4

Maybe this question has been answered somewhere before but I can’t seems to figure it out as yet. Lately I’m having some issues with my Ubuntu 20.04 server. I installed OpenVPN and I can successfully create a vpn tunnel with NordVPN. Problem is that when the tunnel is created the connection breaks down and I cannot ssh back into the server unless I add some ip routes. I found a solution for this: Assuming the server real ip is 185.230.125.107, I manually added the routes as follows:

sudo ip rule add from 185.230.125.107 table 128
sudo ip route add table 128 185.230.125.107/32 dev eno0
sudo ip route add table 128 default via 185.230.125.254

This works fine until reboot. After the machine restarts, I have to add those rules back in again. My question is this: How would I add these rules, making them persistent so at reboot they stay in place!? Where and how should I add them!? I read somewhere that I need to create some sort of a script in /etc/network/if-up.d but I have no idea how to make such a script. Please, is somebody willing to help!? I’d really appreciate that guys. Many thanks Nick

Jos
  • 30,529
  • 8
  • 89
  • 96
Nicola
  • 43

3 Answers3

3
  1. Hello mate, i cannot comment so i will try to answer here.
  2. There are few options to create a scheduled process to solve that problem.
  3. Here are two options:
    • crontab - wich is less fitting your problem.
    • making a service - wich is fitting your problem perfectly.
    • there might be more and a better ways to solve that problem.
  4. About crontab:
    • The crontab is a list of commands that you want to run on a regular schedule.
    • To add a command you want to schedule run you have to edit the crontab file with the command crontab -e.
    • you can use this site to help you calculate the interval you want to execute a specific command crontabCalculator
    • you can use this guide to figure your own crontab file crontabGuide
  5. The better option for my opinion is to create your own service.
    • when you create a service you can run it just as all the other services, that means that you can enable, disable, restart, start and all other options that coming with systemctl command.
    • you have to create your service as a text file and name it myServiceName.service.
    • then you have to locate that service in /etc/systemd/system/.
    • use this guide to have a service template howToMakeAServiceGuide.
    • after creating the service and locating him in the specific directory you can enable and start him by this commands: systemctl enable serviceName.service and systemctl start serviceName.service.
    • the service should start on any reboot so it might solve your problem.
  6. Edited after comments.
    • create a script with sudo nano /usr/local/sbin/SCRIPT_NAME.sh
    • example for a script with your commands:
    • #/bin/bash!
    • ip rule add from 185.230.125.107 table 128
    • ip route add table 128 185.230.125.107/32 dev eno0
    • ip route add table 128 default via 185.230.125.254
    • now give the script a execute permissions with chmod a+x SCRIPT_NAME.sh
    • now create a service with sudo nano /systemd/system/SERVICE_NAME.service
    • use that template: in the ExecStart field execute your script
Description=ROT13 demo service
After=network.target
StartLimitIntervalSec=0
[Service]
Type=simple
Restart=always
RestartSec=1
User=centos
ExecStart=/usr/local/sbin/./SCRIPT_NAME.sh

[Install]
WantedBy=multi-user.target
  1. Edited after comments two:
  2. To make sure your service is configured correctly follow this steps:
    • locate the service in /etc/systemd/system/LOCATE_HERE.service
    • give your script that running by the service the execute permission with sudo chmod a+x yourscript.sh
    • execute the command sudo systemctl daemon-reload to reload the new service.
    • execute the command sudo systemctl enable serviceName.service
    • execute the command sudo systemctl start serviceName.service
    • execute the command sudo systemctl status serviceName.service
    • if the service is running reboot your system.
    • after the reboot execute the command sudo systemctl status serviceName.service to check if the service is running.
    • images:
    • serviceExampleThatWorksForMe
    • howToStartTheServiceCommands
    • if all that solution is not working there might be a problem with the file type - check for solution here solutionForFileTypeError
CrazyTux
  • 458
0

You can definitely do this in Netplan. I just did it and confirmed persistence following a reboot. The Netplan official website's Examples page shows many examples of this.

Example:

  1. Edit your netplan config file (located in /etc/netplan/)

  2. Locate the interface where you want the route (ex. eth0)

  3. Locate the addresses section

  4. Add the routes keyword and route details under the addresses section

    routes:
   - to: default
     via: 1.1.1.254

  5. Save and close

  6. Type: sudo netplan generate (and press Enter)

  7. Type: sudo netplan apply (and press Enter)

  8. Test your route by pinging a known IP on the target network

TitaniumCoder477
  • 19
0

Here is what ended up working for me using netplan. Taking the IPs from your post, here is what you will do in /etc/netplan/*.yaml:

network:
    version: 2
    ethernets:
        eno0:
            ...
            routing-policy:
            - from: 185.230.125.107
              table: 128
            routes:
            -   to: 0.0.0.0/0
                via: 185.230.125.254
            -   to: default
                via: 185.230.125.254
                on-link: True
                table: 128
            -   to: 185.230.125.107/32
                on-link: True
                table: 128
            ...
            set-name: eno0

The things I was missing for a while was - to: default

GeneralJudy
  • 1