Page 1 of 2
Getting DO floating IP to work
Posted: Wed May 23, 2018 3:20 am
by bennun
Hi everyone,
I'm stuck at getting my VestaCP website to work with a DO floating IP. It works fine with the public IP address assigned by DO. Here's what I've done thus far to try to get it to work based on my research:
1. Changed nameservers to DigitalOcean for my domain.
2. Changed the @ record of my domain to the floating IP.
3. On the IP tab, I assigned the floating IP to the NAT IP association field.
4. On the Web tab for my domain, I assigned it to the floating IP address.
Tested it on two VPS's and it doesn't work. However, when I change the @ dns record to the public IP, it works fine. Am I missing something here? Thanks!
Re: Getting DO floating IP to work
Posted: Wed May 23, 2018 7:14 pm
by mehargags
did you wait for the TTL time for DNS to propagate properly ?
you did the right steps but I guess you reverted it too early. DNS takes time to resolve and propagate
Re: Getting DO floating IP to work
Posted: Thu May 24, 2018 11:54 am
by bennun
Yes, it's been 48hrs now. Still nothing. When I ping the cname record, it returns the correct floating IP address. But when I try browsing the site, I get this error in Chrome: ERR_CONNECTION_REFUSED. Is there anything else I should check?
Re: Getting DO floating IP to work
Posted: Fri May 25, 2018 7:31 pm
by kenger
Same problem. I added the floating IP on the anchor IP as NAT then created a domain.
Tried to access index.html and got ERR_CONNECTION_REFUSED.
I dont see anything in the access log of NGINX. There is a log file of the NAT somewhere?
Re: Getting DO floating IP to work
Posted: Fri May 25, 2018 7:55 pm
by grayfolk
As i'm understand, you dont need to change Vesta/websites IP to floating IP because your droplet IP not changed if you use floating IP.
Read this about floating IP:
https://www.digitalocean.com/community/ ... gitalocean
Re: Getting DO floating IP to work
Posted: Sun May 27, 2018 5:11 pm
by bennun
Ok, based on your feedback, I pointed my DNS records to the Floating IP while leaving my VestaCP website pointed to the public IP address (eth0), without any NATing. Does not work. I NATed the public IP to the floating IP. Did not work either.
Here's what the DO documentation says:
Network traffic between a Floating IP and a Droplet flows through an anchor IP, which is an IP address aliased to the Droplet's public network interface (eth0). As such, a Droplet must have an anchor IP before you can assign a Floating IP to it.
It also says:
An anchor IP is only accessible to the Droplet that it belongs to and the Floating IP that is assigned to the Droplet. You should bind any public services that you want to make highly available through a Floating IP to the anchor IP.
According to other posts here, some folks were successful in getting Floating IPs to work with their Vesta websites by NATing their
anchor IPs to the floating IP address. But if I read the documentation right, we need the anchor IP of eth0. When I look at my VestaCP IPs, I only see the public IP (eth0). I don't see the anchor IP of eth0. I do see an anchor IP bound to eth1 interface. That's the one I've been trying to NAT with my floating IP without any success. I wonder if we need to get the anchor IP listed of eth0. I can see that I do have an anchor IP of eth0 by running this command: ip addr show eth0 - But it's not listed in VestaCP IP page.
Re: Getting DO floating IP to work
Posted: Sun May 27, 2018 6:04 pm
by mehargags
Re: Getting DO floating IP to work
Posted: Sun May 27, 2018 6:22 pm
by grayfolk
So, i'm check right now on DO and see for working with floating IP you should remove external Droplet IP from Vesta and add private IP (anchor IP) as main Vesta IP.
UPD:
So, i'm check right now on DO and see for working with floating IP you should add private IP (anchor IP) as main Vesta IP and assign sites to this IP.
Re: Getting DO floating IP to work
Posted: Sun May 27, 2018 6:31 pm
by grayfolk
Floating IP:
DNS:
Vesta:
Vesta working on both IPs:
Youre welcome:
http://floating.grayfolk.net/
Re: Getting DO floating IP to work
Posted: Mon May 28, 2018 1:07 am
by bennun
Here are the results of my ifconfig:
Code: Select all
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 159.203.94.244 netmask 255.255.240.0 broadcast 159.203.95.255
inet6 fe80::a8e0:f8ff:fe08:e9ca prefixlen 64 scopeid 0x20<link>
ether aa:e0:f8:08:e9:ca txqueuelen 1000 (Ethernet)
RX packets 903215 bytes 1161760421 (1.0 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 729928 bytes 243790392 (232.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.132.126.179 netmask 255.255.0.0 broadcast 10.132.255.255
inet6 fe80::ac4b:71ff:fe08:d262 prefixlen 64 scopeid 0x20<link>
ether ae:4b:71:08:d2:62 txqueuelen 1000 (Ethernet)
RX packets 857 bytes 50516 (49.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 57 bytes 2730 (2.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::2 prefixlen 128 scopeid 0x80<compat,global>
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 45336 bytes 5959339 (5.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 45336 bytes 5959339 (5.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
My theory is that eth1 holds my anchor IP, not eth0. Let me know what you think.