Web lists-archives.com

Re: Accessing a host with variable IP addresses / connection types




On Wed, 17 Apr 2019 15:29:50 +0200
Kevin DAGNEAUX <kevin.dagneaux@xxxxxxxxxxxx> wrote:

> 
> Le 17/04/2019 à 14:15, Celejar a écrit :
> > On Wed, 17 Apr 2019 08:37:20 +0200
> > Kevin DAGNEAUX <kevin.dagneaux@xxxxxxxxxxxx> wrote:
> >
> >>> Hi,
> >>>
> >>> I've been bedeviled by this question for a while, but have been unable
> >>> to figure out a clean, non-hackish solution. It may be an XY problem ...
> >>>
> >>> I have a system (laptop, running Debian) that is sometimes connected
> >>> directly to my LAN, and sometimes connected via VPN (wireguard, to the
> >>> local router, running OpenWrt). The LAN is 192.168.0.0/24, with the
> >>> laptop having a fixed, static address in that range (although I'm
> >>> certainly open to using DHCP, possibly with a fixed address
> >>> reservation). The VPN is 10.0.0.0/24, with the laptop getting a fixed,
> >>> static address in that range (and wireguard apparently doesn't work
> >>> with dhcp).
> >>>
> >>> I currently have an entry in /etc/hosts on the various LAN hosts
> >>> assigning a hostname to the laptop's fixed local address, and the LAN
> >>> hosts can access the laptop via that hostname. [I could alternatively
> >>> use dnsmasq, which is running on the router regardless.] This obviously
> >>> doesn't work when the laptop is connected via VPN. [The laptop can
> >>> access the LAN hosts fine via their hostnames, so I seem to have the
> >>> routing correctly configured on the laptop and the router.]
> >>>
> >>> What I seem to want (but maybe XY?) is some way to adjust the host
> >>> files (or dnsmasq's information) so that the hostname will resolve to
> >>> the LAN address when the laptop is connected to the LAN, and the VPN
> >>> address when it's connected via VPN. If everything was using DHCP, this
> >>> would be straightforward enough, but as I said, the VPN apparently
> >>> needs to be configured statically, and not via DHCP. I could obviously
> >>> use some custom script (using, say, ageas, to modify host files) but
> >>> this seems hackish. What is a standard, 'correct' way to do this, or
> >>> more generally, to enable the LAN hosts to access the laptop
> >>> seamlessly regardless of its IP address and connection type?
> >>>
> >>> Celejar
> >>>
> >> Hi,
> >>
> >> A possible solution is to use a bridged VPN, in this case, your laptop
> >> will always have the same IP.
> > Thanks. I can't seem to find much information about this - can you
> > elaborate, or point me to a link? [I'm not a networking expert.]
> >
> > Currently, my LAN is 192.168.0.0/24, which is also the addressing
> > scheme of some of the networks out of my control that I'm setting up a
> > VPN link from. I deliberately used 10.0.0.0/24 for the VPN to avoid
> > address collisions with these other networks. It did occur to me to
> > consider using a different address space, for the VPN or perhaps for the
> > whole home LAN, but I'd rather not take that step just to solve what
> > seems a relatively simple problem unless absolutely necessary
> >
> > Celejar
> >
> Celjar,
> 
> You can find some explaination at 
> https://openvpn.net/community-resources/ethernet-bridging/

Thanks. I'm trying to figure out whether Wireguard, and OpenWrt's
implementation of it in particular, supports bridging.

> Using common network adressing will often give address collisions when 
> using VPN (routed or bridged VPN), like if on your home network and 
> remote network you have 2 machin with same IP, one of them will not be 
> reachable (depending of your routing table).

I think that this won't be much of an issue - when I'm on remote
networks, there typically aren't any hosts on those networks that I need
to access.

Celejar