> off the top of my head, you have two paths you could take. > > firstly, you could advertise the vpn service as the same ip addresses bound > to loopback (lo(4)) interfaces on each of the hosts. ie, a cheap and cheerful > anycast setup. bgp as your routing protocol should work well for this if > you're interested in an active/passive setup. > > the second option could be to set up a l2 medium between your hosts, > specifically, you can set up etherip tunnels between them and land your carp > interface on that. > > just some ideas.
Interesting ideas, thanks ! Especially the first one, I had no idea VPNs would work over anycast, I thought anycast could only be used for stateless stuff like DNS.
