I need help aggregating peer-to-peer OpenVPN connections.



  • I'm experimenting with aggregated peer-to-peer OpenVPN connections routed through Tor, using pfSense 2.03 VMs. Each peer comprises a pair of pfSense VMs, one serving as a Tor gateway, and the other running OpenVPN. On the OpenVPN-server side, server link local ports are forwarded to Tor hidden-service ports on the associated gateway VM. On the OpenVPN-client side, clients connect through socks proxies on the associated Tor gateway VM. The goal is an aggregated link with less jitter, greater bandwidth and better reliability.

    The basic setup works, and I've configured several peer-to-peer (server-client) connections via Tor between the two pairs of pfSense VMs. But I'm unclear about next steps. Basically, I get that I need to create a gateway for each VPN connection on each end. Then I need to create a gateway group on each end. And finally, I need routing and firewall rules so the two LANs can reach each other through the aggregated link.

    I've found guides for similar setups, but nothing that I understand well enough to implement. At least one includes OSPF, which seems very complicated. What are the best resources? Is there a guide for aggregating site-to-site OpenVPN connections? Is useful aggregation workable for high-latency links? Is this covered in the new edition of pfSense: The Definitive Guide?