Setting Up VPN-like Network Between Several Clusters Using iptables

Posted on Jul 13, 2013 by Eric Ma In Linux

It is common to connect servers with only internal IPs from several clusters. VPN is a common technique for this. With iptables, we can implement many functions of VPN with possibly higher performance. The slides here give a brief introduction to how to set up a VPN-like network between 2 clusters which connect to each other through Internet. Note that this is not a “real” VPN.

(Note: a typo in slide #6: the “2181”s should be “2182”.)

PDF version can be downloaded at vpn_iptables_v2.pdf

Animation is enabled which may help understand it.

Eric Ma

Eric is a systems guy. Eric is interested in building high-performance and scalable distributed systems and related technologies. The views or opinions expressed here are solely Eric's own and do not necessarily represent those of any third parties.

View all posts by Eric Ma

6 comments

mike says:

Mar 11, 2013 at 4:45 pm

Dear Zhiqiang Ma,

I have small doubt, it is possible to move the Vg partition to another server, Please let me know ?

Thanks for advance.

BY

Mike

Reply
1. Zhiqiang Ma says:
  
  Mar 11, 2013 at 4:54 pm
  
  Hi Mike,
  
  I am confused: what do you mean by “Vg partition”? Is is related to the VPN-like network?
  
  If it is not related to any post, you are welcome to ask on https://www.systutorials.com/qa/
  
  Reply
  1. Mike says:
    
    Mar 12, 2013 at 12:41 pm
    
    Dear Zhiqiang Ma,
    
    Sorry I am taking about LVM, I have created Volume group(vg) and mount the vg(volume group) in /mnt and stored the some file.
    
    It is possible to move the Vg partition to another server, Please let me know ?
    
    Thanks for advance.
    
    BY
    
    Mike
    
    Reply
    1. Eric Zhiqiang Ma says:
      
      Dec 16, 2014 at 6:40 pm
      
      It’s been a long time. Just noticed this comment.
      
      If some one else has similar question, the techniques introduced at http://www.fclose.com/2611/duplicating-and-backing-up-lvm-backed-xen-domu-from-a-remote-server/ may help (following steps 1 to 5 should be enough).
      
      Reply
kavi85 says:

Mar 21, 2013 at 1:42 pm

Dear Zhiqiang Ma

I have configured Openvpn (slackware13.37) Amazon server machine, it is working fine, and tested that it is working.

I have configured
1. System1 linux machine for Openvp Client setup and started the service it is running fine.
2. System2 linux machine I have configured Openvpn(server), it is working fine.

The System1 openvpn client & System2 Openvpn server is connected,
I have checked the log and I am able to ping the ping the tun0 openvpn server ip(10.8.0.1) to openvpn client(10.8.0.6)

And In Openvpn server I am able to ping the openvpn client tun0 IP address.

In openvpn server config file I have added the option for (push “redirect-gateway def1 bypass-dhcp”) . But my openvpn client machine (amazon)get hunged.

In System1 while run the command
wget -qO- ifconfig.me/ip
it showing System2(openvpn server) IP address. But it show System1 Public IP address

Please help me, and how to set the routing in the IP tables?
how to fix this issue.

By
Kavi

Reply
1. Zhiqiang Ma says:
  
  Mar 21, 2013 at 6:50 pm
  
  I am not sure what the problem is since I have no much OpenVPN experience. It may be related to the routing tables (maybe also iptables). You may check the `ip`’s man page ( https://www.systutorials.com/docs/linux/man/8-ip/#lbBB ) for how to change the routing tables.
  
  Reply

Setting Up VPN-like Network Between Several Clusters Using iptables

Eric Ma

6 comments

Leave a Reply Cancel reply

Categories

Recent Posts