Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


How to tunnel IP between different server
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

How to tunnel IP between different server

I have dedicated 1 with 61 IP, and dedicated 2 on wholesaleinternet large spec with no IPs.

How can I make IP's from dedicated 1 can be used on dedicated 2? Tried http://wiki.buyvm.net/doku.php/gre_tunnel but do not want 192.168 type IP on network interface looking to show network interface using IP's from dedicated 1 Thx!

With GRE can only tunnel NAT internal IP?

Comments

  • Technically it can only really nat internal ips. What you want more over is a network bridge.

    http://serverfault.com/questions/566198/transparent-ethernet-over-gre-not-forwarding-traffic

  • @Mun said:
    Technically it can only really nat internal ips. What you want more over is a network bridge.

    http://serverfault.com/questions/566198/transparent-ethernet-over-gre-not-forwarding-traffic

    I'm slightly confused on what that SE question had to do with your answer.

    Thanked by 1deepreflect
  • @dailymc it has an example of how it is done, and a little over view of the steps.

    I have looked around in the past and found very little in regards to guides for it.

    Thanked by 1deepreflect
  • I've done this before by bridging an OpenVPN TAP interface with eth0 on one end, then assigning a public IP from eth0's subnet on the first server. It's not as simple as that, but I forgot exactly what was used....

    Thanked by 1deepreflect
  • I've a softether VPN script that should help you do this, let me know if you are interested, I'll post it in. It basically works as what @linuxthefish stated ...

    Thanked by 1deepreflect
  • OpenVPN tap tunnel should also with as a layer 2 tunnel, then you bond it at one and and it's like both servers are on the same switch!

    Thanked by 2netomx deepreflect
  • godonggodong Member
    edited February 2016

    Here's the Softether script that should do that: https://github.com/abegodong/ipbridge

    @rickey318

  • Depends on how your IP's are presented to your server that has them, if it's a routed block then yes it should be possible to forward one to the other server without resorting to NAT but you will need some kind of VPN tunnel in place.

    Thanked by 1deepreflect
  • Thank u this works?

  • If I understand what you are trying to do, yes, this is definitely possible. Even though you have private IPs on dedicated #2, they will never appear to the outside world. As noted by others, there is NAT involved but the external IP will still show as one of the 61 public IPs. I currently do something very similar on a smaller scale using an IPSEC VPN connection underneath GRE.

    1. Assume that dedicated #1 has IPs 1.1.1.200-1.1.1.261 (1.1.1.200 will be the "main" IP)
    2. Assume that dedicated #2 has IP 2.2.2.200
    3. I'm not sure what you are trying to do with that many IPs but lets assume that dedicated #2 also has 60 virtual machines running with private IPs bridged to 10.2.2.1-10.2.2.61.

    Here's the technique I would use in your situation. I personally would install Shorewall on both servers (makes IPtables much easier to use).

    • Enable IP Forwarding on both dedicated #1 and dedicated #2
    • Create GRE tunnel (named tun0) from 2.2.2.200 <--> 1.1.1.200
    • On dedicated #1, add a routing rule so that traffic to 10.2.2.0/24 is routed to device tun0
    • On dedicated #2, add a routing rule so that traffic from 10.2.2.0/24 is routed to device tun0
    • When packets from a VPS on dedicated #2 arrive at dedicated #1, they appear to be coming from tun0 and after being handled by GRE, the source and destination IP would look something like "10.2.2.45 --> 8.8.8.8" (assuming that 10.2.2.45 is trying to talk to Google DNS).
    • Now you just configure Shorewall on dedicated #1 to SNAT each of the 10.2.2.* IPs to a corresponding external IP of 1.1.1.2**
    • If necessary, you can use DNAT on dedicated #1 to forward incoming traffic on dedicated #1 to a VPS (e.g. webserver traffic on port 80 and 443 can be sent to the corresponding VPS)

    Note that the private IPS are routed through the GRE tunnel so they are only NAT'd once (as they leave dedicated #1). Also note that all traffic to/from the virtual machines has the added latency from the GRE tunnel. The other catch is that all of the VPS traffic is being handled by dedicated #1 so it counts against the bandwidth quota of both servers (and essentially counts twice against the quota of dedicated #1).

    Thanked by 1FrankZ
  • @deepreflect my script should work, if it is not, let me know, I'll try to assist.

  • @goinsnj2010 your solution is layer 3 IP forwarding solution (using tun device), you can try mine, it is layer 2 transparent bridging (no private IP space involved, using tap device), it is a little bit more packet overhead, but you have a full IP capabilities in client side (including broadcast).

Sign In or Register to comment.