I've built a VPN endpoint using tinc in one aws subnet:-
[ eu-west-1a tinc ]------
| |
[ us dc] -- ipsec -- [ uk dc ]
Some failure conditions are handled by tincs meshing:-
[ eu-west-1a tinc ]------
| |
^ x
| |
[ us dc] -<- ipsec -- [ uk dc ]
[ eu-west-1a tinc ]------
| |
x ^
| |
[ us dc] ->- ipsec -- [ uk dc ]
So as an option for tinc failures in aws I could build another tinc box in a different subnet and use keepalived to move the eni between the two servers but I can't find any good docs on how to detect subnet failure. What happens to keepalived in the event that the link between subnet a and b goes down i.e how is split brain handled?
[ eu-west-1a tinc ]--keepalived---[ eu-west-1b tinc ]
|
vip
|
[ uk dc ]
Another option is to run 2 tincs and have some sort of 'witness' service that decides which should be live and updates the routing table in the aws vpc. I can't find any sort of offical docs on how to build a witness service in aws, could you use aws lambda for instance? I am aware of the aws vpn services though.
