• Register
    • Login
    • Search
    • Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search

    Storage node behind NAT

    General Problems
    3
    7
    166
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tomhtil last edited by

      I’ve got a bit of an unusual problem in my setup.

      I need to run a master node and storage nodes for different segments of the network, in order to keep images in sync but be able to deploy them in any of three locations. Location 1 sits above Location 2 and 3 in the network architecture. 2 and 3 NAT up to 1.

      Location 1: 10.11.12.0/24 (WAN network)
      Location 2: 10.1.2.0/24 (LAN 1)
      Location 3: 10.1.2.0/24 (LAN 2)

      I managed to get the master running on 10.11.12.100, then set up a storage node in Location 2 on 10.1.2.100.
      I added TCP ports 20,21,22,80 to forward from the WAN address (10.11.12.1) of the Location 2 firewall to the storage node on 10.1.2.100.

      This allowed me to boot a machine in Location 2 from the storage node and register it with the master server.

      However when I try to capture an image the client tries to upload to the WAN address of the storage node as this is what is stored on the master, not the IP behind NAT on the LAN.

      I am limited in what else I can open on the firewall.

      Any suggestions on how best to manage this?

      1 Reply Last reply Reply Quote 0
      • Wayne Workman
        Wayne Workman @tomhtil last edited by

        @tomhtil said in Storage node behind NAT:

        @Sebastian-Roth is there an easy way to sync the database as well? I’d be happy with multi master setup if i could sync the images folder and the relevant config for just the images.

        Galera

        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
        Daily Clean Installation Results:
        https://fogtesting.fogproject.us/
        FOG Reporting:
        https://fog-external-reporting-results.fogproject.us/

        1 Reply Last reply Reply Quote 0
        • S
          Sebastian Roth Moderator last edited by

          @tomhtil Sure you could come up with a script using mysqldump and ssh I suppose.

          Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

          Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

          1 Reply Last reply Reply Quote 0
          • T
            tomhtil @Sebastian Roth last edited by

            @Sebastian-Roth is there an easy way to sync the database as well? I’d be happy with multi master setup if i could sync the images folder and the relevant config for just the images.

            Wayne Workman 1 Reply Last reply Reply Quote 0
            • S
              Sebastian Roth Moderator last edited by

              @tomhtil FOG was never designed to work in a complex network setup like NAT and the protocols used make it very hard, if not impossible. The suggestion on routing might now work.

              My suggestion is you disable the official FOG image syncing and use other means of manual sync like rsync over SSH.

              Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

              Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

              T 1 Reply Last reply Reply Quote 0
              • T
                tomhtil @Sebastian Roth last edited by

                @Sebastian-Roth thanks - I had come across that one while searching for a solution and the hairpin NAT is unlikely to be a workable option for my network as there would be too many ports to forward.

                I’ll try the static route idea on the server but given that its going the ‘wrong’ way through NAT (WAN to LAN) I don’t think the traffic will get passed.

                1 Reply Last reply Reply Quote 0
                • S
                  Sebastian Roth Moderator last edited by

                  @tomhtil You definitely want to read through this: https://forums.fogproject.org/topic/13385/replication-and-imaging-with-location-plugin

                  Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                  Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                  T 1 Reply Last reply Reply Quote 0
                  • 1 / 1
                  • First post
                    Last post

                  144
                  Online

                  10.4k
                  Users

                  16.4k
                  Topics

                  150.5k
                  Posts

                  Copyright © 2012-2023 FOG Project