[Durham] Linux routing via 2 Open vpn servers to different destinations

Fri Dec 20 20:50:43 UTC 2013

Sure Richard

Heres the link http://www.hardkernel.com/main/main.php

Thanks for your help too :)

Cheers

Andrew

On 20 December 2013 20:21, Richard Mortimer <richm at oldelvet.org.uk> wrote:

> On 20/12/2013 19:26, Andrew Glass wrote:
>
>> Good evening peeps :)
>>
>> Merry Christmas! :D
>>
>> Ok so Ive just this moment decided to do myself a little project
>> involving my little odroid-U2 quad I bought (cracking little bit of kit
>> basically a samsung galaxy s3 quad with 2 gb ram on a board smaller than
>> a raspberry pi with eth, 2 x usb 2 ports, 3.5mm audi, mini hdmi, eMMC
>> and microsd slots)
>>
> Sounds nice. Do you have a link? (I'm too lazy to type it into Google!)
>
>
>
>> What I basically want is a permanent vpn connection for all my outgoing
>> traffic routing via the odroid which will run openvpn to my openvpn
>> server in Amsterdam (digitalocean droplet) then depending on the website
>> I want, I would like it to split off in one of two directions.
>>
> Ok.
>
>
>
>> If the address is netflix (so much more choice on the USA netflix
>> compared to UK) I want it to route from Amsterdam to my openvpn server
>> in New York so I can watch USA Netflix.  If its any other type of
>> traffic  its to jump off the vpn at amsterdam and go surfing on the
>> normal internet.  Does that make sense?
>>
> Yes.
>
>
>
>> I have a basic range of netflix addresses which are also served via
>> Amazon EC2.
>>
> Good.
>
>
>
>> Im just trying to figure out the routing commands to add to my server/
>> openvpn configuration in Amsterdam to allow this to happen.
>>
> Ok. So assuming that you have a suitable (presumably openvpn) link between
> Amsterdam and New York. Then you should just be able to tell the box to
> route the netflix range of addresses via New York.
>
> Note that you will need to encapsulate the packets in some protocol
> between Ams and NY because if you try to use real addresses the internet
> will just grab the packets and send them in the wrong direction.
>
> So in (old money) route command syntax that would be
>
> route add -net aa.bb.cc.dd/nn gw ny.open.vpn.ip
>
> you might need to add a   'dev xxxx' to the end of that to force it to use
> the local end of your Amsterdam-NewYork openvpn link network interface
> (xxxx)
>
> In new money (ip route) command that is something like
>
> ip route add to unicast aa.bb.cc.dd/nn via ny.open.vpn.ip dev xxxx
>
> but beware I'm more used to the old style commands for simple things so
> the latter might need tweaking.
>
> Now there might need to be some magic to ensure that packets get routed
> back from your NY VPN via Amsterdam.
>
> Another option to consider would be to just do the routing on your odroid
> and connect to both VPNs from there.
>
>
>
>> This is the first time I have done anything this complicated.  Can it be
>> done?  Examples of any useful routing commands to achieve this would be
>> most gratefully received.
>>
> Have fun.
>
> My main suggestion would be to get things working in steps. OpenVPN from
> odroid to Amsterdam, then OpenVPN Ams to NY. Then ping NY (via openvpn)
> from odroid. Then finally start thinking about getting to Netflix. I'm sure
> there will be a few layers of NAT translation in that lot so plenty of
> scope for packets to go missing!
>
> Regards
>
> Richard
>
>
>> Hope you are all well :)
>>
>> Cheers
>>
>> Andy
>>
>>
>>
>>
>> _______________________________________________
>> Durham mailing list   -   Durham at mailman.lug.org.uk
>> https://mailman.lug.org.uk/mailman/listinfo/durham
>> http://www.nelug.org.uk/
>>
>>
> _______________________________________________
> Durham mailing list   -   Durham at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/durham
> http://www.nelug.org.uk/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/durham/attachments/20131220/53d2ae94/attachment.html>