[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Openvpn Failover configuration

  • Subject: Re: [Openvpn-users] Openvpn Failover configuration
  • From: Giancarlo Razzolini <linux-fan@xxxxxxxxxxx>
  • Date: Thu, 24 Aug 2006 09:24:54 -0300

abhilash s wrote:
> Hi all,
>         Can anybody tell me how to do failover b/w two openvpn
> servers? My scenario is as follows :
>        I have two Openvpn servers(server1 & server2) Server1 have
> virtual IP as and Server2  have . Also I have
> connected voip phones through the VPN to the Server1 . So when the
> Server1's VPN is down I want to automatically switch the phone
> connections to the Server2 . But I have assigned
> IP in all my voip phones and how it will switch to the second vpn
> server which have IP pool ?
One initial solution would be using host names instead of ip addresses.
But for this to work, you would need the dns entries to expire as soon
as your server one goes down. And some programs doesn't renew the dns
entry, even if it is expired, so possibly a restart of the program might
be necessary.
>       It will be very helpful for me if anybody gives me the
> configuration guidance as I don't get any practical notes about these
> configuration
I suggest you to use some failover on a level below openvpn. Something
like CARP might do the trick. I've recently been playing with it, and
you have 2 choices. You can use it on it's native platform, OpenBSD or
you can play with ucarp (www.ucarp.org), but i didn't tested it, and i
believe that it lacks the synchronization of states that pfsync
provides. Failover isn't an easy thing, but if it works, you are a lucky
sysadmin :)
> Regards,
> Abhilash Subhash
My regards,
Giancarlo Razzolini
Linux User 172199
Moleque Sem Conteudo Numero #002
Slackware Current
OpenBSD Stable
Snike Tecnologia em Informática
4386 2A6F FFD4 4D5F 5842  6EA0 7ABE BBAB 9C0E 6B85

Attachment: signature.asc
Description: OpenPGP digital signature

Get stuff done quickly with pre-integrated technology to make your job easier
Openvpn-users mailing list