Open karser opened 4 years ago
Please see https://www.weave.works/docs/net/latest/faq/ for the details on the ports to be opened. If you are using encryption then ESP traffic should be permitted as well.
Have you tried without port forwarding by directly launching weave on A1 with public IP of A2 as peer? Please see https://www.weave.works/docs/net/latest/overview/#nat-traversal Weave can work though NAT, though it will will use only sleeve.
Thank you for your response @murali-reddy
Have you tried without port forwarding by directly launching weave on A1 with public IP of A2 as peer?
That's exactly how I launched it. The A2 server has public IP, so it's in direct visibility.
A2# cat /etc/sysconfig/weave
PEERS="127.0.0.1:16783"
A1# cat /etc/sysconfig/weave
PEERS="<A2 PUBLIC IP>"
The overview of net-traversal is great, but how can I use it in practice? What IP should I specify on A2 server to reach A1 without port forwarding? Now it's 127.0.0.1:16783
?
What IP should I specify on A2 server to reach A1 without port forwarding? Now it's 127.0.0.1:16783?
You can keep the connection in one direction only. Meaning just launch weave on A2 without any peers. Pods across A1, A2 can communicate in sleeve
mode
What you expected to happen?
So I have 2 servers, let's call them A1 (behind NAT) and A2 (has publicly available IP address). My goal is to achieve 100% peers compatibility as if the server A1 had public IP.
How to reproduce it?
I setup a script on A1 which forwards TCP port though ssh connection
So that I can reach A1 from A2 now:
Great, let's add A1 server to the A2 peers:
Let's see if A2 sees A1 as a peer:
So far it seems to be working. Let's finally test pings:
Here are the questions I have:
I'm going to forward UDP/6783 using this approach http://zarb.org/~gc/html/udp-in-ssh-tunneling.html but the question 2 stops me.
I was able to specify a single port in
PEERS="127.0.0.1:16783"
. How can I specify the other forwarded ports?I understand that A2->A1 ping requires UDP traffic forwarding. But why A1->A2 ping doesn't work? A2 server has public IP and ports are not restricted.
Please, answer my questions or push me to the right direction.
Versions:
$ weave version weave script 2.6.0
$ docker version 18.09.3
$ uname -a Linux 4.4.127-mainline-rev1 #1 SMP Sun Apr 8 10:38:32 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux