Failover Using Dns - Avaya G250 Administration

ip route <Primary Main Offfice GRE Tunnel end point IP Address>
ip route <Backup Main Offfice GRE Tunnel end point IP Address>
router ospf
network 10.10.10.0 0.0.0.3 area 0.0.0.0
network 20.20.20.0 0.0.0.3 area 0.0.0.0
exit

Failover using DNS

The VPN DNS topology provides failover by utilizing the DNS Resolver feature.
Use this feature when your DNS server supports failover through health-checking of redundant
hosts. On your DNS server configure a hostname to translate to two or more redundant hosts,
which act as redundant VPN peers. On the G250/G350 configure that hostname as your remote
peer. The G250/G350 will perform a DNS query in order to resolve the hostname to an IP
address before establishing an IKE connection. Your DNS server should be able to provide an
IP address of a living host. The G250/G350 will perform a new DNS query and try to
re-establish the VPN connection to the newly provided IP address whenever it senses that the
currently active remote peer stopped responding. The G250/G350 can sense that a peer is
dead when IKE negotiation times-out, through DPD keepalives, and through object tracking.
Note:
For an explanation of DNS Resolver, see
Note:
Figure 44: VPN DNS topology
A v a y a G W
G 3 5 0
B r a n c h
O f f ic e
E t h e r n e t
D S L o r
C a b le
m o d e m
255.255.255.255 FastEthernet 10/2 high
255.255.255.255 FastEthernet 10/2 high
DNS Resolver
In t e r n e t
D N S
S e r v e r
Typical installations
on page 65.
IP a d d r e s s : 9 8 . 5 7 . 1 6 . 1
F Q D N : m a in - v p n . a v a y a . c o m
A c c e s s
R o u t e r +
V P N
t e r m in a t io n
M a in O f f ic e
IP a d d r e s s : 9 8 . 5 7 . 1 5 . 1
F Q D N : m a in - v p n . a v a y a . c o m
A c c e s s
R o u te r +
V P N
te r m in a tio n
M a in O f f ic e
B a c k u p 1
Issue 1.1 June 2005 423