Network/Server VPN

From Makers Local 256
Jump to: navigation, search

The Server VPN range (10.56.5.0/24) is used for point-to-point links between the shop and servers that aren't at the shop (such as remote2.makerslocal.org).

Sometimes we also just use IPsec to encrypt the 10.x traffic between the remote server's public address and the on-prem stuff. In this configuration, the edgerouter seems to love to add extraneous routes that you have to delete. Example:

ip route del 206.198.230.76 dev br0 scope link src 24.96.165.230

To ensure this happens if the VPN restarts, I add that "ip route del" line into root's crontab on the router, to run every few minutes. Terrible solution but it'll work for now.