Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Robust VPN solution among VPSes
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Robust VPN solution among VPSes

egeronegeron Member

Hello LETers,

as many of you I have many VPSes hosted by various providers. My plan is to get unified VPN among those VPSes.
I thought about configuring this, using softether or openvpn. But the biggest issue in my thoughts was that if the VPN server (which would be one of the VPSes) goes down, the whole VPN will stop working. Is there more robust solution for achieving this? Something like peer-to-peer adhoc VPN?

Thanks for advices and tips.

Comments

  • Softether cluster, already documented on their site.

  • KuJoeKuJoe Member, Host Rep

    Do you mean like this?
    You->VPN1->VPN2->VPN3->VPN4->VPN5->VPN6->VPN7->VPN8->Internet

    If so, maybe have a script on each VPS that pings the VPS it connects to (or checks if the VPN port is up) and if it fails it skips it.

    Some quick code to illustrate my idea (run on VPN1):

    #!/bin/bash if /bin/mkdir /var/lock/vpnping; then ping -c2 vpn2 > /dev/null 2>&1 if [ $? -ne 0 ] ; then mv /path/to/vpnconfig /path/to/vpnconfig1.BAK mv /path/to/vpnconfig2.BAK /path/to/vpnconfig <command to connect to VPN using configs> exit 1 fi /bin/rm -rf /var/lock/vpnping exit 1 else /bin/echo "Lock failed - exit" >&2 exit 1 fi

    Actual code will be different depending on the VPN protocol you use, this is just an example to give you an idea.

    Basically you'd have 2 VPN configuration file sets, one that will connect VPN1 to VPN2 and one that will connect VPN1 to VPN3, if VPN1 can't reach VPN2 it will swap the configuration file sets and then connect to the VPN in the configuration files.

  • trewqtrewq Administrator, Patron Provider

    I think Tinc VPN is what you're after. It's a mesh based VPN, it also takes the shortest route between each node and isn't centralised.

  • NomadNomad Member

    There's auto reconnect. I do tend to restart my Softether server from time to time and my other connected machines do reconnect seconds after.

  • Thank you all for your suggestions.
    Tinc VPN came out as the ideal solution for me.

Sign In or Register to comment.