[Openswan Users] OpenS/WAN high availability
Paul Wouters
paul at xelerance.com
Thu Jan 17 09:46:35 EST 2008
On Wed, 16 Jan 2008, Benny Amorsen wrote:
> >> Is there any possibility inside openswan to configure state syncronisation /
> >> tunnel credentials syncronisation between the two knodes of a cluster?
>
> > That is currently not implemented.
>
> A different way of doing it would be to keep tunnels open permanently
> to both VPN servers. You could then switch instantly between the
> tunnels and even load balance if you wanted. I don't think openswan
> likes adding the same route for two different tunnels though.
>
> The closest you can get with current software is to do GRE (or some
> other tunnel protocol) over IPSEC. You can run dynamic routing on
> top of that.
Yes, see http://www.xelerance.com/talks/lk2003/
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list