www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

bonded VPN not working when one of WAN fails

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell
View previous topic :: View next topic  
Author Message
michalzerosheller



Joined: 07 Jul 2013
Posts: 2

PostPosted: Sun Jul 07, 2013 8:29 pm    Post subject: bonded VPN not working when one of WAN fails Reply with quote

Hello.

I am unable to set vpn bonding to work as it should.

My setup:

I have two remote sites, with two WANs each.

I have established two LAN-to-LAN VPNs betweetn
VPN0: SiteA:WAN1 <-> SiteB:WAN1
VPN1: SiteA:WAN2 <-> SiteB:WAN2

VPNs are connecting OK.

now i have created a BOND0 with two aggregated VPNs on each side.

then i have created a bridge between ETH0 (local net) and BOND0 on each side.

Now i am able to ping hosts between two sites with no problem.

But when one WAN fails something very strange happens. For about 30s everyfhing continues to work.
BOND0 interface detects that one of VPNs is disconnected and BOND interface says:
Link UP -- VPN00:Down VPN01:Up.
But after about 30 seconds connectivity is lost between sites, and BOND0 interface status changes to:
Link UP -- VPN00:Up VPN01:Up

Now BOND0 says that both VPNs are up, but the VPN0 itself is still down!!

When i manually disable VPN00 inferface by unchecking the "UP" box it starts to work again after a while.

What is happening and how to set it up correctly ???
I have tried it in Zeroshell 1.0 and 2.0 and it is working the same way.
Back to top
View user's profile Send private message
aseques



Joined: 16 Jun 2009
Posts: 59

PostPosted: Mon Jul 08, 2013 6:59 am    Post subject: Reply with quote

We are suffering exactly the same issue, and so far we haven't found a solution for this too.
Back to top
View user's profile Send private message
michalzerosheller



Joined: 07 Jul 2013
Posts: 2

PostPosted: Mon Jul 08, 2013 1:34 pm    Post subject: tcp / udp Reply with quote

I think that i have found a way to make it work.

Try establishing vpn tunnels with UDP not TCP. Bond0 recognizes correctly vpn states only when vpns are established with UDP. Dont know why.

i also did some static routes and net-balancing rules, and some additional vpn setup changes.

If changing to UDP won't help you please contact me: michalzientara (at) o2.pl
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group