GRE tunnel public IP in virtual machine - Traceroute showing full route

H

harmonyp

Member
Nov 26, 2020
196
4
23
46
`88.198.49.xxx` = Hetzner (will run virtual machines on this)

`141.94.176.xxx` = OVH (contains block below)

`164.132.xxx.0/28` = IP block to use on Hetzner as virtual machines

To get GRE set up I ran the following:

OVH:

Code: 
 ip tunnel add gre1 mode gre remote 88.198.49.xxx local 141.94.176.xxx ttl 255
    ip link set gre1 up
    ip route add 164.132.xxx.0/28 dev gre1
    iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

Hetzner:

Code: 
ip tunnel add gre1 mode gre remote 141.94.176.xxx local 88.198.49.xxx ttl 255
    ip link set gre1 up
    ip rule add from 164.132.xxx.0/28 table 666
    ip route add default dev gre1 table 666
    ip route add 164.132.xxx.0/28 dev vmbr0 table 666
    iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu


/etc/network/interfaces (Hetzner)

Code: 
auto vmbr0
    iface vmbr0 inet static
            address 164.132.xxx.1/28
            bridge-ports none
            bridge-stp off
            bridge-fd 0

When I traceroute 164.132.xxx.1 it works great doesn't show Hetzner IP

Code: 
7     1 ms     1 ms     1 ms  10.95.34.50
      8     2 ms     2 ms     2 ms  10.73.1.135
      9     2 ms     2 ms     2 ms  10.72.66.67
     10     2 ms     2 ms     2 ms  10.164.42.155
     11     1 ms     1 ms     1 ms  xxxxxx [141.94.176.xxx]
     12    17 ms    17 ms    17 ms  xxxxxx [164.132.xxx.1]


However when I traceroute the virtual machine using 164.132.xxx.2 I get the following result

Code: 
7     1 ms     1 ms     1 ms  10.95.34.32
      8     2 ms     2 ms     2 ms  10.73.1.45
      9     2 ms     2 ms     2 ms  10.72.66.67
     10     2 ms     2 ms     1 ms  10.164.42.163
     11     1 ms     1 ms     1 ms  xxxxxx [141.94.176.xxx]
     12    14 ms    14 ms    14 ms  xxxxxx [88.198.49.xxx]
     13    15 ms    15 ms    15 ms  xxxxxx [164.132.xxx.2]

How can I hide it so that 88.198.49.xxx is not shown? I believe this can be done with NAT but I do not want to use a NAT address as the virtual machines address. I want to keep the config as it is below for virtual machines if possible.

Code: 
IP: 164.132.xxx.2/28
    Gateway: 164.132.xxx.1
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom