Site2Site routing: Can this be done with OPNsense?

Started by netizen, May 06, 2019, 12:05:12 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 06, 2019, 12:05:12 PM
Hello all

I have a server in a DataCenter which has been assigned a small network subnet.
I also have a home-based office (SOHO) with a good internet connection (fibre) and I'd like to transfer the traffic of some of the subnet IPs to my  SOHO so I can host some services there. At the SOHO I have only one static IP.

Assuming that I have one OPNsense on each end can I do this? I'm guessing that it can be done with a static VPN tunnel between the two locations however I'd like to avoid overheads and hence I'm looking for an alternative. From my reading I think BGP could possibly do that however I have no clue if this is possible.  ???

Can someone put some light on this please? Also, does the BGP require my 2 providers to do something or I can handle it only via the 2 OPNSense instances?

Any help is MUCH appreciated!
Thank you.
May 09, 2019, 08:59:41 AM #1
BGP with public IPs can only be routed with PI addresses (provider independent). As your /29 is static assigned this won't be an option. You could use BGP inside VPN to do dynamic routing, but this is not your problem.

First of all, which services do you want to offer from home via static IP from DC?

HTTP and TCP services could be offered via HAProxy in DC and the backend "farm" is located at your home. This wouldn't require a VPN if backend is HTTPS encrypted.

Print
Go Up Pages1
User actions