On Thu, Dec 10, 2015 at 3:21 PM, Ted Byers <[email protected]> wrote:
> My question is this. Suppose I have three sites on different > continents,each having a DMZ and vault, and within each vault there is > an instance of a MySQL database. I need these instances of the > database to function as a cluster using the usual suite of MySQL > clustering tools for managing such a cluster. but this presupposes the > databases can talk to each other through the LAN. I thought I might > manage this by creating a VPN that connects the vaults, but how do I > ensure that this VPN remains functional for the sites that are up even > if the site that established the VPN goes down. Or can this VPN be > entirely peer to peer, not functioning like I'd expect if one had sole > responsibility as a VPN server and the others as clients thereof. What you are looking for is a "mesh". Basically each site has a site-to-site VPN tunnel to each of the others. Since OpenVPN based on a "client-server" type model, for proper redundancy you'd need to be a bit careful about where your servers and your clients are. Something like; Site A server to Site B client Site A client to Site C server Site B server to Site C client Site B client to Site A server Site C server to Site A client Site C client to Site B server A full mesh doesn't scale very well but for only three sites it will be fine, if you start adding additional sites you'd nee to think through the architecture a bit further. _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
