following https://docs.digitalocean.com/products/networking/vpc/how-to/configure-droplet-as-gateway/ I run into the problem that I cannot get urls to be resolved on the backend droplet. I can ping external ip’s like 8.8.8.8 but not google.com
ubuntu 20.4
(eth0 = public)
Chain POSTROUTING (policy ACCEPT 8459 packets, 575K bytes)
pkts bytes target prot opt in out source destination
4934 397K MASQUERADE all -- * eth0 10.110.0.0/20 0.0.0.0/0
route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.110.0.5 0.0.0.0 UG 0 0 0 eth1
10.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
10.110.0.0 0.0.0.0 255.255.240.0 U 0 0 0 eth1
159.223.208.0 0.0.0.0 255.255.240.0 U 0 0 0 eth0
169.254.169.254 159.223.208.1 255.255.255.255 UGH 0 0 0 eth0
50-cloud-init.yaml:
network:
version: 2
ethernets:
eth0:
addresses:
- 159.223.214.1/20
- 2A03:B0C0:0002:00D0:0000:0000:005C:9001/64
- 10.18.0.6/16
match:
macaddress: 2a:99:79:eb:6e:62
nameservers:
addresses:
- 67.207.67.3
- 67.207.67.2
search: []
set-name: eth0
eth1:
addresses:
- 10.110.0.3/20
match:
macaddress: c6:27:e5:74:28:70
nameservers:
addresses:
- 67.207.67.3
- 67.207.67.2
search: []
routes:
- to: 0.0.0.0/0
via: 10.110.0.5
set-name: eth1
ip route get 8.8.8.8
8.8.8.8 via 10.110.0.5 dev eth1 src 10.110.0.3 uid 0
cache
ping google.com
... nothing
oh… and by the way, when I do netplan apply --debug
then my routes change in the sence that the line
169.254.169.254 159.223.208.1 255.255.255.255 UGH 0 0 0 eth0
is removed
route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.110.0.5 0.0.0.0 UG 0 0 0 eth1
10.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
10.110.0.0 0.0.0.0 255.255.240.0 U 0 0 0 eth1
159.223.208.0 0.0.0.0 255.255.240.0 U 0 0 0 eth0
any help is highly appreciated thanks Eric
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Looks like you’re missing gateway4 in your eth0 configuration.
Also consider a mesh networking solution like
A mesh network lets you tie disparate hosts together without firewall management, and it’s all VPN. If you need ingress from public IP, then that’s different, but if all you’re doing is host management, try a mesh network. Tailscale is suuuuuuuuuuper simple, headscale is kinda simple, cloudflared is moderate once you get over the terminology.
There’s also zerotierone, and nebula, or straight up wireguard.
https://tunnel.pyjam.as/ This is as basic as it gets, and works really well, depending on your needs.