A GRE tunnel allows you to connect Scaleway Elements Instances with Dedibox dedicated servers and vice versa to exchange files over a virtual network connection that passes through the public Internet.
The Generic Routing Encapsultion (GRE) protocol is designed as a tunneling tool in order to carry any OSI Layer 3 protocol over an IP network. It creates a point-to-point connection like a virtual private network (VPN) but without adding lots of latency or overhead.
Requirements
- You have an account and are logged into console.scaleway.com
- You have configured your SSH Key
- You have a Scaleway Elements Instance
- You have a Dedibox Dedicated Server
- You have sudo privileges or access to the root user.
1 . Connect to the Cloud Instance via SSH.
2 . Create a new file called configure-tunnel.sh
:
touch /opt/configure-tunnel.sh
3 . Open the file in a text editor and copy the following code into it:
nano /opt/configure-tunnel.sh
#!/bin/bash
REMOTE_IP="123.123.123.123" #Change this value to the public IP address of the remote instance
LOCAL_IP=`scw-metadata | grep "PRIVATE_IP=" | grep -oE '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+'`
ip tunnel add tun1 mode gre remote $REMOTE_IP local $LOCAL_IP ttl 255
ip addr add 192.168.0.1 dev tun1
ip link set tun1 up
ip route add 192.168.1.0/24 dev tun1
echo "Tunnel configured."
4 . Save the file, exit the text editor and make it executable:
chmod +x /opt/configure-tunnel.sh
5 . Run the script:
/opt/configure-tunnel.sh
1 . Connect to the Dedibox dedicated server via SSH.
2 . Create a new file called configure-tunnel.sh
:
touch /opt/configure-tunnel.sh
3 . Open the file in a text editor and copy the following code into it:
nano /opt/configure-tunnel.sh
#!/bin/bash
REMOTE_IP="123.123.123.123" #Change this value to the public IP address of the Scaleway Cloud Instance
LOCAL_IP="123.123.123.123" #Change this value to the public IP address of the Dedibox dedicated server
ip tunnel add tun1 mode gre remote $REMOTE_IP local $LOCAL_IP ttl 255
ip addr add 192.168.1.1 dev tun1
ip link set tun1 up
ip route add 192.168.0.0/24 dev tun1
echo "Tunnel configured."
4 . Save the file, exit the text editor and make it executable:
chmod +x /opt/configure-tunnel.sh
5 . Run the script:
/opt/configure-tunnel.sh
1 . Run a first test by pinging the other endpoint to see if the tunnel is working:
root@dedibox:~# ping 192.168.0.1
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
64 bytes from 192.168.0.1: icmp_seq=1 ttl=64 time=0.854 ms
64 bytes from 192.168.0.1: icmp_seq=2 ttl=64 time=1.67 ms
64 bytes from 192.168.0.1: icmp_seq=3 ttl=64 time=0.854 ms
64 bytes from 192.168.0.1: icmp_seq=4 ttl=64 time=0.651 ms
--- 192.168.0.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2999ms
rtt min/avg/max/mdev = 0.651/1.007/1.670/0.392 ms
root@scw-instance:~# ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=1.22 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=1.01 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=1.17 ms
64 bytes from 192.168.1.1: icmp_seq=4 ttl=64 time=1.10 ms
--- 192.168.1.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 1.011/1.130/1.226/0.084 ms
2 . Install a web server on the Dedibox:
apt update && apt install nginx -y
3 . Enter the directory that is used to serve websites:
cd /var/www/html
4 . Download a test file into the /var/www/html
directory:
wget http://ping.online.net/1000Mo.dat
5 . Install curl on the Scaleway Elements instance:
apt update && apt install curl -y
6 . Run a bandwidth test with curl:
root@scw-instance:~# curl -4 -o /dev/null http://192.168.1.1/1000Mo.dat
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 953M 100 953M 0 0 97.8M 0 0:00:09 0:00:09 --:--:-- 67.0M
As you can see in the example above the tunnel creates very low overhead and the bandwidth available for the instance can be used.
Important: For latency reasons and to avoid IP conflicts, it is not recommended to create tunnels between different regions (For example between Paris and Amsterdam).
Important: These steps have to be executed on both machines.
1 . Create a systemd
script in the directory /etc/systemd/system
, called configure-tunnel.service
, and open it in a text editor:
nano /etc/systemd/system/configure-tunnel.service
Copy/paste the following content into the file:
[Unit]
After=network.target
[Service]
ExecStart=/opt/configure-tunnel.sh
[Install]
WantedBy=default.target
2 . Save the file and exit the text editor.
3 . Set the file permissions, reload the systemd
daemon and enable the newly created service:
chmod 664 /etc/systemd/system/configure-tunnel.service
systemctl daemon-reload
systemctl enable configure-tunnel.service
4 . On the next reboot systemd
will run the script during the boot process to automatically configure the tunnel.
Online by Scaleway provides a wide range of Dedibox dedicated servers, with options such as Private Network, RPN-SAN, Backup, Monitoring.
You can use the virtual network you just set up to communicate between your Scaleway Elements Virtual Instances, Bare Metal Servers and your Dedibox dedicated servers over a virtual network connection. This can be useful to configure services like databases that are not available on the public network and use the virtual connection to communicate between them.