June 12, 2010 at 2:15 pm #42440
How to setup DDNS Cilent / OpenVPN Server user ppp0 only while multi ppp links and Net Balancer enabled?
I’ve tried to setup all packages from all ip addresses of router, 127.0.0.1 included, to use ppp0. No luck.
Thanks.June 14, 2010 at 8:30 am #50440
I’m not sure your question is pretty clear, could you make it more simple?June 15, 2010 at 4:32 am #50441
I’m sorry that my English is not fluent and clear…
I have a Zeroshell with DDNS client and OpenVPN server enabled.
It works great when I use ONE adsl ppp link.
Now, I added the 2nd adsl to the same router. Net Balancer is activated.
I setup some servers specified to use ppp1 with all others go through ppp0.
All client computers works without any problem. But the DDNS client and OpenVPN server on Zeroshell have some.
DDNS (Dyndns) always report to me that IP changed too frequently. It uses a random ppp link.
OpenVPN server maybe has the same problem. I cannot connect to this service remotely.
How to setup these two service to use only ppp0 with Net Balancer enabled?
Thanks a lot.June 15, 2010 at 12:38 pm #50442
That was much more clear question. You’ll have to create Balancer Rules.
Here are my rules:
For the Openvpn
MARK tcp opt -- in !BRIDGE00 out * 0.0.0.0/0 -> 0.0.0.0/0 tcp spt:1194 MARK set 0x66
for the Dyndns
MARK all opt -- in BRIDGE00 out * 10.14.149.31 -> 0.0.0.0/0 MARK set 0x66
Some explanation… BRIDGE00 is my home LAN and 1194 is the Openvpn source port. Also 10.14.149.31 is the server running the Dyndns. As you can see both of them go out of the same connection (0x66).June 15, 2010 at 1:45 pm #50443
Thank you very much.
BTW, I guess the 10.x.x.x/8 is a private network address. How can DynDNS server use this ip address in internet?June 15, 2010 at 3:57 pm #50444
Sorry I didn’t explain it properly. It is a server in my house that runs the inadyn update client for Dyndns. Yes, 10.0.0.0/8 is a private address space.June 15, 2010 at 3:58 pm #50445
In my case, DDNS client is running on the Zeroshell. not a separated computer…June 15, 2010 at 4:01 pm #50446
Then you have to classify the traffic in another way, other than source IP address, unless you don’t mind if all of the ZS traffic will go out of 1 interface only.June 15, 2010 at 4:05 pm #50447
that’s ok for me.
But I added 4 rules:
MARK all opt — in * out * 127.0.0.1 !-> 10.0.0.0/8 MARK set 0x64
MARK all opt — in * out * 10.252.253.254 !-> 10.0.0.0/8 MARK set 0x64
MARK all opt — in * out * 10.252.252.254 !-> 10.0.0.0/8 MARK set 0x64
MARK all opt — in * out * 10.252.251.254 !-> 10.0.0.0/8 MARK set 0x64
(all ip addresses are binded to this router)
The ddns client still use a random ppp link…June 15, 2010 at 4:09 pm #50448
What you have done is wrong. Check my example better and fit it to your needs.June 15, 2010 at 4:12 pm #50449
Thanks. So i still need to find a way to let ddns client work on ppp0 only…June 16, 2010 at 7:41 am #50450
iptables can mark packets depending on the USERID of the process, this would prove useful if you chroot dyndns client. Also you may mark depending on IP and destination port if you feel confident that it won’t change.
You must be logged in to reply to this topic.