How to access an lxc locally when set to a vpn external ip trough openwrt

R

Rufus

New Member
Sep 29, 2023
5
0
1
Hi there!

I´m having what probably is a very silly problem, but I can´t really see where the issue is, networking is not really my thing. I ´m following this tutorial to set up openwrt in a lxc and re-route other lxc´s through a network interface (vmbr1) set up there with a vpn in wireguard. It works perfect, when I go to the other containers shells and get the ip, it is the public external ip from the vpn, however, then the internal access through the container local ip...does not work, if I change to the local network interface, all services are accesible again. In the tutorial, the final step is to reroute all containers through a single debian one with the command "python3 -m http.server" and then port forwading in openwrt every service to that ip, however I prefered to use a separated ip: port to every container, and I there guess is where something is failing....

Anyone can guess whats going on?

Cheers,
 
Last edited:
Continuing with this topic...I have added the bridge with static ip of the local network, and made a port forwading in opewrt:
1707062806945.png
portforward.png

If I go to the container now and get the ips:
Code: 
ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute
       valid_lft forever preferred_lft forever
2: eth0@if84: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether bc:24:11:65:16:f4 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet (publicIPfromvpn)/24 brd 10.50.50.255 scope global dynamic eth0
       valid_lft 42178sec preferred_lft 42178sec
    inet6 someinet/64 scope link
       valid_lft forever preferred_lft forever
3: eth1@if85: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether bc:24:11:bf:26:8a brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.50.102/24 brd 192.168.50.255 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::be24:11ff:febf:268a/64 scope link
       valid_lft forever preferred_lft forever

If I use the "curl ifconfig.co" I get the public ip from the openwrt bridge, and the service is avalaible trough the internal static ip, so I guess this is working, but somehow it does not feel well done. Am I missing something here?
 

Attachments

  • portforward.png
    portforward.png
    104 KB · Views: 10
You must log in or register to reply here.
Top Bottom