Phone sales support +39 0575 05077
  Phone technical support +39 0575 0508
 
Cloud Server > 17 - Design a data center > Configuration of Linux server

17.10.2 Configuration of Linux server Cloud Server Pro service guide

In this second part, specific for those with Linux servers, we proceed with the configuration of the Cloud Servers in the two data centers so they can reach one another through the private  OpenVPN tunnel that has been established.
This is the diagram of the network we are creating:


The pre-requirements for this guide are the same as the first part, ed and in particular you need to connect a network adapter of the Cloud Server through a Virtual Switch to the pfSense router/firewall.
To allow the "server1" to reach the "server2" first of all you need to connect the "server1" with the "pfsense1" through a private IP address (in the example we will use 10.0.1.100), assigned to the second network adapter. The "server1" and "server2", object of this guide, can continue to have their public IP address, through which to communicate directly to and from the Internet. The traffic addressed to the other server will travel through the private OpenVPN tunnel established between "pfsense1" and "pfsense2".

 ATTENTION: to avoid problems in case of error while following these instructions, persistent problems such as to block the Cloud Servers, in this guide we will configure the private IP address, the routing and the iptables firewall rules TEMPORARILY.
This means that the configurations will only last until the server (or the relevant network interfaces) is rebooted. In case of failures simply reboot "server1" and/or "server2" to restore the previous configuration. However, it is possible to simply make these changes permanent, by following the instructions of the specific Linux distribution in use in each Cloud Server.
Here is a diagram of the network we are creating:


1 - Configure "server1"

  • 1.1connect to your Linux Cloud Server via SSH using the "root" user
  • 1.2to assign the private IP address type in the following command: ifconfig eth1 10.0.1.100/24
  • 1.3to configure the routing type in the following command: ip route add 10.0.2.0/24 via 10.0.1.1
  • 1.4to allow all the traffic through the network adapter connected to the pfSense router/firewall type in the following command: iptables -I INPUT -i eth1 -j ACCEPT

2 - Configure "server2"

  • 2.1connect to your Linux Cloud Server via SSH using the "root" user
  • 2.2to assign the private IP address type in the following command:  ifconfig eth1 10.0.2.100/24
  • 2.3to configure the routing type in the following command: ip route add 10.0.1.0/24 via 10.0.2.1
  • 2.4to allow all the traffic through the network adapter connected to the pfSense router/firewall type in the following command: iptables -I INPUT -i eth1 -j ACCEPT
After checking that the servers work correctly, if you wish to make the private IP addresses, assigned in steps 1.2 and 2.2, permanent (therefore persistent after rebooting), it is possible to follow the instructions found in the Virtual Switch and private network guides

3 - Check connection

  • 3.1from "server1"
    • 3.1.1type in the following command: ping 10.0.2.1
    • 3.1.2make sure you get a response from "pfsense2"
    • 3.1.3type in the following command: ping 10.0.2.100
    • 3.1.4make sure you get a response from "server2"
  • 3.2and also from "server2"
    • 3.2.1type in the following command: ping 10.0.1.1
    • 3.2.2make sure you get a response from "pfsense1"
    • 3.2.3type in the following command: ping 10.0.1.100
    • 3.2.4make sure you get a response from "server1"

At this point we have checked that the connection between "server1" and "server2" has been  established. The two servers can now reach one another through the private IP addresses  10.0.1.100 and 10.0.2.100. All the network services (web, database, file sharing, etc.) offered by  "server1" will be available from "server2" and vice versa. To this private network you can add other servers ("server3", "server4", etc.) simply by changing the steps above as follows:
  • by replacing the IP address 10.0.1.100 with the following IP addresses (10.0.1.101, .102, .103, ...) if the server is found in data center 1
  • if the server is found in data center 2, by replacing the IP address 10.0.2.100 with the following IP addresses (10.0.2.101, .102, .103, ...)