Skip to content
This repository was archived by the owner on Feb 24, 2024. It is now read-only.

Add router option #62

Closed
wants to merge 2 commits into from
Closed

Add router option #62

wants to merge 2 commits into from

Conversation

dukzcry
Copy link
Contributor

@dukzcry dukzcry commented Dec 26, 2021
edited
Loading

Hi @alecbcs @hyprspace, nice project!
This PR adds possibility to optionally set one of the remote nodes as router / gateway and so allows to reach LAN networks behind the router or even use it as default gateway to forward Internet traffic via it.
In short it adds traditional VPN functional in addition to existing mesh functional.
Related issue #33

Examples
hs0.yaml

interface:
  address: 10.0.2.2/24
  router: 10.0.2.1
...

Access LAN network 10.0.0.0/24

$ ip route add 10.0.0.0/24 dev hs0
$ ping -c 1 10.0.0.1
PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.
64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=7.63 ms

Access Internet (remote node should have configured forwarding and NAT)

# 17.5.7.8 is the public address of remote node
# 192.168.0.1 is the local router
$ ip route add 17.5.7.8 via 192.168.0.1
$ ip route add default dev hs0 metric 1
$ curl ifconfig.me
17.5.7.8

@dukzcry
Copy link
Contributor Author

dukzcry commented Feb 3, 2022

ping @alecbcs

alecbcs
alecbcs reviewed Feb 3, 2022
View reviewed changes
Copy link
Owner

@alecbcs alecbcs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dukzcry thanks for rebasing this off of the recent updates to Hyprspace!

@Winterhuman
Copy link

@dukzcry (Not a dev) Just to ask, does this pull request account for if router: 10.0.0.1, ::1 is set so both ipv4 and ipv6 packets are routed? Also, huge thanks for making this pull request!

@dukzcry
Copy link
Contributor Author

dukzcry commented Mar 1, 2022

@LynHyper As I see current code of Hyprspace only works with IPv4 packets https://github.com/hyprspace/hyprspace/blob/main/cli/up.go#L191
Also you set router address to one of the remote peers address, it has not been confused with your local router address

@Winterhuman
Copy link

@dukzcry It seems you're right, I didn't realise the ipv6 patch from a while ago only dealt with the ipv6 ip-addresses of the Hyprspace devices and not the internal ip-addresses, I'll probably open an issue for internal ipv6 support soon.

The reason I brought this up is because https://www.wireguard.com mentions that setting a peer as an ipv6 router, even in an ipv4-only VPN, is important to prevent ipv6 packets bypassing the router peer. Supporting ipv6 router addresses, even if Hyprspace's peers can't actually have an ipv6 address, would help address this problem.

@agustim agustim mentioned this pull request Aug 24, 2022
Open
@dukzcry dukzcry closed this Dec 10, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@alecbcs alecbcs alecbcs left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dukzcry @Winterhuman @alecbcs