If you have some VPS nodes and you like to make DDoS protection available for your VM’s () then you are on the right page!

We are going to route DDoS-protected IPs from OVH (or any other ISP). to our unprotected servers elsewhere, so you can use those IP addresses on your VM.

Things you need to know

First we have to create a GRE tunnel between the 2 servers (The OVH server and the VM host).
I use Centos 7 but you can do this on almost every Linux OS.

Public IPv4 server 1: 185.113.88.21
Public IPv4 server 2: 93.95.39.20
IP block I want to use on server 2: 191.80.60.128/26
Bridge interface server2: br0

Run this on server 1:

ip tunnel add gre1 mode gre remote 93.95.39.20 local 185.113.88.21 ttl 255
ip link set gre1 up

Run this on server 2:

ip tunnel add gre1 mode gre remote 185.113.88.21 local 93.95.39.20 ttl 255
ip link set gre1 up

Then we need to create a route on server 1 that will route the IP traffic over the GRE tunnel

Run this on server 1:

 
ip route add 191.80.60.128/26 dev gre1

The next step is to route data from the GRE tunnel to the bridge and back.

Run this on server 2:

ip rule add from 191.80.60.128/26 table 666
ip route add default dev gre1 table 666
ip route add 191.80.60.128/26 dev br0 table 666

The last thing to do is to add the IP the to bridge. This is gonna be the gateway for your VM’s!
Use the second IP of the range!

Run this on server 2:

 
ip addr add 191.80.60.129/26 dev br0

You should be able to ping 191.80.60.129 now..

Use the following network config in the adapter of your VM:

IP address: 191.80.60.130
Mask: 255.255.255.192 (depends on the subnet)
Gateway: 191.80.60.129

Your VPS will have a working internet connection now! Hope this will help you out…