Slightly OT? A client has two offices in the Virgin Islands that MUST maintain data connectivity, and there are no available "leased line" options to run a P2P link between them. To date, broadband Internet connections at both offices have been used as the link, with a VPN tunnel, and phones in one location use the tunnel (Sonicwall) to talk with asterisk at the other location. Although this functions well, it only takes an (unfortunately frequent) hiccup to lose calls and/or severely impact quality. The client has decided to get a second Internet connection at both sites, and use the Sonicwall or any other possible firewall to manage the tunnel over both links, such that the phones won't know what link is being traversed, or (hopefully) that a link has gone down. So the first question is - has anyone attempted anything similar and made it work? Do you lose an in progress call when the tunnel switches from one link to the other? And finally - is there a device that will manage the tunnel such that a high water mark of latency will also cause the tunnel to switch to the other link, rather than actual packet loss? Thanks for any tips, j
<snip> A client has two offices in the Virgin Islands that MUST maintain data connectivity, and there are no available "leased line" options to run a P2P link between them. <snip> Is there line of sight? I've been wanting to do a long-shot wifi link and my company would give it a shot if you want :). <snip> Do you lose an in progress call when the tunnel switches from one link to the other? </snip> Any 'fail-over' router with links from separate providers that don't route the same subnets (cable/dsl) will have to change its default route when it 'fails-over'. As such, the VPN tunnel will be disconnected and reconnected. I'm sure you could make it brief, but yes, calls will likely be completely dropped. <snip> And finally - is there a device that will manage the tunnel such that a high water mark of latency will also cause the tunnel to switch to the other link, rather than actual packet loss? </snip> See above. Fail-over routers have to wait some criteria are met in order to fail over (ping latency, ping loss, etc). This means that the connection you're using as the 'default' WILL go 'down' BEFORE it switches to the other one, regardless of the criteria used. Another plan would be to set up two routers at the site with two separate VPN tunnels across the two different links, both tunnels being always on. You could then use a SIP proxy or iptables magic to choose which tunnel was the best at any given time. I would go for the wifi. Maybe because I want to do a long-shot link. Also because I want to go to the virgin islands :). Good luck! -Dave