How tinc route traffic when two subnets are identical?
Guus Sliepen
guus at tinc-vpn.org
Fri May 5 23:14:23 CEST 2017
On Thu, May 04, 2017 at 02:24:42PM -0700, Dave Warren wrote:
> I'm a tinc n00b, not yet actually using it yet but investigating as it
> seems it will solve a lot of problems with our current solutions.
>
> Can I rely on this configuration as a lazy man's failover solution? I
> understand I can't set priorities or anything of that sort, I just want
> a simplistic failover if one or the other internet connection dies for
> locations that have multiple external routes/connections.
Yes you can; failover works.
> There might be a better way, I'm still wrapping my head around
> everything.
Another option besides having two different nodes announcing the same
Subnet, is to use an external high-availability solution like heartbeat
for example, and have two machines with completely identical tinc
nodes (same Name, same public/private keypair). Heartbeat will ensure
only one of them is active. Other nodes that want to connect to this
high-availability pair have to Address statements in the corresponding
host config file, one for each of the pair. The drawback is slightly
slower failover (because tinc has no second connection already standing
by when the first dies), a possible advantage is that tinc does not
switch unnecessarily between the HA nodes.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20170505/29fbf3dc/attachment.sig>
More information about the tinc
mailing list