VPNFAQ001. How to achieve a redundant configuration in site-to-site VPN

    Table of contents

    Question

    Is it possible to realize a redundant configuration when connecting multiple sites using SoftEther VPN?
    For example, if an ISP line or VPN server on the communication path fails, you want to automatically fail over to a spare ISP line or VPN server.
     
    Answer
     
    A redundant configuration can be realized by using Spanning Tree Protocol (STP).
     
    VPN connection in SoftEther VPN is logically same as laying a very long Ethernet cable between multiple sites, and BPDU (Bridge Protocol Data Unit: IEEE802.1D) packets used in STP can pass through. So, you can realize a redundant configuration by combining a site-to-site VPN connection with SoftEther VPN and Layer 2 switching HUBs that support Spanning Tree Protocol (STP).
     
    The idea is the same mechanism that multiple Ethernet cables are laid in the same building, and spare cables and ports are automatically used if a cable or a switching hub port fails. It can be used with any Layer 2 switch that supports Spanning Tree Protocol (STP) or Rapid Spanning Tree Protocol (RSTP).
     
    With this redundant configuration, for example, even if one VPN Server or VPN Bridge suddenly stops operating or the ISP line is suddenly disconnected, it is possible to automatically switch to backup. The main line / server and the backup line / server are not necessarily have the same capability. For example, even if the backup line is an cheap ADSL line, setting the STP priority of the main optical line higher can reduce costs without lowering the normal quality.