[Openswan Users] OpenS/WAN high availability
Benny Amorsen
benny+usenet at amorsen.dk
Wed Jan 16 16:10:17 EST 2008
Paul Wouters <paul at xelerance.com> writes:
> On Wed, 16 Jan 2008, Michael Schwartzkopff wrote:
>> Is there any possibility inside openswan to configure state syncronisation /
>> tunnel credentials syncronisation between the two knodes of a cluster?
> That is currently not implemented.
A different way of doing it would be to keep tunnels open permanently
to both VPN servers. You could then switch instantly between the
tunnels and even load balance if you wanted. I don't think openswan
likes adding the same route for two different tunnels though.
The closest you can get with current software is to do GRE (or some
other tunnel protocol) over IPSEC. You can run dynamic routing on
top of that.
/Benny
More information about the Users
mailing list