Cheap dediserver allowed GRE tunnel?

themyth

Hi.
i have a small project want to make a GRE tunnel from OVH or Voxittly server,
i think the backend server need allowed route other datacenter ip address(like OVH or other).

client---ip1---GRE tunnel--ip2----client

so how to find this server?
i have no own ASN and ip space,so i can not give you LOA.

i ask Psychz,it's answer me need LOA..

Thank you

MasonR

LOA for a GRE tunnel? That doesn't sound right.

Maybe I'm not completely understanding this, but you definitely don't need a LOA to set up a GRE tunnel. You're just forwarding traffic from one server to another. I've done it before without needing a LOA or anything like that.

BuyVM has a nice wiki entry with instructions on how to set it up:
https://wiki.buyvm.net/doku.php/gre_tunnel

RickBakkr

I think Psychz might have misunderstood you? They would require a LoA in the event they had to announce IP space on your behalf. In this event, you would technically just proxy to the other side of the GRE tunnel.
I can recommend the tutorial as referenced by @MasonR ;-)
Good luck.

themyth

@MasonR said:
LOA for a GRE tunnel? That doesn't sound right.

Maybe I'm not completely understanding this, but you definitely don't need a LOA to set up a GRE tunnel. You're just forwarding traffic from one server to another. I've done it before without needing a LOA or anything like that.

BuyVM has a nice wiki entry with instructions on how to set it up:
https://wiki.buyvm.net/doku.php/gre_tunnel

Okay, Buyvm all the datacenter can allowed GRE tunnel and allow packets from IP addresses in other ISPs to pass as source addresses? Thank you! If you can, I'll try it now.

Clouvider

@themyth said:

@MasonR said:
LOA for a GRE tunnel? That doesn't sound right.

Maybe I'm not completely understanding this, but you definitely don't need a LOA to set up a GRE tunnel. You're just forwarding traffic from one server to another. I've done it before without needing a LOA or anything like that.

BuyVM has a nice wiki entry with instructions on how to set it up:
https://wiki.buyvm.net/doku.php/gre_tunnel

Okay, Buyvm all the datacenter can allowed GRE tunnel and allow packets from IP addresses in other ISPs to pass as source addresses? Thank you! If you can, I'll try it now.

Well, this would allow spoofing so not really.

doghouch

@themyth said:
Hi.
i have a small project want to make a GRE tunnel from OVH or Voxittly server,
i think the backend server need allowed route other datacenter ip address(like OVH or other).

client---ip1---GRE tunnel--ip2----client

so how to find this server?
i have no own ASN and ip space,so i can not give you LOA.

i ask Psychz,it's answer me need LOA..

Thank you

Just a FYI: LOAs are used for proving that you are authorized to announce a certain range of addresses when peering with most networks.

themyth

Clouvider said: Well, this would allow spoofing so not really.

>
sorry.i don't know what's spoofing?
i just use my own ip address from other datacenter
thank you

themyth

@doghouch said:

@themyth said:
Hi.
i have a small project want to make a GRE tunnel from OVH or Voxittly server,
i think the backend server need allowed route other datacenter ip address(like OVH or other).

client---ip1---GRE tunnel--ip2----client

so how to find this server?
i have no own ASN and ip space,so i can not give you LOA.

i ask Psychz,it's answer me need LOA..

Thank you

Just a FYI: LOAs are used for proving that you are authorized to announce a certain range of addresses when peering with most networks.

yes,i see now.thank you

freerangecloud

Most providers should allow you to build a GRE tunnel, unless they're blocking protocols for some shitty reason.

If you have root access to both VMs then you really shouldn't need to involve your host at all... just setup the tunnel on both ends and assign some RFC1918 address space to it.

LOA's are only used if you are going to be authorizing someone to announce your public IPs on your behalf, not at all relevant for building a tunnel between 2 VMs

themyth

@freerangecloud said:
Most providers should allow you to build a GRE tunnel, unless they're blocking protocols for some shitty reason.

If you have root access to both VMs then you really shouldn't need to involve your host at all... just setup the tunnel on both ends and assign some RFC1918 address space to it.

LOA's are only used if you are going to be authorizing someone to announce your public IPs on your behalf, not at all relevant for building a tunnel between 2 VMs

but i found the ISPs can not route my other VM's ip address,they like block it.

tamicrealo

I ve tried, its only ur ISP isnt accepting the package sent from ur tunnelled server. U gotta need BGP.

mksh

@Clouvider said:

@themyth said:

@MasonR said:
LOA for a GRE tunnel? That doesn't sound right.

Maybe I'm not completely understanding this, but you definitely don't need a LOA to set up a GRE tunnel. You're just forwarding traffic from one server to another. I've done it before without needing a LOA or anything like that.

BuyVM has a nice wiki entry with instructions on how to set it up:
https://wiki.buyvm.net/doku.php/gre_tunnel

Okay, Buyvm all the datacenter can allowed GRE tunnel and allow packets from IP addresses in other ISPs to pass as source addresses? Thank you! If you can, I'll try it now.

Well, this would allow spoofing so not really.

Exactly this. Also it seems OP does not really understand the idea behind using a tunnel.

@themyth what's the point of your tunnel when you expose the IP of the backend server by sending spoofed packets with it's IP as the source? Doesn't make sense to me and if you scratch that finding a suitable provider will be dead easy.

Edit: Why is OPs post tagged aggressive networks!?