How to access an lxc locally when set to a vpn external ip trough openwrt

R

Rufus

New Member
Sep 29, 2023
5
0
1
Hi there!

I´m having what probably is a very silly problem, but I can´t really see where the issue is, networking is not really my thing. I ´m following this tutorial to set up openwrt in a lxc and re-route other lxc´s through a network interface (vmbr1) set up there with a vpn in wireguard. It works perfect, when I go to the other containers shells and get the ip, it is the public external ip from the vpn, however, then the internal access through the container local ip...does not work, if I change to the local network interface, all services are accesible again. In the tutorial, the final step is to reroute all containers through a single debian one with the command "python3 -m http.server" and then port forwading in openwrt every service to that ip, however I prefered to use a separated ip: port to every container, and I there guess is where something is failing....

Anyone can guess whats going on?

Cheers,
 
Last edited:
Continuing with this topic...I have added the bridge with static ip of the local network, and made a port forwading in opewrt:
1707062806945.png
portforward.png

If I go to the container now and get the ips:
Code: 
ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute
       valid_lft forever preferred_lft forever
2: eth0@if84: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether bc:24:11:65:16:f4 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet (publicIPfromvpn)/24 brd 10.50.50.255 scope global dynamic eth0
       valid_lft 42178sec preferred_lft 42178sec
    inet6 someinet/64 scope link
       valid_lft forever preferred_lft forever
3: eth1@if85: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether bc:24:11:bf:26:8a brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.50.102/24 brd 192.168.50.255 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::be24:11ff:febf:268a/64 scope link
       valid_lft forever preferred_lft forever

If I use the "curl ifconfig.co" I get the public ip from the openwrt bridge, and the service is avalaible trough the internal static ip, so I guess this is working, but somehow it does not feel well done. Am I missing something here?
 

Attachments

  • portforward.png
    portforward.png
    104 KB · Views: 8
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back