====== Nounours tunnels ====== Nounours (my main router) has a number of tunnels: - Tunnels to OZ7SAT at Amager - Tunnel 'home' - Interface: wg1 - Tunnel to Rigpi at Amager - Interface : wg2 ===== 1 - Tunnels to OZ7SAT ===== Two tunnels exist between Nounours and Amsat (The OZ7SAT group's SatNOGS groundstation at Amanger): - The main tunnel, the purpose of which is to enable management access to AMSAT - The backup tunnel, which primarily exists because the main tunnel that uses Wireguard from time to time stops working. It can then use the backup tunnel to access Amsat and remedy the situation. ==== The main tunnel ==== The main tunnel uses Wireguard: {{ :wireguard.jpg |}} == Configuration == The two ends have almost identical configurations found at /etc/systemd/network/wg0.net{dev|work} == Management == The tunnel interfaces are managed as part of systemd-networkd and will be brought up and down with the entire network. If needed an individual interface may be restarted (brought down and back up again) using these commands: ip link delete dev wg0 networkctl reload ==== The backup tunnel ==== The backup tunnel uses OpenVPN: {{ :openvpn.jpg?direct |}} == Configuration == Nounours: /etc/openvpn/server/server.conf Amsat /etc/openvpn/client/client.conf The client end runs continously whereas the server end at Nounours only runs as needed. == Management == Nounours: systemctl [start|stop|restart|status] openvpn-server@server.service Amsat: systemctl [start|stop|restart|status] openvpn-server@client.service ===== 2 - The tunnel 'home' ===== This interface is the endpoint for a tunnel from my laptop to Nounours. == Configuration == The Nounours configuration is found at /etc/systemd/network/wg1.net{dev|work} It uses IP addresses 172.19.0.1 (Nounours) and 172.19.0.2 (Laptop) ===== 3 - The tunnel to RigPi ===== The wg2 interface is the endpoint for a tunnel from Nounours to the RigPi unit located in Amager == Configuration == The Nounours configuration is found at /etc/systemd/network/wg2.net{dev|work} It uses IP addresses 172.20.0.1 (Nounours) and 172.20.0.2 (RigPi) Similarly, the RigPi configuration is located /etc/systemd/network/wg0.net{dev|work} on the RigPi.