Solving routing issue in Private VPS Cloud 

In the private VPS cloud solution I have built and setup in the last couple of years there was a small nagging issue that needed to be solved.  I wanted to have a routed layer 2 network and be able to use the public load balancers provided by the VPS provider.

When we started the platform, we got the non-routed layer 2 network up and running pretty fast. Adding a OpenVPN server made the Site-2-Site more and less working. It works, the only caveat I had was that everybody had the same originating source IP in the layer 2 network. We still had the issue that all of the servers could access the internet directly. And with the number of server rising ( > 40 ) an increasing worry.

How to solve the following issues:

  • Limit direct connection to the internet to those servers that host our sites
  • Be able to access those servers that do not need to be connected directly to the internet
  • Create a indirect connection to the internet for these servers
  • Have a single point of entry for the VPN connections.
  • Make sure that not all servers are accessible for all users. 

New Server

My server was still running Ubuntu 18.04 LTS, so time to think about upgrading the OS.

Besides the upgrading I was a bit fed-up with the whole Wordpress setup. Not really happy with the product. So how to solve these two issues?