It is currently 19.11.2017 16:11


All times are UTC




Post new topic Reply to topic  [ 1 post ] 
Author Message
 Post subject: Failover/redundancy scenarios over OpenVPN
PostPosted: 17.01.2012 17:12 
DES
DES

Joined: 17.01.2012 15:13
Posts: 1
Dear all,
I wish to submit to the community a failover/redundancy scenario that involves the following scheme:
1) CONTROL CENTER
In the CC there are 2 servers with OS Windows 2008-R2:
server1
server2

on both these servers is installed OpenVPN that is configured as server. The "server.opv" configuration file on the 2 machines is perfectly the same, and uses the same certificates generated by one of the server that acts like CA.
2) CONTROL NODE
Each control node is equipped with a modem/router GPRS that implements the OpenVPN protocol; each router has a "client.opv" configuration file in which is declared the 2 server of the control center with the following directive:
remote IP1
remote IP2

being IP1 and IP2 the public IP address of each control center's server. This realizes the redundancy scenario.
FAILOVER SCENARIO
The system actually functions in the proper way:
when the server1 is down, all the clients connect the server2 using the redundant address IP2. OK.
The problem is when the server1 gets back to work: all the clients remain connected to the server2.
The optimal behaviour should be:
a) The server1 is the primary of the VPN; when is up, all the clients will be connected to this server;
b) The server2 is the secondy server of the VPN; when the server1 is down all the clients automatically will be connected to this server.
c) when the server1 gets back to work, all the clients will be automatically disconnected from the server2 and will be connected to the server1.
d) The system will wait for other faults, start again from point a).
SOME OTHER INFORMATIONS
- The servers of the Control Center are connected together over LAN.
- We have no possibility to change the configuration file of the clients (routers), because they have a custom web page for the configuration, and so we have to put the failover logic only on the control center site.
- On the OpenVPN Installation Manual there are not too much information about a scenario like this.

We would appreciate to have some ideas to manage this scheme.

Regards to all.


Top
Offline Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ]  Moderator: Moderators

All times are UTC


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Theme created StylerBB.net