bonded VPN not working when one of WAN fails

Forums Network Management ZeroShell bonded VPN not working when one of WAN fails

  • This topic is empty.
Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
  • #43684


    I am unable to set vpn bonding to work as it should.

    My setup:

    I have two remote sites, with two WANs each.

    I have established two LAN-to-LAN VPNs betweetn
    VPN0: SiteA:WAN1 <-> SiteB:WAN1
    VPN1: SiteA:WAN2 <-> SiteB:WAN2

    VPNs are connecting OK.

    now i have created a BOND0 with two aggregated VPNs on each side.

    then i have created a bridge between ETH0 (local net) and BOND0 on each side.

    Now i am able to ping hosts between two sites with no problem.

    But when one WAN fails something very strange happens. For about 30s everyfhing continues to work.
    BOND0 interface detects that one of VPNs is disconnected and BOND interface says:
    Link UP — VPN00:Down VPN01:Up.
    But after about 30 seconds connectivity is lost between sites, and BOND0 interface status changes to:
    Link UP — VPN00:Up VPN01:Up

    Now BOND0 says that both VPNs are up, but the VPN0 itself is still down!!

    When i manually disable VPN00 inferface by unchecking the “UP” box it starts to work again after a while.

    What is happening and how to set it up correctly ???
    I have tried it in Zeroshell 1.0 and 2.0 and it is working the same way.


    We are suffering exactly the same issue, and so far we haven’t found a solution for this too.


    I think that i have found a way to make it work.

    Try establishing vpn tunnels with UDP not TCP. Bond0 recognizes correctly vpn states only when vpns are established with UDP. Dont know why.

    i also did some static routes and net-balancing rules, and some additional vpn setup changes.

    If changing to UDP won’t help you please contact me: michalzientara (at)

Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.