> You can test this by making sure the TTL is set low enough on your server
> records (say 60 seconds), make sure that your client will do a new DNS
> lookup with the proper TTL (you can check this with 'dig'). Then connect
> to your server and break the connection after one minute and then
> reconnect. In this case, if the DNS server does the job properly, it would
> now give your second server - which OpenVPN should use.
But this is about load-balancing, whereas the OP's issue is with
fail-over. If the TTL is not low enough then the fail-over will not
happen (OpenVPN will keep trying to connect to same first host in the
list). It seems that for fail-over, OpenVPN should do a single DNS
request and then cycle though the list of hosts it received.
Stefan
