meshboi icon indicating copy to clipboard operation
meshboi copied to clipboard

Published 20 hours ago verified publisher icon samvrlewis

Does Meshboi support advertizing/routing Mesh Node "subnets" over the Mesh?

Open bmullan opened this issue 2 years ago • 3 comments

Some Mesh VPN tools I've used (VPNCloud & Nebula) support the capability to build the "mesh" across multiple Server Nodes (local, cloud or hybrid).

They also support "routing" a Mesh Node's subnets across the Mesh. Does Meshboi support that capability?

This is particularly useful for Server Nodes that "host" Containers (Docker & LXD in my Use-Case). Containers on any "Host/Server" run on non-routeable 10.x.x.x subnets.

So having any particular Server/Host configured as part of a Mesh VPN keeps the overall Mesh Config simple by not also having to configure each and every Container.

thanks Brian

bmullan avatar Jul 24 '22 12:07 bmullan

bump? Can Meshboi route a node's subnets (for instance like a Container subnet to/from the Mesh VPN

bmullan avatar Dec 12 '23 16:12 bmullan

Hey @bmullan , to make sure I understand, are you saying something like this?

+-------+       +-----------+       +-------+       +-----------+       +--------+
| LAN A | <---> | Meshboi A | <---> | Mesh  | <---> | Meshboi B | <---> |  LAN B |
+-------+       +-----------+       +-------+       +-----------+       +--------+

And you want nodes on LAN A to be able to talk to LAN B? I think this would be doable with the right routing setup on both of the meshboi instances.

I do have to ask though, what are you trying to achieve here? I'll stress that meshboi is really just for learning purposes, I wouldn't recommend running anything production/serious on it. :)

samvrlewis avatar Dec 21 '23 04:12 samvrlewis

Containers usually run in their own 10.x.x.x network.

I use LXD "system" containers running Ubuntu or Centos.

So I use Wireguard kernel on the Host server w LXD Containers behind a Nat'd bridge named LXDBR0 (10.x.x.x)

I configure wireguard w "Allowed IPs" including the LXDBR0 Bridge IP.

That by "default" includes all LXD Containers -or- VMs in the Mesh VPN

On Wed, Dec 20, 2023, 11:13 PM Sam Lewis @.***> wrote:

Hey @bmullan https://github.com/bmullan , to make sure I understand, are you saying something like this?

+-------+ +-----------+ +-------+ +-----------+ +--------+ | LAN A | <---> | Meshboi A | <---> | Mesh | <---> | Meshboi B | <---> | LAN B | +-------+ +-----------+ +-------+ +-----------+ +--------+

And you want nodes on LAN A to be able to talk to LAN B? I think this would be doable with the right routing setup on both of the meshboi instances.

I do have to ask though, what are you trying to achieve here? I'll stress that meshboi is really just for learning purposes, I wouldn't recommend running anything production/serious on it. :)

— Reply to this email directly, view it on GitHub https://github.com/samvrlewis/meshboi/issues/3#issuecomment-1865450806, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAM23J6JPTU5YTEVUYJI7GTYKOZN3AVCNFSM54PS4MD2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TCOBWGU2DKMBYGA3A . You are receiving this because you were mentioned.Message ID: @.***>

bmullan avatar Dec 21 '23 19:12 bmullan