On 2018-09-11, Andrew Lemin <[email protected]> wrote:
> Hi list,
>
> I use an OpenVPN based internet access service (like NordVPN, AirVPN etc).
>
> The issue with these public VPN services, is the VPN servers are always
> congested. The most I’ll get is maybe 10Mbits through one server.
>
> Local connection is a few hundred mbps..
>
> So I had the idea of running multiple openvpn tunnels to different servers,
> and load balancing outbound traffic across the tunnels.
>
> Sounds simple enough..
>
> However every vpn tunnel uses the same subnet and nexthop gw. This of course
> won’t work with normal routing.
rtable/rdomain with openvpn might be a bit complex, I think it may need
persist-tun and create the tun device in advance with the wanted rdomain.
(you need the VPN to be in one, but the UDP/TCP connection in another).
Assuming you are using tun (and so point-to-point connections) rather
than tap, try one or other of these:
- PF route-to and 'probability', IIRC it works to just use a junk
address as long as the interface is correct ("route-to 10.10.10.10@tun0",
"route-to 10.10.10.10@tun1").
- ECMP (net.inet.ip.multipath=1) and multiple route entries with
the same priority. Use -ifp to set the interface ("route add
default -priority 8 -ifp $interface $dest").
The "destination address" isn't really very relevant for routing
on point-to-point interfaces (though current versions of OpenBSD
do require that it matches the destination address on the interface,
otherwise they won't allow the route to be added).
