-
Notifications
You must be signed in to change notification settings - Fork 6
VM VPN Connection
31.10.2019 - V1: Initial documentation
To solve the lack of public IPs and to allow the inter-connectivity between the VMs, and to allow Openstack's floating IPs to be reachable from the other VMs, I deployed an OpenVPN server to handle this task.
- Main VPN Server: fgcn-backflip2.cs.upb.de
- Client 1: fgcn-backflip3.cs.upb.de (OSM)
- Client 2: fgcn-backflip9.cs.upb.de (OpenStack)
I followed a tutorial online (https://blog.boyeau.com/cheat-sheet-establishing-a-vpn-tunnel-between-2-linux-servers/) as a base guide. This allowed me to create a VPN connection between the VMs.
Next step was to allow the connection of the floating IPs, which are considered to be a LAN behind the OpenStack VM, to be accessible through the VPN connection. Therefore, I used the concepts shown here (https://community.openvpn.net/openvpn/wiki/RoutedLans) to apply the concept of OpenVPN routed LANs to the VPN connection by making the Openstack VM connect to the VPN server through a dedicated certificate to be identifiable by the server. This, combined with a 'ccd' configuration on the server will push a route to the LAN behind the Openstack VM to the other nodes. Combining this with ip_forwarding in linux will allow the floating IPs to be reached by all VMs connected to the VPN.
root@fgcn-backflip2:/etc/openvpn/ccd# cat backflip9
iroute 172.16.0.0 255.240.0.0
root@fgcn-backflip2:/etc/openvpn/ccd#
tng-bench --generator osm