Can anyone confirm that OSFP over IPsec will prevent existing sessions from breaking in the event of a multi-WAN scenario with 2 actively-connected tunnels and OSPF simply dictating the best route for a given packet?
I realize that Untangle as a firewall is "session-based". However, OSPF by nature is Layer 3 and session-agnostic. Further, the function of OSPF is to have multiple routes in the routing table at all times, and then to choose the best route with each packet that needs routed.
So I'm hoping OSPF over IPsec would be a feasible way to have a multi-ISP tunnel scenario where sessions do not break if the primary/preferred ISP fails (so long as the secondary/backup ISP is still up).
Basically separating the routed interface from the session.
I would appreciate any feedback on this.
-
Doug