GRE Tunnel for AntiDDoS ?

[FlorinMarian]

Hi guys!
I'm totally confused those days about routing/nat and other similar.

What I have into GRE tunnel:
- Dedicated Server with 1 IP address (minimal AntiDDoS) - 192.168.168.1
- VPS Server with 1 IP address (powerful AntiDDoS) - 192.168.168.2

My requirement it's to route all traffic from Proxmox to external VPS to get it's AntiDDoS advantage.

I've created a GRE tunnel between them and it works fine, excepting that I can't catch end-user IP address (User IP it's shown as 192.168.168.2).

It is possible to get this working without having that problem with IP address ? (doesn't matter if it's related to GRE or other solution)

Thank you!

 

[jlebherz]

Hey,

yes of course it is possible, but you didnt send much information about your NAT settings...

you need the remove the masquerading on the VPS side of the tunnel for the direction to your dedicated server..

on your dedicated server you need to add some rule routing

# ip route add 192.168.168.0/24 dev [device] src 192.168.1.1 table 10 # ip route add default via 192.168.168.2 table 10 # ip rule add from 192.168.168.1/32 table 10 # ip rule add to 192.168.168.1/32 table 10

 

[FlorinMarian]

Hey,

yes of course it is possible, but you didnt send much information about your NAT settings...

you need the remove the masquerading on the VPS side of the tunnel for the direction to your dedicated server..

on your dedicated server you need to add some rule routing

# ip route add 192.168.168.0/24 dev [device] src 192.168.1.1 table 10 # ip route add default via 192.168.168.2 table 10 # ip rule add from 192.168.168.1/32 table 10 # ip rule add to 192.168.168.1/32 table 10

Thank you for your support! I will test it soon