[OpenVPN home]	[Date Prev]	[Date Index]	[Date Next]
[OpenVPN mailing lists]	[Thread Prev]	[Thread Index]	[Thread Next]

Re: [Openvpn-users] vpn routing question

Subject: Re: [Openvpn-users] vpn routing question
From: James Yonan <jim@xxxxxxxxx>
Date: Wed, 5 Oct 2005 14:41:37 -0600 (MDT)

On Wed, 5 Oct 2005, Erich Titl wrote:

> James
> 
> James Yonan wrote:
> > On Mon, 3 Oct 2005, Jason Keltz wrote:
> ....
> > 
> > 
> > I think it would be a worthwhile feature to have a native clustering 
> > capability in OpenVPN.
> > 
> > While the basic load balancing and failover capability provided by putting 
> > multiple "remote" directives on the client is almost a clustering 
> > solution, it falls a bit short when you want (for example) a client to 
> > keep the same IP address even when connecting to a different server, or 
> > when clients are serving as a VPN gateway for a local, private LAN.
> > 
> > To make this work, we need a dynamic routing capability so that when a 
> > user with a given VPN IP address ('IP') connects from server 'A' 
> > to server 'B', the server-side routers will be aware that return packets 
> > to IP must now be routed through server 'B' rather than server 'A'.
> > 
> > One way to make this work would be to use a dynamic routing protocol such 
> > as RIP2 or OSPF.  When the user connects to server 'B', a RIP2 message 
> > would be multicast, telling all the local routers of the new gateway for 
> > 'IP'.
> > 
> > This would require adding some code to OpenVPN to advertise its internal 
> > routing table to local, neighboring routers using RIP2 or OSPF.
> 
> But would it solve the seamless handover scenario? I doubt it. Basically
> what would be needed are multiple paths to destination, advertised
> dynamically as you pointed out.
> 
> Right now load balancing relies on multiple remote entries which are
> selected in a random fashion. What happens when the selected remote
> fails during tunnel lifetime? OpenVPN will try to reconnect (after a
> certain timeout) and might succeed finally. Will a TCP connection
> survive such a switch in the underlying layer?

It would survive if the switchover happened quickly enough.  This would
require a fast algorithm for determining when a remote goes down.

James

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Follow-Ups:
- Re: [Openvpn-users] vpn routing question
  - From: Leonard Isham

References:
- [Openvpn-users] vpn routing question
  - From: Jason Keltz
- Re: [Openvpn-users] vpn routing question
  - From: Erich Titl
- Re: [Openvpn-users] vpn routing question
  - From: Jason Keltz
- Re: [Openvpn-users] vpn routing question
  - From: James Yonan
- Re: [Openvpn-users] vpn routing question
  - From: Erich Titl

Prev by Date: [Openvpn-users] Re: Client's private key
Next by Date: Re: [Openvpn-users] how to add route to openvpn internal routing table
Previous by thread: Re: [Openvpn-users] vpn routing question
Next by thread: Re: [Openvpn-users] vpn routing question
Index(es):
- Date
- Thread