DDNS / OpenVPN with NetBalancer

Home Page Forums Network Management ZeroShell DDNS / OpenVPN with NetBalancer

This topic contains 10 replies, has 0 voices, and was last updated by  scegg 8 years, 9 months ago.

Viewing 12 posts - 1 through 12 (of 12 total)
  • Author
    Posts
  • #42440

    scegg
    Participant

    Hi.

    How to setup DDNS Cilent / OpenVPN Server user ppp0 only while multi ppp links and Net Balancer enabled?

    I’ve tried to setup all packages from all ip addresses of router, 127.0.0.1 included, to use ppp0. No luck.

    Thanks.

    #50440

    ppalias
    Member

    I’m not sure your question is pretty clear, could you make it more simple?

    #50441

    scegg
    Participant

    I’m sorry that my English is not fluent and clear…

    I have a Zeroshell with DDNS client and OpenVPN server enabled.
    It works great when I use ONE adsl ppp link.

    Now, I added the 2nd adsl to the same router. Net Balancer is activated.
    I setup some servers specified to use ppp1 with all others go through ppp0.
    All client computers works without any problem. But the DDNS client and OpenVPN server on Zeroshell have some.

    DDNS (Dyndns) always report to me that IP changed too frequently. It uses a random ppp link.
    OpenVPN server maybe has the same problem. I cannot connect to this service remotely.

    How to setup these two service to use only ppp0 with Net Balancer enabled?

    Thanks a lot.

    #50442

    ppalias
    Member

    That was much more clear question. You’ll have to create Balancer Rules.
    Here are my rules:
    For the Openvpn

    MARK tcp opt -- in !BRIDGE00 out * 0.0.0.0/0 -> 0.0.0.0/0 tcp spt:1194 MARK set 0x66 

    for the Dyndns

    MARK all opt -- in BRIDGE00 out * 10.14.149.31 -> 0.0.0.0/0 MARK set 0x66 

    Some explanation… BRIDGE00 is my home LAN and 1194 is the Openvpn source port. Also 10.14.149.31 is the server running the Dyndns. As you can see both of them go out of the same connection (0x66).

    #50443

    scegg
    Participant

    Thank you very much.

    BTW, I guess the 10.x.x.x/8 is a private network address. How can DynDNS server use this ip address in internet?

    #50444

    ppalias
    Member

    Sorry I didn’t explain it properly. It is a server in my house that runs the inadyn update client for Dyndns. Yes, 10.0.0.0/8 is a private address space.

    #50445

    scegg
    Participant

    hmm.
    In my case, DDNS client is running on the Zeroshell. not a separated computer…

    #50446

    ppalias
    Member

    Then you have to classify the traffic in another way, other than source IP address, unless you don’t mind if all of the ZS traffic will go out of 1 interface only.

    #50447

    scegg
    Participant

    that’s ok for me.

    But I added 4 rules:
    MARK all opt — in * out * 127.0.0.1 !-> 10.0.0.0/8 MARK set 0x64
    MARK all opt — in * out * 10.252.253.254 !-> 10.0.0.0/8 MARK set 0x64
    MARK all opt — in * out * 10.252.252.254 !-> 10.0.0.0/8 MARK set 0x64
    MARK all opt — in * out * 10.252.251.254 !-> 10.0.0.0/8 MARK set 0x64
    (all ip addresses are binded to this router)

    The ddns client still use a random ppp link…

    #50448

    ppalias
    Member

    What you have done is wrong. Check my example better and fit it to your needs.

    #50449

    scegg
    Participant

    Thanks. So i still need to find a way to let ddns client work on ppp0 only…

    #50450

    ppalias
    Member

    iptables can mark packets depending on the USERID of the process, this would prove useful if you chroot dyndns client. Also you may mark depending on IP and destination port if you feel confident that it won’t change.

Viewing 12 posts - 1 through 12 (of 12 total)

You must be logged in to reply to this topic.