Opened 14 years ago

Closed 2 years ago

#25 closed Feature Wish (wontfix)

Check if state/instance synchronization between OpenVPN instances is doable in 2.x series

Reported by: Samuli Seppänen Owned by: reg9009
Priority: minor Milestone:
Component: Generic / unclassified Version: OpenVPN git master branch (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc: james@…

Description

As discussed in IRC meeting on 3rd June 2010 having state/instance synchronization between OpenVPN instances should be doable. This would enable transparent failover configuration, similar to what OpenBSD has with IPSec.

However, more research is needed to determine whether 2.x series is up for the job, or if we should postpone implementation to OpenVPN 3.0.

Change History (3)

comment:1 Changed 11 years ago by Samuli Seppänen

This is an interesting idea, but doesn't seem to have gone anywhere. is this still valid for 2.x and does 3.x have something like this already?

Last edited 11 years ago by Samuli Seppänen (previous) (diff)

comment:2 Changed 10 years ago by Samuli Seppänen

Cc: james@… added
Version: 2.1.0 / 2.1.1git master branch

Jamesyonan: is this a non-issue for OpenVPN 3.x?

comment:3 Changed 2 years ago by Gert Döring

Resolution: wontfix
Status: newclosed
Type: TODO (General task list)Feature Wish

I'm closing this. Nobody is currently working on this, and the benefit is not that big, with --auth-gen-token secret sharable across multiple servers and faster TLS handshake these days - so a reconnect in case a server crashes would be a matter of "a few seconds".

Actually implementing this would be extremely complex, as we currently don't even seem to get our own + DCO state properly sorted out, so "sharing with a peer" would add multiple layers of complexity.

Note: See TracTickets for help on using tickets.