How do I configure Netplan (OpenVPN - VLan)
I have two servers (both Ubuntu 20.4)
Server A has a public address on eth0 and is an OpenVPN server. clients connect through tun0 with 10.8.0.0/24 address. Server A also has a 10.0.0.1/24 VLAN address on eth1.
Server B has a public address (only used for SSH) and on Eth1 has a 10.0.0.2/24 VLAN address. When I add "ip route add 10.8.0.0/24 via 10.0.0.1" my VPN clients can access Server B resources.
I want to make this a persistent route. Support has provided me the below docs. If I understand correctly I need to (On Server B):
- Disable network helper.
- Remove default configuration files that may interfere with static addressing:
sudo rm /etc/systemd/network/05-eth0.network
sudo rm /etc/netplan/01-netcfg.yaml
- Create the configuration file for Netplan:
ISSUE: I'm not sure how to construct the configuration file. The example in the support doc only shows eth0 and does not show the added route (ip route add 10.8.0.0/24 via 10.0.0.1). I'm not sure if DHCP be disabled on both interfaces eth0 and eth1?
Does any one have a sample configuration file that could help me understand?
Linode Support provided links
✓ Best Answer
I'm not sure if DHCP be disabled on both interfaces eth0 and eth1?
In this example we are going to be configuring static routes, so let's keep the configuration static to avoid confusion.
In your example, Server A is acting as the OpenVPN server will be responsible for:
- routing between the Linode vLAN (10.0.0.0/24), the OpenVPN client network (10.8.0.0/24,) and the default route (0.0.0.0/0)
- configuring the clients on the 10.8.0.0/24 network to have a route to 10.0.0.0/24 via 10.8.0.1
The above network configuration needs to be handled via the OpenVPN software setup. This leaves us to configure Server B which will need to know how to reach the OpenVPN client network (10.8.0.0/24) via 10.0.0.1
Let me extend the example provided in https://www.linode.com/docs/guides/linux-static-ip-configuration/
The guide mentions removing 05-eth0.network, but adding a VLAN also created a 05-eth1.network file as well, we will want to remove that too.
/etc/netplan/01-eth0.yaml Shown verbatim from the guide. Addresses need to be changed to match your configuration
# This file describes the network interfaces available on your system # For more information, see netplan(5). network: version: 2 renderer: networkd ethernets: eth0: dhcp4: no dhcp6: no addresses: - 198.51.100.5/24 # Your Linode's public IPv4 address. - 192.168.1.2/17 # Private IPv4 address. - "2001:db8:2000:aff0::2/64" # Primary IPv6 SLAAC address. gateway4: 198.51.100.1 # Primary IPv4 gateway. gateway6: "fe80::1" # Primary IPv6 gateway. nameservers: search: [203-0-113-0.ip.linodeusercontent.com] # Search domain. addresses: [203.0.113.20,203.0.113.21] # DNS Server IP addresses.
Let's create another file for the extra interface:
network: version: 2 renderer: networkd ethernets: eth1: dhcp4: no dhcp6: no addresses: - 10.0.0.2/24 routes: - to: 10.8.0.0/24 via: 10.0.0.1
You will want to run netplan apply and then verify that your interfaces are correct with ip a and that your routes are rendered correctly with ip r.
Thank you for the help. Routing works great!
I'm not sure about where to find what to put for this DNS entry in /etc/netplan/01-eth0.yaml .
search: [203-0-113-0.ip.linodeusercontent.com] # Search domain.