High Availability VPN solutions There is no doubt that Virtual Private Networks will become increasingly important. There are a lot of VPN software packages, both commercial and Open Source, that do a good job. However, many of these solutions were designed with rather static networks in mind, and are heavily based on single point-to-point connections. The need for more dynamic solutions is obvious. With roaming IP, dynamic IP, VPNs consisting of multiple sites, and environments where VPN access must be available 24 hours a day, most normal VPN solutions will have some unacceptable shortcomings. In this talk we will address some of the issues that normal VPN solutions suffer from, for example: inefficiencies due to protocol stacking, suboptimal routing and limited scalability. Many of the problems encountered in real networks, like failing links and changing topologies, are also present in VPNs. While solutions such as redundant links, fail-over devices and routing daemons exist for real networks, most VPN software does not provide this kind of fault tolerance, due to their static nature. We will discuss the techniques we used to solve these problems, and how we have implemented them in TINC, our own GPL'd VPN solution.