Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


GRE tunnel
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

GRE tunnel

Hi,

I have a dedicated server with Proxmox (running on a single IP) and a cheap (low RAM) VPS account. Is it possible to set up a GRE tunnel from the VPS to a VM on the Proxmox server ?

If so:

  • would every packet on every port be redirected to the Proxmox VM ?
  • on the Proxmox VM side: what would be the sender's IP: the Original one, or the IP of the VPS ?
  • is there some simple tutorial on how to set it up (on Ubuntu - at both sides) ?

Thanks !

«1

Comments

  • IshaqIshaq Member

    Yes, and it will show the original IP.

    See http://ask.xmodulo.com/create-gre-tunnel-linux.html

  • randvegetarandvegeta Member, Host Rep

    wlambrechts said: Is it possible to set up a GRE tunnel from the VPS to a VM on the Proxmox server ?

    If so: - would every packet on every port be redirected to the Proxmox VM ? - on the Proxmox VM side: what would be the sender's IP: the Original one, or the IP of the VPS ? - is there some simple tutorial on how to set it up (on Ubuntu - at both sides) ?

    Yes it would work fine. You can even setup a virtual router on your Proxmox node if you want, and get another VPS somewhere with multiple IPs and route a subnet to your router from the VPS. You can then 'natively' use those IPs with your Proxmox VMs.

    Thanked by 1Yura
  • @Ishaq said:
    Yes, and it will show the original IP.

    See http://ask.xmodulo.com/create-gre-tunnel-linux.html

    Thanks: I found the article, but it seems it does not say anything on forwarding from 1 server to another.

    Neither does it say anything on how to set up the VPS to connect to a NAT'ted Proxmox VM.

  • @randvegeta said:

    wlambrechts said: Is it possible to set up a GRE tunnel from the VPS to a VM on the Proxmox server ?

    If so: - would every packet on every port be redirected to the Proxmox VM ? - on the Proxmox VM side: what would be the sender's IP: the Original one, or the IP of the VPS ? - is there some simple tutorial on how to set it up (on Ubuntu - at both sides) ?

    Yes it would work fine. You can even setup a virtual router on your Proxmox node if you want, and get another VPS somewhere with multiple IPs and route a subnet to your router from the VPS. You can then 'natively' use those IPs with your Proxmox VMs.

    Thanks: do you happen to know any good reference on this subject ?

  • randvegetarandvegeta Member, Host Rep

    Not off the top of my head, no. It's a fairly simple setup though.

    • Setup a Virtual Router on Proxmox Node (Vyatta for example)
    • Establish GRE session between VPS with a subnet and the Vyatta router.
    • Static route the subnet to the Vyatta router (over the tunnel).
    • Configure the router with one of the IPs in that subnet (that IP becomes the gateway).

    Now any new server you setup on the VM can use the IPs on that subnet as long as they are on the same VLAN as the router and make sure to use the router IP as the gateway.

    There may be some issues with MTU / MSS size, but other than that, it's a fairly simple and quick setup. It's basically the same as any static route, just using a tunnel as the interface instead of a physical one.

  • @randvegeta said:
    Not off the top of my head, no. It's a fairly simple setup though.

    • Setup a Virtual Router on Proxmox Node (Vyatta for example)
    • Establish GRE session between VPS with a subnet and the Vyatta router.
    • Static route the subnet to the Vyatta router (over the tunnel).
    • Configure the router with one of the IPs in that subnet (that IP becomes the gateway).

    Now any new server you setup on the VM can use the IPs on that subnet as long as they are on the same VLAN as the router and make sure to use the router IP as the gateway.

    There may be some issues with MTU / MSS size, but other than that, it's a fairly simple and quick setup. It's basically the same as any static route, just using a tunnel as the interface instead of a physical one.

    "Fairly simple": depends on your knowledge :-)
    Thanks for the info: guess something I will need to dive into.

    So: the result would be that the IPv4 from my small VPS (128 MB RAM and having a single IP) will redirect all traffic to my Proxmox VM (within its 192.168.0.x range) and that all for example the webserver on my VM will think it gets request from an IP of the user who is browsing ?

    Or would I need to have more than 1 IPv4 on my small VPS ?

    Thanks again !

  • randvegetarandvegeta Member, Host Rep

    wlambrechts said: Or would I need to have more than 1 IPv4 on my small VPS ?

    For what I'm talking about, you need more than 1IP.

  • @randvegeta said:

    wlambrechts said: Or would I need to have more than 1 IPv4 on my small VPS ?

    For what I'm talking about, you need more than 1IP.

    ah, too bad ...

  • StealthyHostingStealthyHosting Member, Host Rep

    What's your end goal to achieve?

  • YuraYura Member

    I think OP wants to provide additional external ipv4s for virtual machines on proxmox node which has only 1 ipv4. And considering to organize it with GRE to avoid NAT/masquerade. I could be wrong but that's how I read OP.

  • randvegetarandvegeta Member, Host Rep

    @wlambrechts,

    Do you just want more IPs for your dedicated server? It seems rather inefficient to use a VPS's single IP to use on another VPS? Begs the question, why not just use the original VPS?

  • @Yura said:
    I think OP wants to provide additional external ipv4s for virtual machines on proxmox node which has only 1 ipv4. And considering to organize it with GRE to avoid NAT/masquerade. I could be wrong but that's how I read OP.

    What is "OP" ?

  • YuraYura Member

    OP is original post or original poster in the thread.

  • @StealthyHosting said:
    What's your end goal to achieve?

    Running a personal project (using website & mailserver) on the VM but with the IP of the VPS, so the project is completely isolated as far as IP is concerned: the Ip of my dedicated server remains private.

  • @Yura said:
    OP is original post or original poster in the thread.

    Sorry for my ignorance :-)

    indeed: want to use the IP of the cheap VPS for a single VM on the Proxmox server only having a single IP.

  • randvegetarandvegeta Member, Host Rep

    @wlambrechts,

    What kind of VPS are you buying for this project? Assuming you're not doing anything illegal, I could lease you some IPs and bypass the need for the VPS in the first place. Assuming your budget isn't crazy small (which let's face it, on LET, it probably is), I could set it up for you.

  • rm_rm_ IPv6 Advocate, Veteran

    @randvegeta OVH provides 17 IPs for a total price of 3 EUR/month (VPS included), can you beat that?

  • randvegetarandvegeta Member, Host Rep

    rm_ said: OVH provides 17 IPs for a total price of 3 EUR/month (VPS included), can you beat that?

    Nope, and I wouldn't want to.

    And 17? That's a weird number?

    Surely it should be 16 with 13 usable, or 32 with 29 usable?

  • @randvegeta said:

    rm_ said: OVH provides 17 IPs for a total price of 3 EUR/month (VPS included), can you beat that?

    Nope, and I wouldn't want to.

    And 17? That's a weird number?

    Surely it should be 16 with 13 usable, or 32 with 29 usable?

    He's probably referring to the cheapest vps OVH has, which can have 16 additional ips at no monthly costs.

    Probably GRE-tunneling to a kimsufi

  • @randvegeta said:
    @wlambrechts,

    What kind of VPS are you buying for this project? Assuming you're not doing anything illegal, I could lease you some IPs and bypass the need for the VPS in the first place. Assuming your budget isn't crazy small (which let's face it, on LET, it probably is), I could set it up for you.

    Thanks for the offer ... but indeed it's LET ... I have this cheap VPS from serverhub (9 USD/year) and I am now looking soemthing to use it for, and found one :-)

    I have set it up using iptables, eg

    VPS IP port 80 -> Proxmox host port 8080 -> Proxmox guest port 80

    But then at least my Proxmox guest will not know the original IP the request came from.

  • @wlambrechts said:

    @randvegeta said:
    @wlambrechts,

    What kind of VPS are you buying for this project? Assuming you're not doing anything illegal, I could lease you some IPs and bypass the need for the VPS in the first place. Assuming your budget isn't crazy small (which let's face it, on LET, it probably is), I could set it up for you.

    Thanks for the offer ... but indeed it's LET ... I have this cheap VPS from serverhub (9 USD/year) and I am now looking soemthing to use it for, and found one :-)

    I have set it up using iptables, eg

    VPS IP port 80 -> Proxmox host port 8080 -> Proxmox guest port 80

    But then at least my Proxmox guest will not know the original IP the request came from.

    You could just use x-forwarded-for with lighttpd with a "trust this ip" entry in your lighttpd.conf. Should achieve about the same.

  • YuraYura Member

    Is it feasible to put proxmox host on kimsufi's ipv6 and assign the single ipv4 to VM inside it? Do we really have to give hypervisor the precious ipv4 if ipv6 is available on both sides for administration?

  • @teamacc said:

    @wlambrechts said:

    @randvegeta said:
    @wlambrechts,

    What kind of VPS are you buying for this project? Assuming you're not doing anything illegal, I could lease you some IPs and bypass the need for the VPS in the first place. Assuming your budget isn't crazy small (which let's face it, on LET, it probably is), I could set it up for you.

    Thanks for the offer ... but indeed it's LET ... I have this cheap VPS from serverhub (9 USD/year) and I am now looking soemthing to use it for, and found one :-)

    I have set it up using iptables, eg

    VPS IP port 80 -> Proxmox host port 8080 -> Proxmox guest port 80

    But then at least my Proxmox guest will not know the original IP the request came from.

    You could just use x-forwarded-for with lighttpd with a "trust this ip" entry in your lighttpd.conf. Should achieve about the same.

    Thanks for the tip. Unfortunately it is not only for HTTP(s) but also for other protocols. Moreover: the VPS would not be running any server application just forward the ports, so in that case we are already "too late" for this kind of trick. (would only work if lighttpd.conf was configured as a reverse proxy on the VPS).

  • rm_rm_ IPv6 Advocate, Veteran

    teamacc said: And 17? That's a weird number?

    Yes 1 main IP + up to 16 addon single IPs, not a subnet.

  • lol I'm trying to do this EXACT same thing right now, so far it's been a complete failure, the GRE tunnel is routed to the proxmox server and I can ping both from each other end and run httpd on one and see it on another, I'll keep trying

  • GamerTech24GamerTech24 Member
    edited May 2017

    basically IPv4 /24 announced on Vultr VM in NJ, proxmox node running on SoYouStart dedicated server in BHS, my hope was to get IPs, right now just one tunneled from the Vultr server to the Proxmox server and usable inside the VM.

    I'll probably have to think of a different way to do this, but for now I'll keep trying this way

    there is a 10ms latency between the two so that's not an issue, this is probably the most ridiculous impossible thing ever and I'm probably the first person doing it so I guess we'll see what happens

  • GamerTech24GamerTech24 Member
    edited May 2017

    If anyone has any information or anything that could lead me in the right direction that would greatly be appreciated, initial GRE tunnel was setup using http://wiki.buyvm.net/doku.php/gre_tunnel this guide, but I'm willing to completely redo it a different way

    If this is indeed impossible because the guest OS wants a gateway and stuff and even running regular programs can't bind to the external IP address of the /24

  • GamerTech24GamerTech24 Member
    edited May 2017

    Here's a thread from 2014 where someone tried to do the same as well

    https://www.lowendtalk.com/discussion/30487/use-gre-tunneled-ips-for-proxmox-possible doesn't look like they got far either, I'm also seeing the same thing appearing on proxmox forums but no replies or success stories there either, same here https://freevps.us/thread-16056.html

  • GamerTech24GamerTech24 Member
    edited May 2017

    Here is a visual representation

    as far as I'm aware with my hours of playing around with this this isn't possible at least the way I'm trying to do it

  • FalzoFalzo Member

    @ethancedrik said:
    the GRE tunnel is routed to the proxmox server and I can ping both from each other end

    so you did most likely the second step from those:

    randvegeta said: Setup a

    • Virtual Router on Proxmox Node (Vyatta for example)
    • Establish GRE session between VPS with a subnet and the Vyatta router.
    • Static route the subnet to the Vyatta router (over the tunnel).
    • Configure the router with one of the IPs in that subnet (that IP becomes the gateway).

    now you'd need a virtual router on the proxmox node and route your whole /24 into the GRE tunnel on the vultr vm end...

Sign In or Register to comment.