* Michael Sternberg <[EMAIL PROTECTED]> [021024 19:16]: > Let's say I have four computers (A,B,C,D) in four different networks and > want to organize a VPN between them. I can make VPN from one computer > (A) to three others (B,C,D) and I can even use the same IP for all > three connections on originating computer (A). I can even use it as > router between all four. But - if this computer fails - all my VPN > network fail because I have a single point of failure here. > > Solution that seems to be right - make additional VPN connections between > three remaining computers (maybe using same IPs as in the first three > connection) and use those connections as backup. But now I have a routing > problem. In first setup VPN IP of A was router for C,B,D to get to VPN > network. Now I have more than one path to get from D to B for example. > Perfect solution would allow switch to another route if first one failed. > > What solution to the routing problem would be right ? Some kind of > dynamic routing over the VPN connection ? Something (hopefully) > simpler ?
Assign a subnet for the VPN, say 192.168.69.0/24, each host has an IP in the network .1, .2, .3 and .4 Connect all of them fully (or partially as you like), whenever a link goes up setup a specific route to the host it is in the network and a default route, be sure that when connecting two machines only one of them sets a default route! This will give you a short link when possible (one vpn hop), and some other link if the direct one is not up. Never tried to setup such a thing so it's mostly a guess. Baruch -- Baruch Even http://baruch.ev-en.org/ ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
