AWS VPC リージョン間接続 ref: http://qiita.com/hotakasaito/items/7fddd728ed74b347e8aa
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ap-northeast-1 us-west-2 | |
| | 172.16.0.0/16 |<-->| VyOS |<==INTERNET==>| VPN |<-->| 172.17.0.0/16 | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1. AWS MarketplaceのVyOS(v1.1.0)を使ってインスタンス起動する |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2. ソース/宛先チェックの無効化 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 3. v1.1.0にはVPNのバグがあるらしくv1.0.5を使うとかの記述を見かけ試してみたが一部設定が失敗するために最新のバージョンに上げて対処したら上手くいったのでそれを採用した | |
| a. add system imageで最新のバージョンをインストールする | |
| b. インストール後rebootをすれば最新のバージョンに置き換わる |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ slogin VyOSインスタンス | |
| vyos@VyOS-AMI:~$ add system image http://packages.vyos.net/iso/release/1.1.6/vyos-1.1.6-amd64.iso | |
| ... | |
| vyos@VyOS-AMI:~$ show system image | |
| The system currently has the following image(s) installed: | |
| 1: VyOS-1.1.6 (default boot) | |
| 2: 1.1.0 (running image) | |
| vyos@VyOS-AMI:~$ reboot |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1. us-west-2のVPN設定のダウンロードをする |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2. VyOSに流し込む形式に加工する | |
| a. local-addressをVyOSのグローバルIPからプライベートIPに変更する(vpn-xxx.txtを編集する) | |
| b. 不要行の削除とvbashで実行できるようにする |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ cat <<EOF > us-west-2.config | |
| #!/bin/vbash | |
| source /opt/vyatta/etc/functions/script-template | |
| configure | |
| EOF | |
| $ grep -vE "^(\!|$)" /path/to/vpn-xxx.txt >> us-west-2.config | |
| $ cat <<EOF >> us-west-2.config | |
| commit | |
| save | |
| exit | |
| EOF | |
| scp us-west-2.config VyOSインスタンス:/tmp/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 3. scpしたconfigをvbashで実行する |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ slogin VyOSインスタンス | |
| vyos@VyOS-AMI:~$ vbash /tmp/us-west-2.config |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment