Yes, you're right.
I'm intending to use simple linux hardware without snmp. Was wondering
if heartbeat could be used to see if the hardware breaks and do the
activation of the inactive interfaces on a second similar machine.
VPNwise I was thinking about OpenVPN but still open to any other
products which are open source.
I had already a look at http://lartc.org/howto/ and got some ideas but
it'll still be a lot of work to put together all the scripts.
As it isn't such an uncommon problem I was wondering if somebody else
has a similar setup and likes to exchange experiences, ideas and
pitfalls. You can reach me off list.
Sven
Daniel Pittman wrote:
Sven Peters <[EMAIL PROTECTED]> writes:
G'day Sven.
I'm about to start to set up multiple offices with the normal services
(SMB, IMAP, etc) in different cities. I want all of them connected via
VPN and this needs to be as much reliable as possible. VPN Service
for people on the road needs to be available as well (with
Password+Certificates). I'd love to get all useraccounts into LDAP as
well later on.
Therefore I've set up every location with two different DSL lines
which I now want to use to interconnect the locations. I thought of
setting up Linux firewalls with multiple interfaces (one internal, one
DMZ, two for the DSL connections) but not sure what's the best way to
do it.
Has anybody experiences in this setup and can provide some hints, help
or even time to help setting this up in the next weeks?
You have chosen to do some relatively difficult networking for someone
who needs to ask for basic hints on how to implement it; good luck.
The best readily available reference I know of for the sort of thing you
are looking at doing is the Linux Advanced Routing add Traffic Control
howto, which has not seem much by way of updates in years:
http://lartc.org/howto/
The content is still good and it should guide you to the appropriate
tools for implementing whatever routing and availability policy you want
to have based on your multiple links, etc.
In terms of more specific advice, it is unlikely anyone can help you
yet: you need to tell us an awful lot more, including what (VPN)
technologies you intend to use for connecting the sites, what routing
policies you want to use, what hardware is in play, etc.
After all, recommending that you use SNMP to determine link availability
for fail-over purposes is going to be useless if your hardware turns out
to be lacking SNMP capabilities, right?
Regards,
Daniel
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
