So I got 3 Dedicated Servers each having its own Static IP and I wanted a way to build a private network between these servers.
The Scenario:
3 Servers with the following IP’s (not real IP addresses):
123
- Server 1: 52.1.99.10
- Server 2: 52.1.84.20
- Server 3: 52.1.49.30
So I want to have a private network, so that I can have the following internal network:
123
- Server 1: 10.0.1.1
- Server 2: 10.0.1.2
- Server 3: 10.0.1.3
A couple of years ago, I accomplished the end goal using GRE Tunnels, which works well, but wanted to try something different.
VPNCloud
So I stumbled upon VPNCloud.rs, which is a peer to peer VPN. Their description, quoted from their Github page:
“VpnCloud is a simple VPN over UDP. It creates a virtual network interface on the host and forwards all received data via UDP to the destination. VpnCloud establishes a fully-meshed VPN network in a peer-to-peer manner. It can work on TUN devices (IP based) and TAP devices (Ethernet based).”
This is exactly what I was looking for.
Setting up a 3 node Private Network:
Given the IP configuration above, we will setup a Private network between our 3 hosts.
Do some updates then grab the package from Github and install VPNCloud:
Let’s start the configuration on Server-1, this config should also be setup on the other 2 servers, the config will remain the same, except for the ifup command. The other servers will look like:
12
Server-2: -> ifup: "ifconfig $IFNAME 10.0.1.2/24 mtu 1400"Server-3: -> ifup: "ifconfig $IFNAME 10.0.1.3/24 mtu 1400"
# each vpn running on their own portport: 3210
# members of our private networkpeers:
- srv2.domain.com:3210
- srv3.domain.com:3210
# timeoutspeer_timeout: 1800
dst_timeout: 300
# token that identifies the network and helps to distinguish from other networksmagic: "76706e01"# pre shared keyshared_key: "VeryStrongPreSharedKey_ThatShouldBeChanged"# encryptioncrypto: aes256
# device infodevice_name: "vpncloud%d"device_type: tap
# vpn modes: hub / switch / router / normalmode: normal
# subnet to be used for our private networksubnets:
- 10.0.1.0/24
# command to setup the networkifup: "ifconfig $IFNAME 10.0.1.1/24 mtu 1400"ifdown: "ifconfig $IFNAME down"# user/group owning the processuser: "root"group: "root"