Feature request: handle multiple remotes in Tunnelblick

[Petiepooo]

OpenVPN has a handy feature in that you can specify multiple remotes (VPN servers), and the client will connect to either the first or a randomly chosen server, choosing another if the first connection fails or disconnects.

It allows for a rudimentary load balancing or failover setup.  It has the drawback that, without inspecting the interface or sniffing packets, it's difficult to determine which remote server the client is connected to.

I had an idea that it would be nice to move that abstraction up one level to Tunnelblick.  In other words, give each remote server its own .tblk configuration, and have Tunnelblick perform the failover or load balancing.  This would allow the user to see from the icon which endpoint it's connected to.  It would require the ability to tell Tunnelblick that two or more configurations are "grouped" as well as what order and preference to give each and that only one within the group should be running at any given time.  It may also allow faster startup by starting more than one at once, but killing all others once one of them transitions from state wait

[Petiepooo]

Grr.. Groups editor key shortcut posted before I was done; sorry.

Last paragraph was supposed to end as such:

It may also allow faster startup by starting more than one at once, but killing all others once one of them transitions from state WAIT to state AUTH or GET_CONFIG on the management interface.  Coding that could be a challenge, and shouldn't be a priority if you do decide to implement the feature.

The feature could be enabled by placing multiple configs in a subdirectory and adding a plist in the subdirectory with all pertinent Tunnelblick options.  The subdirectory GUI menu could then display all individual configs as usual, but also include an option to treat as a HA group.

Thoughts?  Obviously, this is a low priority request, as the core ability already exists within OpenVPN itself.

Thanks,

--

Pete

[jkbull...gmail.com]

My initial reaction is that it would be a lot of work and complication for very little gain.

But I'll think about it.

It would be much easier to display the VPN server's public IP on the menu or in a status window. It wouldn't do the "connect to the fastest" part of what you propose, and it wouldn't show a name, but it would give the user the info about what server they are using.