[strongSwan] ha setup for net2net

Juan Augusto Rossi juanrossi at gmail.com
Mon Jul 10 06:34:19 CEST 2017


Hi,

I am working on a setup that it is  net2net.

I am reading the ha setups at
https://wiki.strongswan.org/projects/strongswan/wiki/HighAvailability

and seeing the examples at
https://www.strongswan.org/testing/testresults/ha/

I have the following questions:

I see that ha setups are for the public ip being in clusterip, it is where
road warriors connect, not what I am using, I am using net2net to setup
internal gateways that forward the traffic between locations.

Would it be possible to setup the internal gateway ip with clusterip in two
ipsec handling machines with tunnels?. This way the clients using the
internal gateways will get hashed and balanced over two tunnels.
Will this work?

This way I need to configure one gateway only for the clients.

Is there flaw in my logic, or actually I should consider only ha for the
public ip, and have 2 gateways internally

Regards

Juan.-
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170710/33b1b1d2/attachment.html>


More information about the Users mailing list