Yesterday I rebooted our kvm server (added more rams) and now it will not accept connections from our VPN subnet. The VPN is working just fine as we can connect to any other resource on the network with it, we can even ssh into other servers and then ssh to the kvm server just fine.
I am assuming it's a routing issue on the kvm server itself, but I am also no good at networking as a whole so I could be off. So here is what I see on our kvm server right now.
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.1.1 0.0.0.0 UG 0 0 0 eno1
10.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eno1
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
colomboj@llamaU:/etc/network$ sudo ip route add default via 10.0.1.1
RTNETLINK answers: File exists
colomboj@llamaU:~$ ifconfig
eno1 Link encap:Ethernet HWaddr a0:d3:c1:f9:2c:b0
inet addr:10.0.1.26 Bcast:10.255.255.255 Mask:255.0.0.0
inet6 addr: fe80::a2d3:c1ff:fef9:2cb0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:463789 errors:0 dropped:0 overruns:0 frame:0
TX packets:86171 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:67782472 (67.7 MB) TX bytes:61790310 (61.7 MB)
Interrupt:26
eno4 Link encap:Ethernet HWaddr a0:d3:c1:f9:2c:b3
inet6 addr: fe80::a2d3:c1ff:fef9:2cb3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:22676675 errors:0 dropped:0 overruns:0 frame:0
TX packets:14416066 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:30904818494 (30.9 GB) TX bytes:6309304520 (6.3 GB)
Interrupt:27
kbeno4 Link encap:Ethernet HWaddr a0:d3:c1:f9:2c:b3
inet6 addr: fe80::a2d3:c1ff:fef9:2cb3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:387211 errors:0 dropped:182 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:44493132 (44.4 MB) TX bytes:1008 (1.0 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:275064 errors:0 dropped:0 overruns:0 frame:0
TX packets:275064 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:91186474 (91.1 MB) TX bytes:91186474 (91.1 MB)
virbr0 Link encap:Ethernet HWaddr 52:54:00:bd:87:0d
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
vnet0 Link encap:Ethernet HWaddr fe:54:00:72:a6:d8
inet6 addr: fe80::fc54:ff:fe72:a6d8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:211823 errors:0 dropped:0 overruns:0 frame:0
TX packets:852803 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:96807081 (96.8 MB) TX bytes:733415057 (733.4 MB)
vnet1 Link encap:Ethernet HWaddr fe:54:00:11:5c:71
inet6 addr: fe80::fc54:ff:fe11:5c71/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2058089 errors:0 dropped:0 overruns:0 frame:0
TX packets:2186016 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4622600708 (4.6 GB) TX bytes:766854534 (766.8 MB)
vnet2 Link encap:Ethernet HWaddr fe:54:00:6c:ce:79
inet6 addr: fe80::fc54:ff:fe6c:ce79/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9832831 errors:0 dropped:0 overruns:0 frame:0
TX packets:17156907 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1373470104 (1.3 GB) TX bytes:26093755232 (26.0 GB)
vnet3 Link encap:Ethernet HWaddr fe:54:00:2c:67:4c
inet6 addr: fe80::fc54:ff:fe2c:674c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2361 errors:0 dropped:0 overruns:0 frame:0
TX packets:373687 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:167606 (167.6 KB) TX bytes:56511156 (56.5 MB)
vnet4 Link encap:Ethernet HWaddr fe:54:00:f9:58:e3
inet6 addr: fe80::fc54:ff:fef9:58e3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:92247 errors:0 dropped:0 overruns:0 frame:0
TX packets:565562 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6333769 (6.3 MB) TX bytes:347518136 (347.5 MB)
vnet5 Link encap:Ethernet HWaddr fe:54:00:3d:a4:3a
inet6 addr: fe80::fc54:ff:fe3d:a43a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:606896 errors:0 dropped:0 overruns:0 frame:0
TX packets:2258186 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:49613137 (49.6 MB) TX bytes:2981105002 (2.9 GB)
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eno1
iface eno1 inet dhcp
auto kbeno4
iface kbeno4 inet manual
bridge_ports eno4
The topology of the network looks something like this 10.0.1.1 is the Router running pfsense and that is where the openVPN server is as well
10.0.2.1 is the openVPN gateway and that .2.x subnet is where our VPN clients are found
10.0.1.26 is the kvm server we can't access from the .2.x subnet
So I'm looking for a little guidance on how to get this fixed, because it's not cool having to triple hop our way to a VM to do maintenance amiright!
That says that for this device to send data to the
10.0.2.0
subnet (netmask 255.255.255.0
), it has go through the10.0.1.1
gateway.