Hi!
First I want to thanks the ampr group and especially G1FEF for providing me a /24 that I am in the process of being bgp annonce with a vultr vps in NJ.
If what I am about to talk dont fit in the group, please let me know, I will move this else where.
I am in no mean a network guru but I understand concept pretty easily. SO I am planning my /24 as this.
the VPS at vultr will use Bird to annonce the route, I will use only the default route provided by vultr.
From there I created a dummy interface that have my /24 as its IP.
I then want to make a VPN server to distribute the net and ip to remote site I have that use a mix of hardwired and wireless connection. The routers are all edgerouter-x from ubiquity they will all eventually be interconnected by 2 sources, the hardwired provided by many ISP and the wireless that I am building as a redundancy. If one sources fail, the router will fall back to the other link. the prefered links will always be the hardwired, the wireless is the backup. (some of the links are 40 Km long, but most are 5-6 Km and the smallest is under 1 Km.)
From those edge router I will have connection to the vpn and every router will have a dhcp server that will serve a part or the /24 like 16 ip for each site. (I have 3 site right now) and I will have fixed IP at each site for the repeaters and aprs gateways.
Now the configuration of the vpn is my first problem. should I have the vpn server listening on the ipv4 address of vultr or should I made it listen to the dummy interface?
I think this is juste the beginning of my quest!
Pierre VE2PF
I think you'll have less problems if your vpn server is listening on the public ip assigned by vultr.
For instance if you use static routes to send 44.0.0.0/9 into the tunnel, you won't reach yourself on the outside to establish the tunnel.
This could be avoided with a /32 route as well.
Regards, Scott.
On Mon, Oct 26, 2020, 1:53 PM pete M via 44Net 44net@mailman.ampr.org wrote:
Hi!
First I want to thanks the ampr group and especially G1FEF for providing me a /24 that I am in the process of being bgp annonce with a vultr vps in NJ.
If what I am about to talk dont fit in the group, please let me know, I will move this else where.
I am in no mean a network guru but I understand concept pretty easily. SO I am planning my /24 as this.
the VPS at vultr will use Bird to annonce the route, I will use only the default route provided by vultr. From there I created a dummy interface that have my /24 as its IP. I then want to make a VPN server to distribute the net and ip to remote site I have that use a mix of hardwired and wireless connection. The routers are all edgerouter-x from ubiquity they will all eventually be interconnected by 2 sources, the hardwired provided by many ISP and the wireless that I am building as a redundancy. If one sources fail, the router will fall back to the other link. the prefered links will always be the hardwired, the wireless is the backup. (some of the links are 40 Km long, but most are 5-6 Km and the smallest is under 1 Km.)
From those edge router I will have connection to the vpn and every router will have a dhcp server that will serve a part or the /24 like 16 ip for each site. (I have 3 site right now) and I will have fixed IP at each site for the repeaters and aprs gateways.
Now the configuration of the vpn is my first problem. should I have the vpn server listening on the ipv4 address of vultr or should I made it listen to the dummy interface?
I think this is juste the beginning of my quest!
Pierre VE2PF
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
Hello Pierre,
You connect the VPN server to the public IPv4 address. Your VPN can use RFC1918 (private addresses like 192.168.x.x) or some of your /24. If you use private addresses for the VPN, you just have to set up routing on the server and clients to route the subnets you want forwarded. I have used both OpenVPN and LT2P VPNs. You may want tor review my talk at https://www.youtube.com/watch?v=OxsmGaFZ2MM
The slides are at https://groups.io/g/net-44-vpn/files/VPN%20for%20Amateur%20Radio.pdf
On Mon, Oct 26, 2020 at 10:51 AM pete M via 44Net 44net@mailman.ampr.org wrote:
Hi!
First I want to thanks the ampr group and especially G1FEF for providing me a /24 that I am in the process of being bgp annonce with a vultr vps in NJ.
If what I am about to talk dont fit in the group, please let me know, I will move this else where.
I am in no mean a network guru but I understand concept pretty easily. SO I am planning my /24 as this.
the VPS at vultr will use Bird to annonce the route, I will use only the default route provided by vultr. From there I created a dummy interface that have my /24 as its IP. I then want to make a VPN server to distribute the net and ip to remote site I have that use a mix of hardwired and wireless connection. The routers are all edgerouter-x from ubiquity they will all eventually be interconnected by 2 sources, the hardwired provided by many ISP and the wireless that I am building as a redundancy. If one sources fail, the router will fall back to the other link. the prefered links will always be the hardwired, the wireless is the backup. (some of the links are 40 Km long, but most are 5-6 Km and the smallest is under 1 Km.)
From those edge router I will have connection to the vpn and every router will have a dhcp server that will serve a part or the /24 like 16 ip for each site. (I have 3 site right now) and I will have fixed IP at each site for the repeaters and aprs gateways.
Now the configuration of the vpn is my first problem. should I have the vpn server listening on the ipv4 address of vultr or should I made it listen to the dummy interface?
I think this is juste the beginning of my quest!
Pierre VE2PF
-
K7VE - John -
pete M -
Scott Nicholas