Multi Wan and OSPF Routing

bgibson

Good afternoon,
In the past, we have used multi wans with Open VPN without any issues regarding routing. We recently decided to go with an MPLS network so they can handle our data, phone , etc. Once we started cutting over the routers is when we noticed an issue. We are using OSPF for the MPLS network as well as keeping the Open VPN as a failover. However, once the MPLS network sends its routing table, and the VPN sends its routing table, the routers then have incorrect routing paths because the VPN of course is the shortest path. Once updated, my remote site thinks it needs to travel the Open VPN to get to the MPLS network. We have to advertise both interfaces via quagga in order to get traffic across, but is there a way to separate the two?

I want Level3 (mpls network) to be my primary connection sending all usernet traffic to our central site and in the event it does down, fail over to the open vpn.
The MPLS has to go from remote site - dfgw - level3 - dfgw - central router IP.
The open VPN goes remote site here to central site (shortest path). Metrics will not resolve this since I'm learning the same routes from two different host (mpls network) and (central server).
One option from Pfsense was to run another open vpn over the MPLS interface so the metrics will work but that takes away our full mesh topology.
Another was to disable the open vpn so that routing is resolved and enable when the mpls goes down, but that takes away the automation and we want to be full fault tolerant. Has anyone seen this before or can it even be done.

Thanks,
Brandon Gibson