Question

VPC, Gateway, Debian 10, Best Practices and other related questions.

Posted June 11, 2020 163 views
DebianNetworking

Since the release of VPCs in DigitalOcean I’ve been considering changing my current setup to use VPCs.

The idea is to set up a Gateway for all internal/backend services and leave webapps droplets their public facing IP as they currently are. This has brought me to few questions, and challenges, that I thought of asking first before going too deep through the rabbit hole.

I’m considering using FreeBSD and install pfSense to act as gateway? Would I get any performance/feature worth the effort to do this as opposed to have a CentOS/Debian droplet do the work?

I’d like to have a FreeIPA server for internal DNS, in addition to a possibly pi-hole droplet for DHCP (or even with pfSense) and also DNS. Is it possible to disable, or change config, for DHCP/DNS at the VPC level from /etc/network/interfaces.d/50-cloud-init.cfg at all?

Talking about /etc/network/interfaces.d/50-cloud-init.cfg in Debian 10. I don’t seem to be able to make a droplet in the back end have the gateway changed upon reboots. And whatever change I do in the file I get connection refused afterwards. With Ubuntu or CentOS is fine, but different files are used in these.

If I decided to have a single point of entry to my VPC (for all services), what is best practice? Having something like Caddy/Traefik in the gateway instance or putting it behind and let this one re-distribute?

Sorry for so many questions and thanks!

Submit an answer

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!