There are several ways that pass to my mind though it depends from the
exact requirements which would be the best approach:
1. Simple failover with multiple remote servers on the client side config.
You can even put weights here.
2. Have the servers on a cloud provider that provides virtual ip failover
between remote sites
3. Script your way. For exaple i had scripted a simple monitoring agent
that his job was to open and close the vpn ports through iptables depending
on the availability of the peer server (+ internet connectivity checks to
avoid false positives) and have multiple server lines on the remote
directive of client config.
When you mention that you had problem with the tunnel routes what exactly
was the problem? Is it related with ospf or vpn routes? Openvpn has up/down
directives that you can use to trigger and run scripts to clean routes or
do other tasks.
On Jul 26, 2017 00:00, "Marcelo Moraes" <marcelo.mor...@campofert.com.br>
wrote:
Hi everybody.
First of all, I'm sorry. This may be a very simple matter, but I'm not
succeeding in solving it.
I need to make a high availability between two openvpn servers that are in
two different physical locations. I thought first of making a server and a
client for each connection and propagating the routes through ospf. I also
thought about creating two servers, and adding them to a single multi-line
client with the remote command.
What would be the best way to do this? Of these two forms mentioned
above I am having problems with the tunnel routes, because if a server
goes offline for some reason, when it returns, the openvpn service can
not go up that route because there is already a same route through
another path and then the server Error and stops.
Any idea is welcome
--
Atenciosamente
Marcelo Moraes | Suporte TI
Fone. 17-3330-5000 (ramal 5006)
Skype. mmoraes.campofert
------------------------------------------------------------
------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
