Setting Up VPN-like Network Between Several Clusters Using iptables

It is common to connect servers with only internal IPs from several clusters. VPN is a common technique for this. With iptables, we can implement many functions of VPN with possibly higher performance. The slides here give a brief introduction to how to set up a VPN-like network between 2 clusters which connect to each other through Internet. Note that this is not a “real” VPN.

(Note: a typo in slide #6: the “2181”s should be “2182”.)

PDF version can be downloaded at vpn_iptables_v2.pdf

Animation is enabled which may help understand it.

Eric Ma

Eric is a systems guy. Eric is interested in building high-performance and scalable distributed systems and related technologies. The views or opinions expressed here are solely Eric's own and do not necessarily represent those of any third parties.


  1. Dear Zhiqiang Ma,

    I have small doubt, it is possible to move the Vg partition to another server, Please let me know ?

    Thanks for advance.



      1. Dear Zhiqiang Ma,

        Sorry I am taking about LVM, I have created Volume group(vg) and mount the vg(volume group) in /mnt and stored the some file.

        It is possible to move the Vg partition to another server, Please let me know ?

        Thanks for advance.



  2. Dear Zhiqiang Ma

    I have configured Openvpn (slackware13.37) Amazon server machine, it is working fine, and tested that it is working.

    I have configured
    1. System1 linux machine for Openvp Client setup and started the service it is running fine.
    2. System2 linux machine I have configured Openvpn(server), it is working fine.

    The System1 openvpn client & System2 Openvpn server is connected,
    I have checked the log and I am able to ping the ping the tun0 openvpn server ip( to openvpn client(

    And In Openvpn server I am able to ping the openvpn client tun0 IP address.

    In openvpn server config file I have added the option for (push “redirect-gateway def1 bypass-dhcp”) . But my openvpn client machine (amazon)get hunged.

    In System1 while run the command
    wget -qO-
    it showing System2(openvpn server) IP address. But it show System1 Public IP address

    Please help me, and how to set the routing in the IP tables?
    how to fix this issue.


Leave a Reply

Your email address will not be published. Required fields are marked *