[Linux-HA] HA Openvpn server

Marian Marinov mm at yuhu.biz
Wed Jul 15 04:44:26 MDT 2009


On Wednesday 15 July 2009 13:32:26 Kaushal Shriyan wrote:
> On Wed, Jul 15, 2009 at 3:49 PM, Marian Marinov<mm at yuhu.biz> wrote:
> > On Wednesday 15 July 2009 13:05:12 Michael Schwartzkopff wrote:
> >> Am Mittwoch, 15. Juli 2009 11:53:45 schrieb Kaushal Shriyan:
> >> > Hi,
> >> >
> >> > Is there a documentation to set up High available Openvpn server ?
> >> >
> >> > Thanks and Regards
> >> >
> >> > Kaushal
> >>
> >> Hi,
> >>
> >> not really. Some hints:
> >>
> >> 1) use the local<virtual IP> config option.
> >>
> >> 2) use the keepalive ... config option. Read the doc for more info about
> >> that option.
> >>
> >> 3) Take care that your init script does a correct start, stop and
> >> status. i.e. I added to my status section:
> >> status)
> >>   if [ ! -e $PIDFILE ]
> >>   then
> >>     echo "$PIDFILE does not exist."
> >>     exit 3
> >>   fi
> >>
> >>   NOW=`date +%s`   # Jetzt in Sekunden seit 1970
> >>   VPNSTATUS=`stat -c "%Y" $STATUSFILE`   # mtime des Statusfiles in
> >> Sekunden seit 1970
> >>   if [ $(($NOW - $VPNSTATUS)) -gt 180 ]  # Wenn der Status älter als 180
> >> Sek isst ...
> >>     then exit 3
> >>     else exit 0   # nehmen wir mal, an der Server laeuft
> >>   fi
> >>   ;;
> >>
> >> Pleaes publish any improvements. thanks.
> >>
> >> Greetings,
>
> Hi Marian
>
> > Also you can use multiple remote options in the config which are tested
> > in Round-Robin fashion.
>
> Any examples ?
>
> Thanks,
>
> Kaushal

It is pretty straight forward.

If you have 2 routers(A and B) with 3(one for local network and 2 for different 
ISPs) interfaces each. 

You simply setup openvpn on A to listen on both interfaces and router B 
remote xxx.xxx.xxx.xxx 11094
remote yyy.yyy.yyy.yyy 11094

where xxx and yyy are the 2 IPs of router A.

If you have different setup, for example, two offices (A and B). But in Office A 
you have 2 routers, you can still use the same setup for router B.

-- 
Best regards,
Marian Marinov



More information about the Linux-HA mailing list