, Derbycon and more. The son of an FBI forensics director, Nick holds a B.S. in Criminal Justice and is one of Cisco’s Fire Jumper Elite members. When he’s not working, he writes cyberpunk and punches aliens on his Playstation.


Virgilio “BONG” dela Cruz Jr.

CCDP, CCNA V, CCNP, Cisco IPS Express Security for AM/EE
Field Solutions Architect, Tech Data

Virgilio “Bong” has sixteen years of professional experience in IT industry from academe, technical and customer support, pre-sales, post sales, project management, training and enablement. He has worked in Cisco Technical Assistance Center (TAC) as a member of the WAN and LAN Switching team. Bong now works for Tech Data as the Field Solutions Architect with a focus on Cisco Security and holds a few Cisco certifications including Fire Jumper Elite.


John Cavanaugh

CCIE #1066, CCDE #20070002, CCAr
Chief Technology Officer, Practice Lead Security Services, NetCraftsmen

John is our CTO and the practice lead for a talented team of consultants focused on designing and delivering scalable and secure infrastructure solutions to customers across multiple industry verticals and technologies. Previously he has held several positions including Executive Director/Chief Architect for Global Network Services at JPMorgan Chase. In that capacity, he led a team managing network architecture and services.  Prior to his role at JPMorgan Chase, John was a Distinguished Engineer at Cisco working across a number of verticals including Higher Education, Finance, Retail, Government, and Health Care.

He is an expert in working with groups to identify business needs, and align technology strategies to enable business strategies, building in agility and scalability to allow for future changes. John is experienced in the architecture and design of highly available, secure, network infrastructure and data centers, and has worked on projects worldwide. He has worked in both the business and regulatory environments for the design and deployment of complex IT infrastructures.