[SOLVED] RancherOS cannot ping from IPSec VPN

Hello, I’m new to RancherOS. Just installed on a bare-metal server, no virtual machine.

Installation process worked like a charm, I’m just having a strange behavior while trying to connect from a VPN to the local lan.

On the same lan I have other VM with static ip, I can ping and connect to each of this machines except for the RancherOS one.

From the local lan everything work as expected. If I run ifconfig from RancherOS I see this:
inet addr:192.168.1.220 Bcast:0.0.0.0 Mask:248.0.0.0

Is it ok? The netmask should not be 255.255.255.0?

Thanks!

Another user on slack channel pointed me to the right direction… With netstat -rn I checked the route table from RancherOS (not pingable via VPN) and another Linux host (pingable via VPN).

There was a different route that point to netmask 255.255.255.0. So I add this route to RancherOS with
sudo route add -net 192.168.1.0 netmask 255.255.255.0 eth0

But this was not enough, still not pingable. Then I’ve tried to remove a rule set by default:
sudo route del -net 192.0.0.0 netmask 248.0.0.0 eth0

And now RancherOS is pingable from lan and connected with VPN. Now I’d like to make this setting persistent, since each time I reboot the route get cleared and set to default values.

Is there any config in cloud-config file that could handle this route?

Here’s an example of how to add routes:

    rancher:
      network:
        interfaces:
          eth0:
            mtu: 1500
            post_up:
            - ip route add 10.11.99.0/8 via 10.11.12.254 dev eth0