1

I'm trying to set up a bridge interface as described in many docs, for instance:

https://help.ubuntu.com/community/OpenVPN

My setup in identical to that one, except obviously I used my GCE internal IP, my GCE gateway for my gateway, and set MTU to 1460.

The funny thing is: I can do this from the command line, but when I do it from boot as a service I become locked out of my console.

Here are the last few lines of the serial console output for my unreachable server after reboot:

Mar 25 06:44:51 ns1 cloud-init[1086]: Cloud-init v. 0.7.7 finished at Fri, 25 Mar 2016 06:44:51 +0000. Datasource DataSourceNone.  Up 14.15 seconds
Mar 25 06:44:51 ns1 cloud-init[1086]: 2016-03-25 06:44:51,524 - cc_final_message.py[WARNING]: Used fallback datasource
Mar 25 06:44:51 ns1 systemd[1]: Started Execute cloud user/final scripts.
Mar 25 06:44:53 ns1 kernel: [   15.680040] br0: port 1(eth0) entered forwarding state

Ubuntu 15.10 test-server ttyS0

ns1 login: Mar 25 06:44:56 ns1 kernel: [   18.816034] br0: port 2(tap0) entered forwarding state

I suppose I could just start the service in a script after boot, but there must be a better way.

One strange behavior I've noticed that may be relevant is that starting the bride interface from the command line breaks DNS (the nameserver at 169.254.169.254 becomes unreachable), and future connections with the web-based ssh server fail (but continue working in putty).

Any help is much appreciated.

FuriousGeorge
  • 21
  • 3
  • 169.254.169.254 (metadata.google.internal) is [metadata](https://cloud.google.com/compute/docs/metadata) server for GCE instances. You will need to modify your configuration somehow to have routing to this IP address. – Kamran Mar 26 '16 at 00:48
  • My routes by default are like so: $ route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 10.250.0.1 0.0.0.0 UG 0 0 0 eth0 10.250.0.1 * 255.255.255.255 UH 0 0 0 eth0 – FuriousGeorge Mar 27 '16 at 01:30
  • My routes by default are like so: `$ route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 10.250.0.1 0.0.0.0 UG 0 0 0 eth0 10.250.0.1 * 255.255.255.255 UH 0 0 0 eth0`. I'm not an expert but it seems logical to me that the existing route to that server has to go through the gateway. Nonetheless, I added a route to 169.254.169.254 via br0 and eth0, and no change. – FuriousGeorge Mar 27 '16 at 01:40
  • I ran a traceroute before bringing up the bridge interface: `traceroute 169.254.169.254 traceroute to 169.254.169.254 (169.254.169.254), 30 hops max, 60 byte packets 1 metadata.google.internal (169.254.169.254) 0.487 ms 0.488 ms 0.491 ms`. I expected the first hop to be my gateway, tbh. – FuriousGeorge Mar 27 '16 at 01:48
  • If you were able to solve this, you can post the answer here for other community members who may be seeing this same issue. – Faizan Dec 19 '16 at 20:54
  • At the end of the day I just used tun, and set up the tap VPN elsewhere. – FuriousGeorge Dec 20 '16 at 00:27

1 Answers1

1

At the end of the day I simply set up a tun VPN, and put the tap VPN on my DPS.

FuriousGeorge
  • 21
  • 3