Forward 5 public ip to ip in lan

[DavideCruccolini]

Hi everyone, I have been using this fantastic system for some time now and I must say that I am very satisfied. But now I have a new need, I would like to use my public ip to hijack them directly on some ip of my lan. But I would like to make sure that the nat was eliminated, in practice I would like the public IP to be intended directly on the LAN machine. It would be possible?

Thanks

[ascomputer]

hi Ysurac, is there any news for this alternative ip problem for omr-bypass?

[Ysurac]

iptables rules seems ok. What is the result of ipset --list ?

[ascomputer]

iptables rules seems ok. What is the result of ipset --list ?

and this!

root@OpenMPTCProuter:~# ipset --list Name: ss_rules_src_bypass Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 3 Number of entries: 0 Members:

Name: ss_rules_src_forward Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 512 References: 3 Number of entries: 1 Members: 192.168.100.193

Name: ss_rules_src_checkdst Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 3 Number of entries: 0 Members:

Name: ss_rules_dst_bypass_all Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 13 Number of entries: 0 Members:

Name: ss_rules_dst_bypass Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 7 Number of entries: 0 Members:

Name: ss_rules_dstbypass Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 1728 References: 4 Number of entries: 21 Members: 192.0.2.0/24 169.254.0.0/16 207.180.225.203 192.52.193.0/24 192.31.196.0/24 198.51.100.0/24 127.0.0.0/8 10.0.0.0/8 164.68.121.61 192.0.0.0/24 0.0.0.0/8 198.18.0.0/15 240.0.0.0/4 100.64.0.0/10 172.16.0.0/12 192.88.99.0/24 192.175.48.0/24 192.168.0.0/16 224.0.0.0/4 255.255.255.255 203.0.113.0/24

Name: ss_rules_dst_forward Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 3 Number of entries: 0 Members:

Name: ss_rules_dst_forwardrecentrst Type: hash:ip Revision: 4 Header: family inet hashsize 64 maxelem 65536 timeout 3600 Size in memory: 200 References: 0 Number of entries: 0 Members:

Name: ss_rules6_src_bypass Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 1 Number of entries: 0 Members:

Name: ss_rules6_src_forward Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 1 Number of entries: 0 Members:

Name: ss_rules6_src_checkdst Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 1 Number of entries: 0 Members:

Name: ss_rules6_dst_bypass Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 2 Number of entries: 0 Members:

Name: ss_rules6_dst_bypass_all Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 4 Number of entries: 0 Members:

Name: ss_rules6_dstbypass Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1568 References: 1 Number of entries: 3 Members: ::1 fe80::/10 fd00::/8

Name: ss_rules6_dst_forward Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 1 Number of entries: 0 Members:

Name: ss_rules6_dst_forwardrecrst Type: hash:ip Revision: 4 Header: family inet6 hashsize 64 maxelem 65536 timeout 3600 Size in memory: 208 References: 0 Number of entries: 0 Members:

Name: omr_dscp-cs0 Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 4 Number of entries: 0 Members:

Name: omr_dscp6-cs0 Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 4 Number of entries: 0 Members:

Name: omr_dscp-cs1 Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 4 Number of entries: 0 Members:

Name: omr_dscp6-cs1 Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 4 Number of entries: 0 Members:

Name: omr_dscp-cs2 Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 512 References: 4 Number of entries: 1 Members: 216.239.32.10

Name: omr_dscp6-cs2 Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1344 References: 4 Number of entries: 1 Members: 2001:4860:4802:32::a

Name: omr_dscp-cs3 Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 4 Number of entries: 0 Members:

Name: omr_dscp6-cs3 Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 4 Number of entries: 0 Members:

Name: omr_dscp-cs4 Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 4 Number of entries: 0 Members:

Name: omr_dscp6-cs4 Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 4 Number of entries: 0 Members:

Name: omr_dscp-cs5 Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 4 Number of entries: 0 Members:

Name: omr_dscp6-cs5 Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 4 Number of entries: 0 Members:

Name: omr_dscp-cs6 Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 4 Number of entries: 0 Members:

Name: omr_dscp6-cs6 Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 4 Number of entries: 0 Members:

Name: omr_dscp-cs7 Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 4 Number of entries: 0 Members:

Name: omr_dscp6-cs7 Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 4 Number of entries: 0 Members:

Name: omr_dscp-ef Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 4 Number of entries: 0 Members:

Name: omr_dscp6-ef Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 4 Number of entries: 0 Members:

Name: omr_dst_bypass_all Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 512 References: 4 Number of entries: 1 Members: 207.180.225.203

Name: omr6_dst_bypass_all Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 0 Number of entries: 0 Members:

Name: omr_dst_bypass_lo Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 4 Number of entries: 0 Members:

Name: omr6_dst_bypass_lo Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 0 Number of entries: 0 Members:

Name: omr_dst_bypass_eth0 Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 4 Number of entries: 0 Members:

Name: omr6_dst_bypass_eth0 Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 0 Number of entries: 0 Members:

Name: omr_dst_bypass_eth1 Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 640 References: 4 Number of entries: 3 Members: 104.28.19.94 172.67.133.228 104.28.18.94

Name: omr6_dst_bypass_eth1 Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 0 Number of entries: 0 Members:

Name: omr_dst_bypass_eth2 Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 4 Number of entries: 0 Members:

Name: omr6_dst_bypass_eth2 Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 0 Number of entries: 0 Members:

Name: omr_dst_bypass_eth3 Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 4 Number of entries: 0 Members:

Name: omr6_dst_bypass_eth3 Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 0 Number of entries: 0 Members:

Name: omr_dst_bypass_eth4 Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 4 Number of entries: 0 Members:

Name: omr6_dst_bypass_eth4 Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 0 Number of entries: 0 Members:

Name: omr_dst_bypass_tun0 Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 4 Number of entries: 0 Members:

Name: omr6_dst_bypass_tun0 Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 0 Number of entries: 0 Members:

Name: omr_dst_bypass_gre4-omrip0gre Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 4 Number of entries: 0 Members:

Name: omr6_dst_bypass_gre4-omrip0gre Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 0 Number of entries: 0 Members:

Name: omr_dst_bypass_gre4-omrip1gre Type: hash:net Revision: 6 Header: family inet hashsize 64 maxelem 65536 Size in memory: 448 References: 4 Number of entries: 0 Members:

Name: omr6_dst_bypass_gre4-omrip1gre Type: hash:net Revision: 6 Header: family inet6 hashsize 64 maxelem 65536 Size in memory: 1232 References: 0 Number of entries: 0 Members: root@OpenMPTCProuter:~#

[Ysurac]

ok, I have the same data and it's working for me. I don't know where can be the problem for now...

[ascomputer]

hi Ysurac, have you thought about what could be that omr-bypass doesn't work with alternative ip? I want to tell you that I also noticed a strange thing, the client who comes out with the second ip does not use the 4 wans but sometimes uses 2 and sometimes 1. while the client that has no exit rule therefore comes out with the first ip of the dedicated server (no vps) uses the 4 wan and omr-bypass is also very good ... I hope you pass help me in this thing.

[Ysurac]

As omr-bypass is working for me even after 2 fresh install, no idea why it's not working for you. I also have no speed issues, all wans are used with alternate IPs. How do you check wans used ?

[ascomputer]

I check the wans from mptcp Realtime Traffic maybe I'm wrong to do the configuration? I'm going crazy

[ascomputer]

hi ysurac, i think i'm wrong the configuration of the client that has to go out on the second ip of the server, so could you tell me ip of the client where should i put it? thank you

[Ysurac]

In "Src ip/net forward", in the "Source Settings" tab of Shadowsocks redirect rules. And "Local-out default", "Src default" and "Dst default" must be set to "bypass" (it's the default in new versions).

[ascomputer]

I have configured as you can see in the photos ... is it wrong?

[Ysurac]

This looks good.

[ascomputer]

if it is right then I am unlucky :-) because the second ip of the server still does not work with omr-bypass. Thanks again

[ascomputer]

Hello Ysurac, I did all the possible tests but I can't get the omr-bypass to go with the second server ip ... I can ask you (private) advice I leave you my email as.computer@libero.it i should also use other server ips in the future ... let me know if it is possible. thank you

[Adorfer]

Please help me to unterstand the status of the discussion? Is this still about "forward of multiple public ip to lan" or "OMR bypass issues on non-primary public ip"

[ascomputer]

Please help me to unterstand the status of the discussion? Is this still about "forward of multiple public ip to lan" or "OMR bypass issues on non-primary public ip"

hi, OMR bypass issues on non-primary public ip i don't understand if it's a server or router problem. adorfer to you does omr-bypass work with the second ip of the server or vps?

[ascomputer]

I also read the VPS Multi IPs guide but orm-bypass doesn't work using alternative ip ... does anyone have any ideas for me?

[Kaffeine75]

Hello,

First of all, thanks Ycarus for OMR. I use your solution great since 2018 :).

I have recently add second IP to my VPS for to give Public IP Fullstack to one of my internal server.

My config : VPS (VM Proxmox hosted in Scaleway): Debian 10 with 0.1020 5.4.65-mptcp and two networks cards (ens18 <-- ip1 + ens19 <-- ip2) OMR: NUC Intel x86-64 (64-bits) ext4 image (EFI) 56.3 VPN: Glorytun TCP

I have read integrality of this issue and I have followed steps indicate on the doc: https://github.com/Ysurac/openmptcprouter/wiki/VPS-Multi-IPs

Everything is ok on my primary IP and all status is green.

{ "port": 65500, "users": [ { "admin": { "username": "admin", "user_password": "xxxxxxx", "permissions": "admin", "disabled": false }, "openmptcprouter": { "username": "openmptcprouter", "user_password": "xxxxxxxx", "shadowsocks_port": 65101, "disabled": false, "lanips": [ "192.168.100.1/255.255.255.0" ], "vpnremoteip": "10.255.255.2", "vpnlocalip": "10.255.255.1", "ula": "xxxx:xxxx:xxxx::/48", "vpn": "glorytun_tcp", "gre_tunnels": { "gre-user0-ip0": { "shadowsocks_port": "65102", "local_ip": "10.255.249.1", "remote_ip": "10.255.249.2", "public_ip": "xx.xx.xx.1" }, "gre-user0-ip1": { "shadowsocks_port": "65103", "local_ip": "10.255.249.5", "remote_ip": "10.255.249.6", "public_ip": "xx.xx.xx.2" } }, "v2ray": { "key": "xxxxx", "port": "65228" } } } ], "debug": false, "allips": [ "xx.xx.xx.1", "xx.xx.xx.2" ], "ipv4": "xx.xx.xx.1", "hostname": "ano.host.my", "lastchange": 1604197314.7052019 }

On my internal server:

• internal server --> outside --> second ip is ok (ifconfig.co return well my second IP)
• outside --> internal server --> not work

My second IP come well to the VPS but the VPS not transport datas to OMR.

Is there a few more things to do to send all the ports from the second IP to my internal server?

Thanks. Kaffeine

[MTSmash-TMP-Networks]

I have the same problem.... Outside okay, Inside blocked....

[github-actions[bot]]

This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 5 days