Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Routing Question
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Routing Question

CiprianoOscarCiprianoOscar Member, Host Rep
in Help

Hello guys,

i have this problem

i have removed the default route of linux server to my hosting provider gateway and i would like to create a static route from one host (EXTERNAL VPS) that allow me to ping and trasfert data to it.

i have already created a static route for ping and trasfert data trought the GATEWAY

The host is other VM provided from other hosting, the servers aren't in the same DC

i can't add a default gateway, anyone know how to do this?

Comments

  • AndreixAndreix Member, Host Rep

    ip route add default via 192.168.0.1 dev ethX
    or
    ip route add 0.0.0.0/0 via 192.168.0.1 dev ethX

  • CiprianoOscarCiprianoOscar Member, Host Rep

    @Andreix said:
    ip route add default via 192.168.0.1 dev ethX
    or
    ip route add 0.0.0.0/0 via 192.168.0.1 dev ethX

    thanks for your reply but i can't add a default gw. I need a static route like

    IPV4OFEXTERNALVM via IPV4OFMYVM dev ETH0

  • AndreixAndreix Member, Host Rep
    edited November 2021

    well...
    you can try...

    ip route add IPV4OFEXTERNALVM/32 via GATEWAY_OF_IPV4OFMYVM dev ETH0

    then do the above 0.0.0.0/0 and replace 192 with external vm ip.

  • CiprianoOscarCiprianoOscar Member, Host Rep

    @Andreix said:
    well...
    you can try...

    ip route add IPV4OFEXTERNALVM/32 via GATEWAY_OF_IPV4OFMYVM dev ETH0

    then do the above 0.0.0.0/0 and replace 192 with external vm ip.

    already tried this rule before, nothing happen, still can't ping the external VPS

  • FrankZFrankZ Veteran
    edited November 2021 
    ip route add IPV4OFEXTERNALVM via GATEWAY_IPV4_OFMYVM dev eth0
ip route add 0.0.0.0/1 via GATEWAY_IPV4_OFMYVM dev eth0 
ip route add 128.0.0.0/1 via GATEWAY_IPV4_OFMYVM dev eth0

    EDIT: you can probably leave off the 1st route, as it is redundant.

  • CiprianoOscarCiprianoOscar Member, Host Rep

    Thanks a lot, i have fixed the problem using the routing table.... i have another question if someone can help me. i need to create a bridge port with a GRE tunnel, is possible?

  • FrankZFrankZ Veteran
    edited November 2021

    Sure but I would recommend Tinc (my choice) or OpenVPN or WireGuard for the tunnel instead of GRE. I say this because GRE does not restart automatically if the connection is broken between the two VPSes. It would also be helpful to know the O/S you are using, and if the VPSes are KVM, LXC or openVZ :)

    Set net.ipv4.ip_forward = 1 in /etc/sysctl.d/99-local.conf or echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf (depending on O/S) on both VPSes and restart.

    On VPS #1 do

    ip route add 0.0.0.0/1 via GATEWAY_IPV4_OFMYVM dev eth0 
ip route add 128.0.0.0/1 via GATEWAY_IPV4_OFMYVM dev eth0

    Make sure to allow the two VPSes to communicate in your firewall. You will need to add an ALLOW INPUT rule for the real IPv4 of the partner VPS and an ALLOW FORWARD rule for the tunnel interface (in the example below gre0) in both VPSes.

    Then bring up the tunnel.

    GRE tunnel setup :)
    On VPS#1

    iptunnel add gre0 mode gre local IPv4ofVPS#1 remote IPv4ofVPS#2 ttl 255
ip addr add 10.16.0.1/24 dev gre0
ip link set gre0 up

    On VPS #2

    iptunnel add gre0 mode gre local IPv4ofVPS#2 remote IPv4ofVPS#1 ttl 255
ip addr add 10.16.0.2/24 dev gre0
ip link set gre0 up

    The below is the routing, and misc stuff which can be used on any tunnel type. Assuming the tunnel is VPS#1 (10.16.0.1) and VPS#2 (10.16.0.2)

    On VPS#1 (10.16.0.1) add these routes:

    ip route add 10.16.0.2 via 10.16.0.1 dev gre0
ip rule add from 10.16.0.0/24 table 1007
ip route add throw 10.16.0.0/24 table 1007
ip route add 0.0.0.0/1 via 10.16.0.1 dev gre0 table 1007
ip route add 128.0.0.0/1 via 10.16.0.1 dev gre0 table 1007

    If you want VPS#1 to go to the outside interwebs via VPS#2 then add an iptables rule (need to have iptables installed) on VPS#2:

    If openVZ or LXC
    iptables -A POSTROUTING -s 10.16.1.0/24 -j SNAT --to IPv4ofVPS#2
    or if KVM
    iptables -A POSTROUTING -o eth0 -j MASQUERADE

    EDIT: If you got it all right you should be able to ping VPS#2 from VPS#1

    ping -I 10.16.0.1 10.16.0.2

    Thanked by 1Kassem
  • CiprianoOscarCiprianoOscar Member, Host Rep

    @FrankZ said:
    Sure but I would recommend Tinc (my choice) or OpenVPN or WireGuard for the tunnel instead of GRE. I say this because GRE does not restart automatically if the connection is broken between the two VPSes. It would also be helpful to know the O/S you are using, and if the VPSes are KVM, LXC or openVZ :)

    Set net.ipv4.ip_forward = 1 in /etc/sysctl.d/99-local.conf or echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf (depending on O/S) on both VPSes and restart.

    On VPS #1 do

    ip route add 0.0.0.0/1 via GATEWAY_IPV4_OFMYVM dev eth0 
ip route add 128.0.0.0/1 via GATEWAY_IPV4_OFMYVM dev eth0

    Make sure to allow the two VPSes to communicate in your firewall. You will need to add an ALLOW INPUT rule for the real IPv4 of the partner VPS and an ALLOW FORWARD rule for the tunnel interface (in the example below gre0) in both VPSes.

    Then bring up the tunnel.

    GRE tunnel setup :)
    On VPS#1

    iptunnel add gre0 mode gre local IPv4ofVPS#1 remote IPv4ofVPS#2 ttl 255
ip addr add 10.16.0.1/24 dev gre0
ip link set gre0 up

    On VPS #2

    iptunnel add gre0 mode gre local IPv4ofVPS#2 remote IPv4ofVPS#1 ttl 255
ip addr add 10.16.0.2/24 dev gre0
ip link set gre0 up

    The below is the routing, and misc stuff which can be used on any tunnel type. Assuming the tunnel is VPS#1 (10.16.0.1) and VPS#2 (10.16.0.2)

    On VPS#1 (10.16.0.1) add these routes:

    ip route add 10.16.0.2 via 10.16.0.1 dev gre0
ip rule add from 10.16.0.0/24 table 1007
ip route add throw 10.16.0.0/24 table 1007
ip route add 0.0.0.0/1 via 10.16.0.1 dev gre0 table 1007
ip route add 128.0.0.0/1 via 10.16.0.1 dev gre0 table 1007

    If you want VPS#1 to go to the outside interwebs via VPS#2 then add an iptables rule (need to have iptables installed) on VPS#2:

    If openVZ or LXC
    iptables -A POSTROUTING -s 10.16.1.0/24 -j SNAT --to IPv4ofVPS#2
    or if KVM
    iptables -A POSTROUTING -o eth0 -j MASQUERADE

    EDIT: If you got it all right you should be able to ping VPS#2 from VPS#1

    ping -I 10.16.0.1 10.16.0.2

  • CiprianoOscarCiprianoOscar Member, Host Rep

    @CiprianoOscar said:

    @FrankZ said:
    Sure but I would recommend Tinc (my choice) or OpenVPN or WireGuard for the tunnel instead of GRE. I say this because GRE does not restart automatically if the connection is broken between the two VPSes. It would also be helpful to know the O/S you are using, and if the VPSes are KVM, LXC or openVZ :)

    Set net.ipv4.ip_forward = 1 in /etc/sysctl.d/99-local.conf or echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf (depending on O/S) on both VPSes and restart.

    On VPS #1 do

    ip route add 0.0.0.0/1 via GATEWAY_IPV4_OFMYVM dev eth0 
ip route add 128.0.0.0/1 via GATEWAY_IPV4_OFMYVM dev eth0

    Make sure to allow the two VPSes to communicate in your firewall. You will need to add an ALLOW INPUT rule for the real IPv4 of the partner VPS and an ALLOW FORWARD rule for the tunnel interface (in the example below gre0) in both VPSes.

    Then bring up the tunnel.

    GRE tunnel setup :)
    On VPS#1

    iptunnel add gre0 mode gre local IPv4ofVPS#1 remote IPv4ofVPS#2 ttl 255
ip addr add 10.16.0.1/24 dev gre0
ip link set gre0 up

    On VPS #2

    iptunnel add gre0 mode gre local IPv4ofVPS#2 remote IPv4ofVPS#1 ttl 255
ip addr add 10.16.0.2/24 dev gre0
ip link set gre0 up

    The below is the routing, and misc stuff which can be used on any tunnel type. Assuming the tunnel is VPS#1 (10.16.0.1) and VPS#2 (10.16.0.2)

    On VPS#1 (10.16.0.1) add these routes:

    ip route add 10.16.0.2 via 10.16.0.1 dev gre0
ip rule add from 10.16.0.0/24 table 1007
ip route add throw 10.16.0.0/24 table 1007
ip route add 0.0.0.0/1 via 10.16.0.1 dev gre0 table 1007
ip route add 128.0.0.0/1 via 10.16.0.1 dev gre0 table 1007

    If you want VPS#1 to go to the outside interwebs via VPS#2 then add an iptables rule (need to have iptables installed) on VPS#2:

    If openVZ or LXC
    iptables -A POSTROUTING -s 10.16.1.0/24 -j SNAT --to IPv4ofVPS#2
    or if KVM
    iptables -A POSTROUTING -o eth0 -j MASQUERADE

    EDIT: If you got it all right you should be able to ping VPS#2 from VPS#1

    ping -I 10.16.0.1 10.16.0.2

    Really thanks for your best reply. I have already fiexed this problem, noi i need to try to use a bridge on this interface (if is possibile)

  • CiprianoOscarCiprianoOscar Member, Host Rep

    @CiprianoOscar said:

    @CiprianoOscar said:

    @FrankZ said:
    Sure but I would recommend Tinc (my choice) or OpenVPN or WireGuard for the tunnel instead of GRE. I say this because GRE does not restart automatically if the connection is broken between the two VPSes. It would also be helpful to know the O/S you are using, and if the VPSes are KVM, LXC or openVZ :)

    Set net.ipv4.ip_forward = 1 in /etc/sysctl.d/99-local.conf or echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf (depending on O/S) on both VPSes and restart.

    On VPS #1 do

    ip route add 0.0.0.0/1 via GATEWAY_IPV4_OFMYVM dev eth0 
ip route add 128.0.0.0/1 via GATEWAY_IPV4_OFMYVM dev eth0

    Make sure to allow the two VPSes to communicate in your firewall. You will need to add an ALLOW INPUT rule for the real IPv4 of the partner VPS and an ALLOW FORWARD rule for the tunnel interface (in the example below gre0) in both VPSes.

    Then bring up the tunnel.

    GRE tunnel setup :)
    On VPS#1

    iptunnel add gre0 mode gre local IPv4ofVPS#1 remote IPv4ofVPS#2 ttl 255
ip addr add 10.16.0.1/24 dev gre0
ip link set gre0 up

    On VPS #2

    iptunnel add gre0 mode gre local IPv4ofVPS#2 remote IPv4ofVPS#1 ttl 255
ip addr add 10.16.0.2/24 dev gre0
ip link set gre0 up

    The below is the routing, and misc stuff which can be used on any tunnel type. Assuming the tunnel is VPS#1 (10.16.0.1) and VPS#2 (10.16.0.2)

    On VPS#1 (10.16.0.1) add these routes:

    ip route add 10.16.0.2 via 10.16.0.1 dev gre0
ip rule add from 10.16.0.0/24 table 1007
ip route add throw 10.16.0.0/24 table 1007
ip route add 0.0.0.0/1 via 10.16.0.1 dev gre0 table 1007
ip route add 128.0.0.0/1 via 10.16.0.1 dev gre0 table 1007

    If you want VPS#1 to go to the outside interwebs via VPS#2 then add an iptables rule (need to have iptables installed) on VPS#2:

    If openVZ or LXC
    iptables -A POSTROUTING -s 10.16.1.0/24 -j SNAT --to IPv4ofVPS#2
    or if KVM
    iptables -A POSTROUTING -o eth0 -j MASQUERADE

    EDIT: If you got it all right you should be able to ping VPS#2 from VPS#1

    ping -I 10.16.0.1 10.16.0.2

    Really thanks for your best reply. I have already fiexed this problem, noi i need to try to use a bridge on this interface (if is possibile)

    Ok i found a new solution, use a gretap.

  • kkrajkkkrajk Member

    Sharing how you've achieved both will certainly help others

  • CiprianoOscarCiprianoOscar Member, Host Rep

    @kkrajk said:
    Sharing how you've achieved both will certainly help others

    Sorry, but i saw only now this reply.

    it's the same thing, instead of using GRE I used GRETAP and thanks to this it gave me the possibility to make a bridge and use the interface as primary

    Thanked by 1kkrajk
Sign In or Register to comment.