1

Hopefully this is a quick fix that someone can help me out with. I have spun up some droplets & enabled private networking. They communicate with each other with no issues. The current subnet let's say is:

10.12.0.0/24

I would love some help with creating a custom subnet for droplets to communicate over on the private network at say:

10.14.0.0/24

If both subnets could be kept in place that would be great.

I have tried adding additional IP addresses to the lan interfaces (in this case, eth1 since the droplets are running Ubuntu) on my droplets and routing appear correct when I check route -n (custom subnet has the settings that mimic the default private subnet exactly); iptables rules are also present to pass/accept traffic from the custom subnet but I get no joy when trying to ping between droplets.

I hope what I'm trying to do is clear enough but I'll gladly supply more detail if it is needed. I just thought I should check if there is a limitation of sorts with the DO infrastructure in case I'm wasting time doing something that isn't possible.

twmbx
  • 13
  • 1
  • 5
  • 1
    Don't use other people's public IP address ranges. Use RFC1918 ranges instead. – Michael Hampton Oct 07 '18 at 20:50
  • Thanks @MichaelHampton I've updated the question; I am using RFC1918 ranges. I didn't think through my example well enough when I was writing the question. Hope it helps. – twmbx Oct 07 '18 at 21:08
  • Can you please provide the real subnet size? /32 is impossible (because it's not network but a single IP not being able to communicate). If you get provided a /24 subnet for example you can subdivide it but to have a different net you would need to contact your provider. E. g. if You have a 10.10.10.0/24 net you could subdivide it into 10.10.10.0/27 - 10.10.10.224/27, each net containing 30 Host IPs +1 net IP + 1 Broadcast IP = 32 IPs per subnet, a total 8 subnets. Or if you use /25 you can subdivide into 2 nets with 126 hosts each. – Broco Oct 08 '18 at 07:28
  • I've updated the question with real subnet size. However I have had feedback from digital ocean which I will use to answer the question. – twmbx Oct 14 '18 at 09:30
  • Have you considered setting up a VPN? If security isn't an issue you could also make do with IP in IP tunnels [ip-tunnel(8)](http://man7.org/linux/man-pages/man8/ip-tunnel.8.htm). – Torin Oct 14 '18 at 09:56

1 Answers1

0

I received feedback from digital ocean regarding this & at present time one is unable to use custom subnets & IPs to communicate over the private LAN on DO infrastructure. I believe that if they did support it then adding additional IPs and appropriate routing table info would just work.

Feedback from my support request to digital ocean is quoted below.

Sorry for any inconvenience it may cause but at this time there is not any way to acquire a different or an additional private IP address for a Droplet. If this is a feature you would like to see added we recommend sharing it on our ideas page which is available at https://ideas.digitalocean.com . This way we can gather input from the community and get a better insight into what users are requesting.

This may obviously change in the future. I have resolved to experiment with OpenVPN to try achieve my desired setup.

twmbx
  • 13
  • 1
  • 5