Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Vtun inside Pfsense, Level 2 failover with Tunnel interfaces bonding

    2.0-RC Snapshot Feedback and Problems - RETIRED
    1
    1
    3.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      olivier1010
      last edited by

      GRE tunnels are nice, but they do work on a specific IP protocol number. This can be a problem for non professional or non telcom provider setups.

      I think that it should be interesting to implement a simple tunnel technology like Vtun for simple inter box tunneling through UDP or TCP.

      Vtun seems to be simple, robust and gives a good set of basic options. More it is a good basis to make level2 bonding between multiple level 2 tunnels, without the relative complexity of OpenVPN.

      Level2 bonding is a really more efficient technology for failover than gateway balancing. (but it need another box at the other side).

      When gateway failover needs about 10 or 30 secondes too switch inside PFsense, sometimes a bit more, level2 bonding can switch as fast as about 40 ms (depends on the bonding driver ARP probe setting).

      This fast response time is sufficient enough for example to switch a telephony trunk without loosing calls, neither hearing a big cut in audio.

      This allow as well to keep all connections active. In some setups, it is mandatory to keep all connection opens even during a link failover.

      The same thing is not doable with gateway failover technology, because the state table need to be reseted after switching, and because failure detection is done more slowly.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.