Jump toUpdate content

Connect Scaleway Dedibox to Scaleway Elements

Reviewed on 22 August 2019Published on 22 August 2019
  • tunnel
  • gre
  • dedibox
  • instance

GRE tunnel - Overview

A GRE tunnel allows you to connect Scaleway Elements Instances with Dedibox dedicated servers and vice versa to exchange files over a virtual network connection that passes through the public Internet.

The Generic Routing Encapsultion (GRE) protocol is designed as a tunneling tool in order to carry any OSI Layer 3 protocol over an IP network. It creates a point-to-point connection like a virtual private network (VPN) but without adding lots of latency or overhead.

Requirements:

Setting up the tunnel on a Scaleway Elements Instance

  1. Connect to the Cloud Instance via SSH.

  2. Create a new file called configure-tunnel.sh:

    touch /opt/configure-tunnel.sh
  3. Open the file in a text editor and copy the following code into it:

    nano /opt/configure-tunnel.sh
    #!/bin/bash

    REMOTE_IP="123.123.123.123" #Change this value to the public IP address of the remote instance
    LOCAL_IP=`scw-metadata | grep "PRIVATE_IP=" | grep -oE '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+'`

    ip tunnel add tun1 mode gre remote $REMOTE_IP local $LOCAL_IP ttl 255
    ip addr add 192.168.0.1 dev tun1
    ip link set tun1 up
    ip route add 192.168.1.0/24 dev tun1
    echo "Tunnel configured."
  4. Save the file, exit the text editor and make it executable:

    chmod +x /opt/configure-tunnel.sh
  5. Run the script:

    /opt/configure-tunnel.sh

Setting up the tunnel on a Dedibox Server

  1. Connect to the Dedibox dedicated server via SSH.

  2. Create a new file called configure-tunnel.sh:

    touch /opt/configure-tunnel.sh
  3. Open the file in a text editor and copy the following code into it:

    nano /opt/configure-tunnel.sh
    #!/bin/bash

    REMOTE_IP="123.123.123.123" #Change this value to the public IP address of the Scaleway Cloud Instance
    LOCAL_IP="123.123.123.123" #Change this value to the public IP address of the Dedibox dedicated server

    ip tunnel add tun1 mode gre remote $REMOTE_IP local $LOCAL_IP ttl 255
    ip addr add 192.168.1.1 dev tun1
    ip link set tun1 up
    ip route add 192.168.0.0/24 dev tun1
    echo "Tunnel configured."
  4. Save the file, exit the text editor and make it executable:

    chmod +x /opt/configure-tunnel.sh
  5. Run the script:

    /opt/configure-tunnel.sh

Testing the tunnel

  1. Run a first test by pinging the other endpoint to see if the tunnel is working:

    root@dedibox:~# ping 192.168.0.1
    PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
    64 bytes from 192.168.0.1: icmp_seq=1 ttl=64 time=0.854 ms
    64 bytes from 192.168.0.1: icmp_seq=2 ttl=64 time=1.67 ms
    64 bytes from 192.168.0.1: icmp_seq=3 ttl=64 time=0.854 ms
    64 bytes from 192.168.0.1: icmp_seq=4 ttl=64 time=0.651 ms
    --- 192.168.0.1 ping statistics ---
    4 packets transmitted, 4 received, 0% packet loss, time 2999ms
    rtt min/avg/max/mdev = 0.651/1.007/1.670/0.392 ms
    root@scw-instance:~# ping 192.168.1.1
    PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
    64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=1.22 ms
    64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=1.01 ms
    64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=1.17 ms
    64 bytes from 192.168.1.1: icmp_seq=4 ttl=64 time=1.10 ms
    --- 192.168.1.1 ping statistics ---
    4 packets transmitted, 4 received, 0% packet loss, time 3004ms
    rtt min/avg/max/mdev = 1.011/1.130/1.226/0.084 ms
  2. Install a web server on the Dedibox:

    apt update && apt install nginx -y
  3. Enter the directory that is used to serve websites:

    cd /var/www/html
  4. Download a test file into the /var/www/html directory:

    wget http://ping.online.net/1000Mo.dat
  5. Install curl on the Scaleway Elements instance:

    apt update && apt install curl -y
  6. Run a bandwidth test with curl:

    root@scw-instance:~# curl -4 -o /dev/null http://192.168.1.1/1000Mo.dat
    % Total % Received % Xferd Average Speed Time Time Time Current
    Dload Upload Total Spent Left Speed
    100 953M 100 953M 0 0 97.8M 0 0:00:09 0:00:09 --:--:-- 67.0M

As you can see in the example above the tunnel creates very low overhead and the bandwidth available for the instance can be used.

Tip:

For latency reasons and to avoid IP conflicts, it is not recommended to create tunnels between different regions (For example between Paris and Amsterdam).

Configuring an Automatic Start of the Tunnel on System Boot

Important:

These steps have to be executed on both machines.

  1. Create a systemd script in the directory /etc/systemd/system, called configure-tunnel.service, and open it in a text editor:

    nano /etc/systemd/system/configure-tunnel.service
  2. Copy/paste the following content into the file:

    [Unit]
    After=network.target

    [Service]
    ExecStart=/opt/configure-tunnel.sh

    [Install]
    WantedBy=default.target
  3. Save the file and exit the text editor.

  4. Set the file permissions, reload the systemd daemon and enable the newly created service:

    chmod 664 /etc/systemd/system/configure-tunnel.service
    systemctl daemon-reload
    systemctl enable configure-tunnel.service
  5. On the next reboot systemd will run the script during the boot process to automatically configure the tunnel.

Going further

Scaleway provides a wide range of Dedibox dedicated servers, with options such as Private Network, RPN-SAN, Backup, Monitoring.

You can use the virtual network you just set up to communicate between your Scaleway Elements Virtual Instances, Bare Metal Servers and your Dedibox dedicated servers over a virtual network connection. This can be useful to configure services like databases that are not available on the public network and use the virtual connection to communicate between them.