I managed to setup the following network configuration :
- HOST1 and HOST2 are two physical machines running Debian OS.
- They have both two network cards (eth0 and eth1), each of them connected to two physically separated network and with different subnets.
- OVS BR1 is an open vswitch bridge (one in each host)
- VMx are virtual machines using vethvmx ovs port in the bridge of the host machine.
- OVS BR1 are connected through an IPSEC over GRE tunnel (the green one through eth0).
- VMx are able to ping other VMx etc... but are isolated from the network of eth0/eth1
As I would like to leverage on bandwith from eth1 and fallback on it in case of eth0 failure:
Is it possible to setup the yellow link (IPSEC over GRE tunnel) in a way it can load-balance traffic ? What about fallback to the other nic in case of failure?
- Maybe through iptables mangle ? not sure if it can work with GRE though.
- Note that I cannot bond eth0 and eth1 because they are completely different networks.
- I can change the tunnel technology but I cannot change the physical network topology.
