AICCU for multiple IPv6 tunnels?
Shadow Hawkins on Friday, 04 April 2008 12:25:41
Hello,
With the recent addition of the new SixXS POP in Zurich, I have now a second tunnel which I would like to accomodate in aiccu.conf.
a) Is aiccu designed so once aiccu instance can maintain more than one tunnel at the same time?
b) How must aiccu.conf look like for multiple tunnels?
Searching this forum, googleing and looking at the source did not yield any answsers yet. Experiments with two different config files, such as aiccuZRH.conf and aiccuAMS.conf, and two instances of aiccu failed because the second instance of aiccu detects that there is already another instance running on the same machine. This makes sense because otherwise the POP will receive redundant TIC heartbeats (and eventually will block my site).
Or, am I not supposed to have IPv6-over-IPv4 tunnels open to two different POPs from the same host at the same time at all for some good reason?
I am using "AICCU 2007.01.15-console-openbsd by Jeroen Massar" under OpenBSD-i386-current, and I want to open a YAYIYA tunnel over tun2 to the POP in the Netherlands (existing), and simultaneously a Heartbeat tunnel over gif0 to the new POP in Zurich (additional).
Thanks,
Rolf
AICCU for multiple IPv6 tunnels?
Jeroen Massar on Friday, 04 April 2008 12:27:46
Why would you want to have two tunnels on the same machine?
What is a "TIC heartbeat" ?
AICCU for multiple IPv6 tunnels?
Shadow Hawkins on Wednesday, 22 October 2008 13:06:56
For example in failover scenarios. Ideally, it would be nice to be able to associate a subnet with two tunnels, so that traffic towards that subnet is load-balanced across both tunnels. The client has two firewalls, each running running one instance of aiccu supporting one of the tunnels. If one of the client firewalls fails it will be necessary to fail over its aiccu instance to the other machine.
As I understand it, having a subnet associated to two tunnels is not supported which is sad in my opinion.
AICCU for multiple IPv6 tunnels?
Jeroen Massar on Thursday, 23 October 2008 11:38:30
BGP or a similar protocol is the way to go for that.
AICCU for multiple IPv6 tunnels?
Shadow Hawkins on Wednesday, 29 October 2008 01:55:19
BGP? I'd rather say OSPF or RIP since this is for interior routing (in fact, it's for communication between two routers in an active/backup fashion so that the one running AICCU exports the IPv6 default route to the other router).
My problem is that OpenBSD's implementation of OSPF does not support IPv6, so I guess route(8) is my only option. A simple solution is patch that I have for AICCU that allows installing an IPv6 default route when AICCU exits. The idea is that when AICCU exists, one can automatically install an IPv6 default route that points to another machine that, hopefully, is running another instance of AICCU.
AICCU for multiple IPv6 tunnels?
Jeroen Massar on Wednesday, 29 October 2008 10:19:52
I did say "or a similar protocol", generally though BGP gets used for these kind of setups.
Instead of patching AICCU you could just run AICCU in non-daemonized mode from a script which does it.
Posting is only allowed when you are logged in. |