Rare project developers

[mc36 <>]

ahhh yeahhh, and a bit about security... as you're exposing a publicip:port 
thing on your gcloud,
all these servers needs to be secured... please look around access-? things 
and apply as much as you can.... :)
br,
cs



On 7/13/22 07:30, mc36 wrote:
> hi
> so being behind the same neting device usually does not work,
> because then the nating have to send back the packet on the same
> interface where it came from... for example ovs cannot do that...
> but nevermind, on the server side have a knob to distribute
> the client learned addresses instead of the server learnt ones,
> i thought about mpls l3 vpns, but it also applies to your case...
> (but be warned, this way your gcloud loopback will not be reachable!)
>
> gcloud#serv sdw xxx
> no natted
> end
>
> after this, you may need to re-trigger cloning at your clients
> clntX#cle vpdn xxx
>
> after these, your access interfaces should go up soon...
> once your accesses are up and you could ping in between the clients,
> you could configure your routing stuff to your dialers on the clients..
> one you're done, you should re-trigger again on them...
>
>
> On 7/13/22 05:04, Edgard da Cunha Pontes wrote:
> > Hi Csaba,
> >
> > Only now I was able to continue the tests with the SD-WAN.
> >
> > After doing some testing, I got the following progress:
> >
> > *On SD-WAN server (GCloud VM)*
> > freertr#show sdwan gcloud
> > addr                          port        user hub   id              prt addr 
> >                           port   prm inner4      inner6   for          since
> > [my-public-ip]   35206   u       true   28694   4      192.168.25.43   2554   
> >        2.2.2.10   ::         00:55:00   2022-07-13 03:51:04
> > [my-public-ip]   35520   u       true   31270   4      192.168.25.45   2554   
> >        2.2.2.12   ::         00:08:32   2022-07-13 04:37:33
> >
> > *On client VMs:*
> > freertr#show vpdn gcloud
> > user   peer                          port      num      iface                 
> >                    addr4       addr6
> > u           [my-public-ip]   2554   28694   access334989981   2.2.2.10   ::
> >
> > freertr#show vpdn gcloud
> > user peer                          port     num        iface                  
> >                   addr4       addr6
> > u         [my-public-ip]   2554   31270   access782128584   2.2.2.12   ::
> >
> > I still don't have connectivity (ping) between the VMs over the IPs (2.2.2.10 and 
> > 2.2.2.12). The dialer and "access..." interfaces are down.
> >
> > *i) Is it normal for the dialer and "access..." interfaces to be down?
> > *
> > *ii)  Is it now that I need to configure a dynamic routing protocol between 
> > these nodes?*
> >
> > Thanks again.
> >
> > Em seg., 11 de jul. de 2022   s 12:58, mc36 < <>> 
> > escreveu:
> >
> >        hi,
> >        so these vpdns should point to the eth1's ip of the gcloud node, 
> > assuming that ip is public or at least reachable to the clients...
> >        if you want to make that private addressed loopback on the gcloud node 
> > reachable to the clients then you'll have to add the
> >        client config knobs to the gcloud node itselt too... btw please note 
> > that this sdwan server just creates a bunch of l2tp
> >        back and forth between the clients (marked as hub).. to move further, 
> > you'll need to run a routing protocol above these...
> >        feel free to use the following as an example: 
> > http://sources.freertr.org/cfg/serv-sdwan01.tst 
> > <http://sources.freertr.org/cfg/serv-sdwan01.tst>
> >        to run it locally on your computer, you can do the following:
> >        wget freertr.org/rtr.zip <http://freertr.org/rtr.zip>
> >        unzip rtr.zip
> >        cd src
> >        ./c.sh
> >        ./tw.sh serv-sdwan01
> >        afterward all the above, you can reach the router described in the 
> > test case by
> >        telnet localhost 20001
> >        telnet localhost 20002
> >        telnet localhost 20003
> >        telnet localhost 20004
> >        br,
> >        cs
> >
> >
> >        On 7/11/22 16:56, Edgard da Cunha Pontes wrote:
> >          > Hi everyone!
> >          >
> >          > While I was testing RARE/freeRtr's SD-WAN functionality, the 
> > following (noob) question came up:
> >          >
> >          > On client VMs, how to point to a loopback interface, on VM/GCloud 
> > (SD-WAN server) that is behind an associated public IP? I was in doubt which 
> > target I should put in the
> >        vpdn settings.
> >          >
> >          > I made a basic description of the settings I am using:
> >          >
> >          > https://github.com/edgardcunha/freeRouter/tree/main/sdwan/01 
> > <https://github.com/edgardcunha/freeRouter/tree/main/sdwan/01>
> >        <https://github.com/edgardcunha/freeRouter/tree/main/sdwan/01 
> > <https://github.com/edgardcunha/freeRouter/tree/main/sdwan/01>>
> >          >
> >          > I hope this basic description can help you to understand this 
> > doubt.