Redundant managed route failover

Community Support
1

I am using Zerotier as both a remote access VPN for my users as well as a site to site bridge between branches. Everything is working great, however I have a certain scenario that I would like to achieve, and I’m not sure if it’s possible.

For the setup:

I have one network for the site to site bridge that is using managed routes between my firewalls. Then, at the headquarters branch, I have another network that my end users are connected to which provides their remote access VPN, ADDS and DNS, and managed routes for the LAN and the services necessary to do their work.

The scenario in question is this: I have 2 VPS networked in an offsite datacenter halfway across the country that serves as a disaster recovery connection for ADDS, DNS, and filesharing, as well as a failover connection for the most crucial services we utilise. Most of these services are vendor provided through IPSec tunnels. I am wanting to set up failover routing so that if the headquarters branch is inop, the managed routes would failover to the DR site, instead.

2

I’d like to reopen this since I have the same request.
I have 2 OPNSense in HA and I have both with zerotier configured on.

  • OPNSense subnet is 192.168.7.0/24
  • opnsense1 zerotier ip: 192.168.192.251
  • opnsense2 zerotier ip: 192.168.192.252

It’s possible some times that one of the 2 OPNSense goes down for some time (that’s why I have a HA setup), so I’d like to have both routes on zerotier:

  • 192.168.7.0/24 via 192.168.192.251
  • 192.168.7.0/24 via 192.168.192.252

But ATM only the first route is exposed on the zerotier clients.
Is there any open Feature request already? I couldn’t find one, in case I can open one.

Thanks everyone for the great work!