|
What
is VPN Backup?
How
to setup VPN Backup ?
1. Create n different LAN-to-LAN Dial-out profiles.
2. Create a VPN trunk and give it a name.
3. Add those LAN-to-LAN profiles into the VPN trunk. Now in 1 trunk there are n members.
4. Choose a backup mode (ERD).
5. Dial out on VPN connection to start the VPN backup process.
When member-1 is dropped, member-2 will be initiated automatically. If member can't be established or dropped, member-3 will be started automatically... if member-n can't be established or dropped, member-1 will be started automatically, and so on ( Default mode ).
Note :
1. Now we only support n=2. In the future we will support more profiles in a trunk.
2. You may create more than one trunks.
Choose
a Backup ERD ( Environment Recovers Detection ) mode.
There are 3 VPN backup modes:
1. None Mode
This is the default mode. The priorities of all the members
in one trunk are equal. The process has been described above.
When member-1 is dropped, member-2 will be initiated automatically.
If member-2 can't be established or dropped, member-3 will
be started automatically...if member-n can't be established
or dropped, member-1 will be started automatically, and so
on.
2. AutoDrop Mode
Member-1 has the highest priority. The other memebers have
equal priority. We can say member-1 is the Primary member
and the others are Backup members.
If member-1 is down and member-m ( 1 < m <= n ) is up, router
will try to connect member-1 periodically at predefined interval
time. If member-1 can be established, it will drop member-m
immediately. I will take some examples to explain the process.
If interval == 3600 seconds
Case1 :
Member-1(Primary member) is dropped -> router dials member-2
-> member-2 is up -> after member-2 has been up for 3530 seconds
(3600-30), router starts the attempt to dial member-1 -> router
will try 5 times connection every 6 seconds -> member-1 still
can't be built up, now time is 3600 seconds -> after 3530
seconds member-2 is still up, router re-starts the attempt
to dial member-1 -> within 30 seconds the member-1 is established
-> drop member-2 immediately....
Case2 :
Member-1(Primary member) is dropped -> router dials member-2
-> member-2 has problem can't be established -> router dials
member-3 -> member-3 is up -> after member-3 has been up for
3530 seconds (3600-30), router starts the attempt to dial
member-1....
Case3 :
Member-1(Primary member) is dropped -> router dials member-2
-> member-2 is up -> after member-2 has been up for m seconds
( m < 3530 ), member-2 is dropped -> router dials member-3
-> member-3 is up -> after member-3 has been up for m seconds
( m < 3530 ), member-3 is dropped -> router dials member-4
-> member-4 is up -> after member-4 has been up for 3530 seconds
(3600-30), router starts the attempt to dial member-1....
If the interval==0 second
The time when member-m ( 1 < m <= n ) is up, router will dial
member-1 every 6 seconds.
If the interval<=30 seconds, treat
it as 0 second.
Note :
1. Now we only support n=2.
2. You must define the interval time.
3. Resume Mode
Member-1 has the highest priority. The other members have
equal priority. We can say member-1 is the Primary member
and the others are Backup members.
When member-m (1 < m <= n ) is dropped, router doesn't dial
member-( m + 1 ). Instead the router will return to dial member-1.
There is no interval time setting, so when member-m is up,
it will not be dropped by member-1.
Please refer to the following process
for example.
Member-1 is dropped -> dials member-1 -> member-1 can't be
established -> dials member-2 -> member-2 can't be established
-> dials member-3 -> member-3 is up -> member-3 is dropped
-> dials member-1 -> member-1 can't be established -> dials
member-2....
Note :
Now we only support n=2.
Steps
for setting up VPN Backup
1. Create 2 different LAN-to-LAN Dial-out VPN profiles.
This must be done via Web-UI. Go to VPN and Remote Access
>> LAN to LAN and add 2 LAN-to-LAN profiles. Make sure the
direction is OUT. There is no limitation to the VPN type,
destination IP, etc.
Telnet to the router and type the command "vpn Trunk show_usable"
to list all available LAN-to-LAN Dial-out profiles.
2. Create a VPN trunk and give it a name.
3. Add 2 LAN-to-LAN profiles into the VPN trunk.
Run telnet command "vpn Trunk backup add test 1 2".
For more details, please run telnet command "vpn Trunk backup
? "
4. Choose a backup mode (ERD).
Run telnet command "vpn Trunk backup ERD test Resume".
For more details, please run telnet command "vpn Trunk backup
? "
5. Dial out one VPN connection to start the VPN backup process.
Note :
One VPN profile can just join one VPN backup trunk. You may
find in the Web-UI, when one profile has been added into one
trunk, it will not be listed in the pull-down menu of Member1/Member2
field.
I don't introduce the Web-UI here because the next version
will make huge changes. |
|
|
Page last modified : 13 October 2008 |