From owner-freebsd-questions@FreeBSD.ORG Tue Mar 25 12:21:26 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6352A1065671 for ; Tue, 25 Mar 2008 12:21:26 +0000 (UTC) (envelope-from iaccounts@ibctech.ca) Received: from pearl.ibctech.ca (pearl.ibctech.ca [208.70.104.210]) by mx1.freebsd.org (Postfix) with ESMTP id E98178FC18 for ; Tue, 25 Mar 2008 12:21:25 +0000 (UTC) (envelope-from iaccounts@ibctech.ca) Received: (qmail 98910 invoked by uid 1002); 25 Mar 2008 12:21:25 -0000 Received: from iaccounts@ibctech.ca by pearl.ibctech.ca by uid 89 with qmail-scanner-1.22 (spamassassin: 2.64. Clear:RC:1(208.70.104.100):. Processed in 0.072892 secs); 25 Mar 2008 12:21:25 -0000 Received: from unknown (HELO ?192.168.30.110?) (steve@ibctech.ca@208.70.104.100) by pearl.ibctech.ca with (DHE-RSA-AES256-SHA encrypted) SMTP; 25 Mar 2008 12:21:24 -0000 Message-ID: <47E8EE15.4010209@ibctech.ca> Date: Tue, 25 Mar 2008 08:20:37 -0400 From: Steve Bertrand User-Agent: Thunderbird 2.0.0.12 (Windows/20080213) MIME-Version: 1.0 To: Curo Technology Support References: <1C8876BA570BD64D950471796ED9B40950747C@svex1.isalliance.internal> In-Reply-To: <1C8876BA570BD64D950471796ED9B40950747C@svex1.isalliance.internal> X-Enigmail-Version: 0.95.6 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: Multihoming VPN endpoint X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Mar 2008 12:21:26 -0000 > I have a question regarding setting up a VPN on a multihomed WAN link, > we are thinking about setting up a site with two load balanced ADSL > links that includes a site to site VPN. Will this multi-home setup be co-ordinated with a single ISP? The problem with this setup is that most ISP's can not guarantee which LNS your ADSL will connect to, ingress traffic may not be load-balanced, or may not work at all. > Does anyone have any experience in this kind of setup that could offer > up any advice? Yes, but we need a few questions answered first. - one or more ISP's (are you looking for ISP redundancy) - will this particular site be the VPN end point for the other sites (and do you have other ingress traffic to this site, ie web server, email server etc) - is your ISP(s) co-operative when it comes to changing their network to suit it's clients - does your ISP(s) support multi-link (aka bonded, aka bundled) ADSL links - are you looking strictly for load-balancing, or do you want redundancy too If you don't get too far here, you may want to migrate the thread over to -net. Regards, Steve