Where to run my bungeecord?

Discussion in 'Hosting Advice' started by jessegeerts, May 7, 2016.

  1. "Note: If you are tunneling to an OVH server, you most likely don't have GRE support in your kernel. You'll need to use a IPIP tunnel instead."
    did not know this.
    look like you have to use a IPIP tunnel.
     
  2. Tux

    Tux

    But if you use the distribution kernel, you can use GRE. I recommend using the distribution-provided kernel anyway for better compatibility.
     
  3. I use:
    Code (Text):

    Linux headhunterz.pw 3.13.0-85-generic #129-Ubuntu SMP Thu Mar 17 20:50:15 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

    ((( Welcome to Ubuntu 14.04.4 LTS (GNU/Linux 3.13.0-85-generic x86_64) )))
     
     
  4. Tux

    Tux

    Great, that's the kernel provided with Ubuntu 14.04! Then you can use GRE tunnelling.
     
  5. i honestly have no clue about teh kernel but what ever you can got to work should be fine as they are (just) different protocols to do the same thing.

    im going to go start my server and see if i cant get this to work.
     
  6. [​IMG]

    After following both guides.
     
  7. FHR

    FHR

    Please note, that OVH SSD 2016 VPS' have GRE support (at least on CentOS 7). I actually used it as a DDOS shield and it works without recompiling kernel.

    @Headhunterz_ you probably don't DMZ your public IP to your server, or a firewall is blocking GRE requests (protocol 47). Or you are just doing something wrong. Run "ifconfig" on both your servers and post output here (if "Unknown command" run "ip addr"). Also post output of "iptables -L" (You can remove/mask your public IP)

    Also, the GRE tunnel destination IS your home public IP on one end, and your VPS public IP on the other end.
    Like this:
    Code (Text):
    VPS:
    iptunnel add gre1 mode gre local OVH_IP remote HOME_PUBLIC_IP ttl 255

    HOME:
    iptunnel add gre1 mode gre local HOME_PUBLIC_IP remote OVH_IP ttl 255

    Checklist:
    [ ] Is your public IP forwarded to your server ? (DMZ, not per port forwarding)
    [ ] Do you have a firewall on your servers ?
    [ ] Do you have a firewall on your home router ?
    [ ] Is there anything else that could block protocol 47 (GRE) ?
    [ ] Did you read the whole article on BuyVM' wiki ? Or just blindly copy-pasted everything into all servers?

    // EDIT just noticed you said "after following both guides".
    This is very bad. You can't just follow every guide on the Internet at the same time. You pretty much screwed it - because those guides use same IP ranges.... => errors/conflicts/trouble. So, remove lines you added to "/etc/rc.local" and do reboot on both servers to clean the configuration of tunnels.
     
  8. @FHR
    1). I use DMZ on that machine
    2). iptables with fail2ban
    3). The firewall blocks ip fragmented packets, port scan disabled, and ip flood protection enabled
    4). It says that the port is closed so its not in use
    5). I replaced the protected_ip to the vps and the destination to the internal IP and tried to use the external IP
     
    #28 jessegeerts, May 9, 2016
    Last edited: May 9, 2016
  9. FHR

    FHR

    Please note that "protocol" is not the same thing as "port".
     
  10. For the GRE Tunnel work you are using the public IP of your router
     
  11. the ifconfig output:
    dedi:
    [​IMG]
    vps:
    [​IMG]
     
  12. And why since I will no longer be protected for ddos attacks if I would do that.
     
  13. did you get the gre tunnel to work?
     
  14. Nope
     
  15. im going to take my Rpi 2 to school and see if i can get a link between that and my home server up. that will eliminate anything with keranals. im hoping this will work.