| 1 |
Howdy all, |
| 2 |
i was wondering if anyone has any idea if there is a means by which i |
| 3 |
can detect GRE link state ? |
| 4 |
|
| 5 |
what i have is two sites each with two very unstable internet links |
| 6 |
in order to vpn between them i have ipsec tunnels linking each side |
| 7 |
twice (four ipsec tunnels in total) |
| 8 |
i then have 4x GRE tunnels over the top of those in order that i have a |
| 9 |
secured routable VPN |
| 10 |
this gives me net.vpn0 net.vpn1 net.vpn2 and net.vpn3 |
| 11 |
finally i run BIRD over the top which works very well, and synchronises |
| 12 |
routing tables between the two sites, and allows for me to do such fun as |
| 13 |
# /etc/init.d/net.vpn0 stop |
| 14 |
and watch all traffic automagically cut over to another link. |
| 15 |
|
| 16 |
so far so awesome. |
| 17 |
|
| 18 |
however, as i said the internet links are very unstable, and sometimes |
| 19 |
just blackhole. so what i was hoping to do is just enable keepalives on |
| 20 |
the gre tunnel. which sadly seems to be cisco only. |
| 21 |
can anyone suggest a way of detecting if the GRE is not fully connected ? |
| 22 |
BIRD only fails over if the net.vpn0 device is down (ifconfig up/down) |
| 23 |
and for the life of me i cannot find how to detect if a GRE tunnel is |
| 24 |
'connected', it seems to just blindly send packets to the remote IP. |
| 25 |
is my only choice to use L2TP instead ? |
| 26 |
|
| 27 |
thanks in advance for any suggestions; if anyone would like the configs |
| 28 |
in order to set this up let me know and i'll reply to list with a mini-howto |
| 29 |
PS if i'm on the wrong list i'd welcome a friendly push to the correct list |
Archives