At the beginning of the year, I talked about using OpenVPN to connect my parent’s network with my new place. The OpenVPN server was hosted on my Windows Server 2012 R2 machine, which I had recently decommissioned due to (1) Microsoft support within the next year, and (2) my brother giving me one of his hand-me-down machines. I took this opportunity to provision “my new machine” with Windows Server 2019. Instead of re-configuring OpenVPN, I decided to try ZeroTier, which is a peer-to-peer VPN, similar to the good old days of Hamachi. Even with this setup, I had trouble with packets getting dropped. It got so flaky that when I had to access my blog and URL shortener (which are located at my parents’) from my place, I had to change my DNS to 1.1.1.1 to pick up my Cloudflare DNS entries and route through Cloudflare instead.
I was convinced that IP routing on Windows Server was causing me headaches, so I switched to Linux for IP routing. The set up process was pretty straightforward. At my parents’ place, I used my pre-existing VM (LuiV-Silica) for IP routing and installed ZeroTier. At my place, I repurposed my Raspberry Pi 3 B+ (named LuiP-Haato like Akai Haato) for IP routing and also installed ZeroTier. Afterwards, I had to enable IP routing by running the following command:
sysctl -w net.ipv4.ip_forward=1
To make IP routing persist across reboots, I also added it to the /etc/sysctl.conf
config:
net.ipv4.ip_forward = 1
In the ZeroTier web GUI, I created a 192.168.10.0/24 subnet, assigned static IP addresses, and configured static routes similar to before:
- A static IP of 192.168.10.21 on the existing VM,
- A static IP of 192.168.10.10 on the Raspberry Pi,
- A static route for 192.168.3.0/24 to forward to 192.168.10.21, and
- A static route for 192.168.5.0/24 to forward to 192.168.10.10.
With the network adjustments above, the topology now looks like the following:
The final thing I had to do was adjust the static routes being advertised to clients from my Windows DHCP servers on both local networks so that all clients can route to both networks on their next DHCP lease renewals.
Afterwards, I ran a ping
test from my laptop to my local web server, and with 5000 packets, I only lost 2 packets. Compared to the 20+% packet loss I was seeing before, this is pretty damn good.
--- LuiV-Silica.injabie3.moe ping statistics --- 5000 packets transmitted, 4998 received, 0.04% packet loss, time 2504765ms rtt min/avg/max/mdev = 8.594/22.307/647.368/20.690 ms, pipe 2
In the end, I now have a more reliable inter-site routing solution set up. I might migrate back to OpenVPN at some point later in the future, since I would like to have ownership of this infrastructure myself. I still have to weigh the cost of time with managing this myself (there’s never enough time!), so I’ll leave it on the back burner for now. Bless IP routing on Linux for just working!
As a side note, in that first photo, Haachama, also known as Akai Haato, is a virtual YouTuber I occasionally watch. That’s the Nendoroid version of her pointing at the Raspberry Pi with a sticker of herself, illustrated by MiukiArts. I got the sticker at Anime Revolution 2022 this year.
Anyways, that’s all I have this time around. I hope to do another figure post again soon. I have a few that I’m excited to write about.
Until next time!
~Lui
[…] I mentioned in a previous blog post, I was also using a Rapsberry Pi for connecting my parents’ network with my network. Since I […]