|
Hello,
On Mon, 11 Feb 2002, Henrik Rossner wrote:
> Are there any experiences (good or bad ones) with
> - clustering IPSec for load-sharing
Do you mean cluster of VPN gateways behind LVS
router, LVS schedules the VPN clients to different
VPN gateways/servers? If yes, may be such setup will need a VPN
Masquerade software (ISAKMP+ESP) for NAT?
May be it is possible by adding ESP support to LVS
to define fwmark-based persistent virtual service that can
forward ISAKMP and ESP to the right VPN gateway, all in LVS-DR
mode? May be even AH can work with LVS-DR? One client goes
only to one real server. I hope the ESP protocol is not difficult
to add in LVS. Any thoughts from the IPSec gurus on this list? :)
> - LVS in combination with FreeS/WAN
>
> Any comments are welcome.
How exactly you want LVS and Freeswan to cooperate?
> Henrik.
Regards
--
Julian Anastasov <ja@xxxxxx>
|
