Re: simple routing protocol for VPN redundancy?

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I think you can also take a look to linux HA : http://linux-ha.org/
The here a plugin called ipfail : http://pheared.net/devel/c/ipfail/
who works on the principle of Heartbeat.


Good luck


Erwan Le Doeuff
************************************************************
Project Manager of rcc project QoS HTB Power tool
http://www.rcc-project.net
************************************************************


On Tue, 15 Mar 2005 20:23:54 -0800, gypsy <gypsy@xxxxxxxxxx> wrote:
> Simon Chang wrote:
> >
> > Hello all,
> >
> > I need a very simple routing protocol for VPN redundancy.
> >
> > We have several sites and each site has a Linux router and two IPCops each
> > with an ADSL connection to the internet using different ISP's.
> >
> > I have configured VPN's between all of the sites for each IPcop on ispA and
> > the same for the IPCops on ispB. This way, if one of the ISP fails, I change
> > the route on the router and my VPN's continue to function over the other
> > ISP.
> >
> > This is a very simple saftey but it works well and its pretty cheep. But I'm
> > getting sick of changing the routes by hand and wonder if there is any way
> > of automating the failover.
> >
> > What I was thinking of is maybe a script/utility  that I could configure to
> > ping a host on a remote lan and if I started to loose to many packets or it
> > got too slow or failed it would change the route automatically.
> >
> > Has any one ever written a script or know of a utility that can do that?
> >
> > Cheers Simon.
> 
> I know nothing of VPNs, but I can tell you that Julian Anastasov has
> written patches for the Linux kernel called Dead Gateway Detection.
> Maybe that will do what you want.
> http://www.ssi.bg/~ja/
> http://www.ssi.bg/~ja/dgd.txt
> http://www.ssi.bg/~ja/dgd-usage.txt
> http://www.ssi.bg/~ja/nano.txt
> 
> You can have a look at what I'm running at work at:
> http://andthatsjazz.org:8/lartc/rc.nano1
> and there are examples and links here:
> http://andthatsjazz.org:8/lartc/index.html
> 
> Although I've only caught it happening once, when the ISP on eth2 went
> down that outage was not even noticed by users.
> 
> I used to have 3 (very flakey) connections here at home, and I wrote a
> script that had a Linux box at work ping each one.  When there were too
> many unanswered pings, a message was sent (to a working IP) saying which
> one was down.  If the connection was restored, a different flag was
> sent.  At home, I monitored a special directory for a flag file and
> changed the routing to stop trying the bad connection (or to use a
> revived one) depending on what flag file was there.
> 
> The scripts were pretty trivial to write, and they worked (often!).
> --
> gypsy
> _______________________________________________
> LARTC mailing list
> LARTC@xxxxxxxxxxxxxxx
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux