I wish to submit to the community a failover/redundancy scenario that involves the following scheme:
1) CONTROL CENTER
In the CC there are 2 servers with OS Windows 2008-R2:
on both these servers is installed OpenVPN that is configured as server. The "server.opv" configuration file on the 2 machines is perfectly the same, and uses the same certificates generated by one of the server that acts like CA.
2) CONTROL NODE
Each control node is equipped with a modem/router GPRS that implements the OpenVPN protocol; each router has a "client.opv" configuration file in which is declared the 2 server of the control center with the following directive:
being IP1 and IP2 the public IP address of each control center's server. This realizes the redundancy scenario.
The system actually functions in the proper way:
when the server1 is down, all the clients connect the server2 using the redundant address IP2. OK.
The problem is when the server1 gets back to work: all the clients remain connected to the server2.
The optimal behaviour should be:
a) The server1 is the primary of the VPN; when is up, all the clients will be connected to this server;
b) The server2 is the secondy server of the VPN; when the server1 is down all the clients automatically will be connected to this server.
c) when the server1 gets back to work, all the clients will be automatically disconnected from the server2 and will be connected to the server1.
d) The system will wait for other faults, start again from point a).
SOME OTHER INFORMATIONS
- The servers of the Control Center are connected together over LAN.
- We have no possibility to change the configuration file of the clients (routers), because they have a custom web page for the configuration, and so we have to put the failover logic only on the control center site.
- On the OpenVPN Installation Manual there are not too much information about a scenario like this.
We would appreciate to have some ideas to manage this scheme.
Regards to all.