Created
March 21, 2020 10:31
-
-
Save flarco/040f9b14e2e6c4e846c46d7b8fbc1afd to your computer and use it in GitHub Desktop.
Routing traffic through another droplet (on DigitalOcean.com)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # on router / gateway | |
| # https://serverfault.com/questions/306024/how-to-route-network-traffic-of-a-host-via-another-host | |
| ##### ON GATEWAY ############################## | |
| # test IP | |
| curl ifconfig.me | |
| # Enable NAT | |
| echo ' | |
| net.ipv4.ip_forward=1' >> /etc/sysctl.conf | |
| sysctl net.ipv4.ip_forward=1 | |
| # use Private Network (interface eth1) | |
| iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE | |
| ##### ON NODE ################################# | |
| # test IP | |
| curl ifconfig.me | |
| # make sure eth1 is private network interface | |
| GATEWAY_PRIVATE_IP=x.x.x.x # This is PRIVATE IP on same subnet, not public | |
| ip route replace default via $GATEWAY_PRIVATE_IP dev eth1 | |
| # ssh connection will drop. public access is cut (not too sure why yet) | |
| # use DO console to verify ip is showing gateway IP | |
| curl ifconfig.me | |
| ##### ON GATEWAY ############################## | |
| # ssh should work on node private IP | |
| NODE_PRIVATE_IP=x.x.x.x # This is PRIVATE IP on same subnet, not public | |
| ssh root@$NODE_PRIVATE_IP | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment