I've just installed the CloudFlare client + GUI on Ubuntu,that I have virtualized with bhyve (the FreeBSD hypervisor). Cloudflare does not work on FreeBSD. The instructions that I have followed are located here :
installing it in this way,it will run only on the IP assigned to Ubuntu inside the VM. For me the IP of FreeBSD is different from the IP assigned to Ubuntu. Configured in this way it's not useful.
I want Cloudflare to take the IP address of FreeBSD.
To achieve this goal,I should change the network configuration of Ubuntu and FreeBSD. In this specific post,I want to ask help for the Ubuntu part.
I can explain how I have configured my network,so you can explain what I should change to have the same IP.
For example,to boot Ubuntu with bhyve,I use the following parameter :
-s 13,virtio-net,tap19 \
/etc/rc.conf :
ifconfig_em0="DHCP"
local_unbound_enable="YES"
cloned_interfaces="bridge0 tap0 tap1 tap2 tap3 tap4 tap5 tap6 tap7 tap8 tap9 tap10 tap11 tap12 tap13 tap14 tap15 tap16 tap17 tap18 tap19 tap20 em0"
ifconfig_bridge0="addm em0 addm tap0 addm tap1 addm tap2 addm tap3 addm tap4 addm tap5 addm tap6 addm tap7 addm tap8 addm tap9 addm tap10 addm tap11 addm tap12 addm tap13 addm tap14 addm tap15 addm tap16 addm tap17 addm tap18 addm tap19 addm tap20"
/boot/loader.conf
if_tap_load="YES"
if_bridge_load="YES"
bridgestp_load="YES"
/etc/sysctl.conf
net.link.tap.up_on_open=1
net.inet.ip.forwarding=1
net.inet.ip.random_id=1
On the FreeBSD-net ML someone suggested me the method to follow :
You can set the ip if the Ubuntu machine as the default route on the freeBSD host. This will take all the traffic oroginating in freeBSD host through the warp-tunnel. And configure a DNAT iptables rule in the Ubuntu machine to return the traffic back to freeBSD machine. This way you could utilize the warp-cloud flare tunnel from the freeBSD host even though it runs on the Ubuntu guest. And both have different IPs.
Following that method,this is what I did :
on FreeBSD :
/etc/rc.conf :
ifconfig_em0="inet 192.168.1.5 netmask 255.255.255.0"
defaultrouter="192.168.1.10"
on Ubuntu :
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A PREROUTING -t nat -p tcp -d 192.168.1.10 -j DNAT --to-destination 192.168.1.5
iptables -A POSTROUTING -t nat -o enp0s13 -j MASQUERADE
warp-cli connect
What's the problem ? that I have the connection Inside the Ubuntu VM,but not in FreeBSD.
And configure a DNAT iptables rule in the Ubuntu machine to return the traffic back to freeBSD machine.
I don't know how things work in BSDs, but I think he really meant SNATing the traffics from BSD (that go out of the warp tunnel interface), so that implicit "reverse DNAT" would be applied on replying traffics for the BSD. In other words, you don't need aDNAT
rule, and the-o
match in theMASQUERADE
rule should be for set to the warp tunnel interface.I want Cloudflare to take the IP address of FreeBSD.
I don't know much about cloudflare warp, but if you are talking about like having two "CGNAT IP" bind to one tunnel or "device" (pretty much the best you can have, if possible at all), I'm quite sure you would need to mess with the settings / device registrations at the cloudflare side. But in that case, NAT is not what you need, but some sort of quirky routing setup. (And I'm not sure if there would be any point.)