add do not use 10.0.0.0 privae lan in GCP

2019-08-16 10:36:54 +08:00
parent 2a946fe47b
commit 99aa15344f
111 changed files with 6387 additions and 2693 deletions
--- a/public/post/index.html
+++ b/public/post/index.html
@@ -90,6 +90,180 @@
            
    
    
+        <div class="article-wrapper u-cf">
+            
+                <a class="bubble" href="/post/do-no-use-10-0-0-0-private-ipaddr-in-gcp/">
+    <i class="fa fa-fw fa-pencil"></i>
+</a>
+
+<article class="default article">
+    
+    <div class="featured-image">
+        <a href="/post/do-no-use-10-0-0-0-private-ipaddr-in-gcp/">
+            <img src="/images/post-default-8.jpg" alt="">
+        </a>
+    </div>
+
+
+    <div class="content">
+    <h3><a href="/post/do-no-use-10-0-0-0-private-ipaddr-in-gcp/">[筆記] 在gcp 中用wireguard建立VPN時，不要用 10.0.0.0/16 網段/Do No Use 10 0 0 0 Private Ipaddr in GCP</a></h3>
+    <div class="meta">
+        
+            
+                <span class="date moment">2019-08-16</span>
+            
+        
+
+        
+
+        
+            <span class="categories">
+                
+                    <a href="/categories/%E7%AD%86%E8%A8%98">筆記</a>
+                
+            </span>
+        
+
+        
+            <span class="author"><a href="/author/eric-chang">Eric Chang</a></span>
+        
+    </div>
+
+    
+        <p>最近一直在玩 wireguard ，先前把各個分公司和總部的VPN 改用 wireguard 建立</p>
+
+<p>想說再打個VPN tunnel 來當跳板連 ptt 好了</p>
+
+<p>因為wireguard 建立很簡單，而且又可以指定想要繞出去的路由，不會影響原本的網路環境</p>
+
+<p>本來是在vultr 的VPS上面建立這個tunnel</p>
+
+<p>但是那台VPS連去ptt 很頓，卡卡的</p>
+
+<p>所以改用google cloud platform 的free tier 來做</p>
+
+<p>反正只是拿來當跳板，不會有什麼流量、運算產生，可以一直保持免費的狀態</p>
+
+<p></p>
+
+        
+            <a href="/post/do-no-use-10-0-0-0-private-ipaddr-in-gcp/" class="more"></a>
+        
+    
+</div>
+
+    
+<div class="footer">
+
+
+    
+        <div class="tags">
+            <i class="fa fa-tags"></i>
+            <div class="links">
+                
+                    <a href="/tags/vpn">vpn</a>
+                
+                    <a href="/tags/wireguard">wireguard</a>
+                
+            </div>
+        </div>
+    
+
+    
+</div>
+
+</article>
+
+            
+        </div>
+    
+        <div class="article-wrapper u-cf">
+            
+                <a class="bubble" href="/post/multiple-site-to-site-vpn-using-wireguard/">
+    <i class="fa fa-fw fa-pencil"></i>
+</a>
+
+<article class="default article">
+    
+    <div class="featured-image">
+        <a href="/post/multiple-site-to-site-vpn-using-wireguard/">
+            <img src="/images/post-default-10.jpg" alt="">
+        </a>
+    </div>
+
+
+    <div class="content">
+    <h3><a href="/post/multiple-site-to-site-vpn-using-wireguard/">[筆記] 透過 wireguard 建立多點 site to site VPN / Multiple Site to Site VPN Using Wireguard</a></h3>
+    <div class="meta">
+        
+            
+                <span class="date moment">2019-08-13</span>
+            
+        
+
+        
+
+        
+            <span class="categories">
+                
+                    <a href="/categories/%E7%AD%86%E8%A8%98">筆記</a>
+                
+            </span>
+        
+
+        
+            <span class="author"><a href="/author/eric-chang">Eric Chang</a></span>
+        
+    </div>
+
+    
+        <p>因為實在受夠了現在用的 openwrt + strongswan 建立 IPSec VPN</p>
+
+<p>雖然說其實沒有什麼不好，但是畢竟不是我建立的，而當初的文件也都不見了</p>
+
+<p>完全沒辦法了解當時設計的邏輯，造成後續debug 困難</p>
+
+<p>可以想像一下，一台VPN router ping 不到remote、ping不到internet、甚至ping不到自己 是要怎麼debug !?(翻桌</p>
+
+<p>之前買了兩台edgerouter X 拿來玩了一下 wireguard，感覺還不錯，不過只有測試到點對點</p>
+
+<p>這次試試看躲在gateway後面，看看能不能建立多點的VPN環境</p>
+
+<p></p>
+
+        
+            <a href="/post/multiple-site-to-site-vpn-using-wireguard/" class="more"></a>
+        
+    
+</div>
+
+    
+<div class="footer">
+
+
+    
+        <div class="tags">
+            <i class="fa fa-tags"></i>
+            <div class="links">
+                
+                    <a href="/tags/vpn">vpn</a>
+                
+                    <a href="/tags/ubuntu">ubuntu</a>
+                
+                    <a href="/tags/wireguard">wireguard</a>
+                
+            </div>
+        </div>
+    
+
+    
+</div>
+
+</article>
+
+            
+        </div>
+    
        <div class="article-wrapper u-cf">
            
                <a class="bubble" href="/post/site-to-site-vpn-using-wireguard-in-two-edgerouters/">
@@ -746,170 +920,6 @@
    

    
-</div>
-
-</article>
-
-            
-        </div>
-    
-        <div class="article-wrapper u-cf">
-            
-                <a class="bubble" href="/post/transfer-file-content-using-xclip-in-terminal/">
-    <i class="fa fa-fw fa-pencil"></i>
-</a>
-
-<article class="default article">
-    
-    <div class="featured-image">
-        <a href="/post/transfer-file-content-using-xclip-in-terminal/">
-            <img src="/images/post-default-11.jpg" alt="">
-        </a>
-    </div>
-
-
-    <div class="content">
-    <h3><a href="/post/transfer-file-content-using-xclip-in-terminal/">Transfer File Content Using Xclip in Terminal</a></h3>
-    <div class="meta">
-        
-            
-                <span class="date moment">2019-05-17</span>
-            
-        
-
-        
-
-        
-            <span class="categories">
-                
-                    <a href="/categories/linux">linux</a>
-                
-            </span>
-        
-
-        
-            <span class="author"><a href="/author/eric-chang">Eric Chang</a></span>
-        
-    </div>
-
-    
-        <p>工作上常會需要用ssh登入遠端主機檢查LOG，有必要的時候，還要把log複製回本機來處理。</p>
-
-<p>以前都是傻傻的用 scp 傳檔案</p>
-
-<p>之前就記得有這個xclip/xsel 可以用，但是一直沒有弄清楚怎麼執行</p>
-
-<p>早上研究了一下，順便做個筆記。</p>
-
-<p></p>
-
-        
-            <a href="/post/transfer-file-content-using-xclip-in-terminal/" class="more"></a>
-        
-    
-</div>
-
-    
-<div class="footer">
-
-
-    
-        <div class="tags">
-            <i class="fa fa-tags"></i>
-            <div class="links">
-                
-                    <a href="/tags/linux">linux</a>
-                
-            </div>
-        </div>
-    
-
-    
-</div>
-
-</article>
-
-            
-        </div>
-    
-        <div class="article-wrapper u-cf">
-            
-                <a class="bubble" href="/post/inx-collect-detail-hardware-info/">
-    <i class="fa fa-fw fa-pencil"></i>
-</a>
-
-<article class="default article">
-    
-    <div class="featured-image">
-        <a href="/post/inx-collect-detail-hardware-info/">
-            <img src="/images/post-default-10.jpg" alt="">
-        </a>
-    </div>
-
-
-    <div class="content">
-    <h3><a href="/post/inx-collect-detail-hardware-info/">[筆記] inxi 蒐集詳盡的硬體資訊 / inxi Collect Detail Hardware Info</a></h3>
-    <div class="meta">
-        
-            
-                <span class="date moment">2019-04-23</span>
-            
-        
-
-        
-
-        
-            <span class="categories">
-                
-                    <a href="/categories/%E7%AD%86%E8%A8%98">筆記</a>
-                
-            </span>
-        
-
-        
-            <span class="author"><a href="/author/eric-chang">Eric Chang</a></span>
-        
-    </div>
-
-    
-        <p>最近因為一直碰到硬碟故障的問題，算起來那一批同時購買的5X顆 seagate 2T硬碟，已經有一半以上故障返修了&hellip;.</p>
-
-<p>然後又因為一直沒有添購新的硬碟，只能用這些快過保/已過保的撐著</p>
-
-<p>所以最近不斷的在更換機器內的硬碟，而且還沒有熱插拔！</p>
-
-<p>也導致原本負責處理盤點資產的同事困擾，因為跟手邊的紀錄已經對不起來了</p>
-
-<p>然後就變成要對資產的時候，需要一台一台登入，然後去下不同的指令，取得想要的硬體資訊，超級麻煩的！</p>
-
-<p></p>
-
-        
-            <a href="/post/inx-collect-detail-hardware-info/" class="more"></a>
-        
-    
-</div>
-
-    
-<div class="footer">
-
-
-    
-        <div class="tags">
-            <i class="fa fa-tags"></i>
-            <div class="links">
-                
-                    <a href="/tags/linux">linux</a>
-                
-                    <a href="/tags/bsd">bsd</a>
-                
-                    <a href="/tags/inventory">inventory</a>
-                
-            </div>
-        </div>
-    
-
-    
 </div>

 </article>
@@ -940,6 +950,14 @@
            <strong></strong>
                <ul>
                
+                    <li>
+                        <a href="/post/do-no-use-10-0-0-0-private-ipaddr-in-gcp/">[筆記] 在gcp 中用wireguard建立VPN時，不要用 10.0.0.0/16 網段/Do No Use 10 0 0 0 Private Ipaddr in GCP</a>
+                    </li>
+                
+                    <li>
+                        <a href="/post/multiple-site-to-site-vpn-using-wireguard/">[筆記] 透過 wireguard 建立多點 site to site VPN / Multiple Site to Site VPN Using Wireguard</a>
+                    </li>
+                
                    <li>
                        <a href="/post/site-to-site-vpn-using-wireguard-in-two-edgerouters/">[筆記] 在edgerouter上用wireguard 建立site to site VPN / Site to Site Vpn Using Wireguard in Two Edgerouters</a>
                    </li>
@@ -960,14 +978,6 @@
                        <a href="/post/ansible-selectattr-from-list-in-dictionary/">[ansible] 引用事先定義好的yaml檔裡面的變數 - Ansible Selectattr From List in Dictionary file</a>
                    </li>
                
-                    <li>
-                        <a href="/post/remote-management-system-meshcentral/">linux底下遠端遙控&amp;管理的好用系統 Meshcentral / Remote Management &amp; control system Meshcentral</a>
-                    </li>
-                
-                    <li>
-                        <a href="/post/install-asus-10g-nic-in-proxmox/">Install Asus 10G NIC XG-C100C in Proxmox</a>
-                    </li>
-                
                </ul>
        </div>
        
@@ -978,7 +988,7 @@
                <ul>
                
                    <li>
-                        <a href="/categories/%E7%AD%86%E8%A8%98">筆記 (22)</a>
+                        <a href="/categories/%E7%AD%86%E8%A8%98">筆記 (24)</a>
                    </li>
                
                    <li>