search for: startryst

...nc will have a port listening for incoming connections(both tcp and udp), if A have exposed its listening ports, a direct connection will be tried to build between the nodes, otherwise it will go from the intermediate node. > > -- > Narcissus Emi > 日時: 2017年5月1日 15:12:16, Bright Zhao (startryst at gmail.com <mailto:startryst at gmail.com>) が書きました:: > >> H, Narcissus >> >> Quick one for the below case, if node A have a direct connection to node B, and node B have a connection to node X, then I found node A will be able to talk to node X, but the communication p...

...s a mesh network, if node A have a direct connection to node B, and node B have a connection to node X, you can have a connection between A and X, and X-up is being called at the moment when it built a connection on demand. > > -- > Narcissus Emi > 日時: 2017年5月1日 14:15:14, Bright Zhao (startryst at gmail.com <mailto:startryst at gmail.com>) が書きました:: > >> Hi, Tinc Expert >> >> in my tinc.conf, the ConnectTo to host X is commented, like below: >> >> #ConnectTo = X >> >> and there is a script: /etc/tinc/netname/hosts/X-up, I thought comme...

...below, even A has the route to C and can establish UDP connection directly, but I need the traffic to go through B, how can I achieve that easily? (instead of remove something from A’s routing table, or manually block the connection between A and C) > On 1 May 2017, at 6:28 PM, Bright Zhao <startryst at gmail.com> wrote: > > Hi, Etienne > > Exactly, I just did the test, remove the Subnet = X/32 from B, so I understood that the Subnet on host configuration is indicate local attached network, or let’s call it when going outside of the VPN domain. > > And yes, A will try to...

...ckets for nodes for which we do not have a meta connection with are also dropped. > On 1 May 2017, at 6:33 PM, Etienne Dechamps <etienne at edechamps.fr> wrote: > > Yes. Look up the "IndirectData" configuration option. > > On 1 May 2017 at 11:30, Bright Zhao <startryst at gmail.com <mailto:startryst at gmail.com>> wrote: > Hi, Etienne > > In addition, is there any option or switch can turn of the automatic direct connection? For the example below, even A has the route to C and can establish UDP connection directly, but I need the traffic to go...

...shold, the connection will be lost). > On 18 Jun 2017, at 9:25 PM, hvjunk <hvjunk at gmail.com> wrote: > > The only time I can think off, that you’ll *want* to use TCP, is when UDP doesn’t work through the firewalls/NATting. > >> On 18 Jun 2017, at 14:53 , Bright Zhao <startryst at gmail.com> wrote: >> >> If the concern is more about the reliability instead of throughput, should I add TCPonly = yes in the host configuration to make the VPN runs on TCP? > > The problem with TCP, is that TCP, encapsulated inside a TCP stream, is a recipe for very poor...

...hould therefore be sent to C. These packets will then be sent directly to C using UDP (tinc is clever and will try various NAT traversal techniques). If that's not possible for any reason, tinc will automatically fall back to relaying packets through B. On 1 May 2017 at 11:00, Bright Zhao <startryst at gmail.com> wrote: > Hi, Tinc experts > > Diagram as below, A is trying to access host X behind C: > > A >> B >> C — “host X" > > B is the tinc server for A, but also B is the tinc client to connect to C. > > My question is, if I only use one VPN (/...

Hi, Tinc Expert in my tinc.conf, the ConnectTo to host X is commented, like below: #ConnectTo = X and there is a script: /etc/tinc/netname/hosts/X-up, I thought commented the ConnectTo X wouldn’t trigger the X-up, but it did. Why? What’s the logic behind to trigger host-up? How can I avoid this except remove the host-up file? Bright Zhao

...direct connection, I think it based on udp NAT traverse, but if you use TCPonly for this node, and also forbidden the incoming traffic to this public TCP port, it will definitely working on a intermediate only mode. Maybe just try it out,l ;) -- Narcissus Emi 日時: 2017年5月1日 15:24:26, Bright Zhao (startryst at gmail.com) が書きました:: > Oh, thanks, in my current case, I haven’t config “Address” parameter in > A’s host config, is this will make A prohibited it listen on the tinc > ports? > > Question: > 1. if I config “Address” in A’s config, and even though A is in a private > subnet,...

Yes. Look up the "IndirectData" configuration option. On 1 May 2017 at 11:30, Bright Zhao <startryst at gmail.com> wrote: > Hi, Etienne > > In addition, is there any option or switch can turn of the automatic > direct connection? For the example below, even A has the route to C and can > establish UDP connection directly, but I need the traffic to go through B, > how can I ac...

Let’s say, tinc A node server LAN-1(single internet circuit), tinc B node and tinc C node are both serve LAN-2.(two internet circuits) Normally, we can only set tinc A to connect to either B or C, and then the other set as backup. But in some circumstances, we would like to combine the internet pipe of both two circuits, so that the tunnel traffic can have a better bandwidth. If that’s the

...like IP/IP, GRE, OpenVPN or other "point-to-point" VPN solutions. tinc's purpose is to build a reliable, self-routing VPN out of a large mesh network of nodes; it makes little sense to use it for simple point-to-point connections. > > On 30 April 2017 at 00:53, Bright Zhao <startryst at gmail.com <mailto:startryst at gmail.com>> wrote: > Hi, Tinc experts > > I’m on-boarding for Tinc for just quite a few days, and trying to setup the connection between one client to multiple server, where multiple vpn tunnels from the client to different server. From the docum...

...deed it depends, tinc will have a port listening for incoming connections(both tcp and udp), if A have exposed its listening ports, a direct connection will be tried to build between the nodes, otherwise it will go from the intermediate node. -- Narcissus Emi 日時: 2017年5月1日 15:12:16, Bright Zhao (startryst at gmail.com) が書きました:: > H, Narcissus > > Quick one for the below case, if node A have a direct connection to node > B, and node B have a connection to node X, then I found node A will be able > to talk to node X, but the communication path is go through node B, instead > of buil...

> On 18 Jun 2017, at 15:44 , Bright Zhao <startryst at gmail.com> wrote: > > I agree with the in-effective of TCP transmission, but I wonder if the the UDP packet is dropped, the tinc VPN itself wouldn’t retransmit, and if the upper level application doesn’t handle the packet loss well, will this be the problem? > > Or the upper lev...

We knew the TCP-BBR developed by google and try to optimize the transport efficiency of TCP, I’m wondering will this be beneficial if we put tinc in TCP mode plus the TCP-BBR?

Hi, My CentOS has upgrade the openssl to 1.1.1a, and I thought my tinc(1.0.35) installed by yum will use the new openssl, but it looks not the fact. So is tinc(1.0.35) support openssl 1.1.1a? If so, how can I make it running in this version of openssl?

If the concern is more about the reliability instead of throughput, should I add TCPonly = yes in the host configuration to make the VPN runs on TCP?

Hi, Tinc experts I’m on-boarding for Tinc for just quite a few days, and trying to setup the connection between one client to multiple server, where multiple vpn tunnels from the client to different server. From the documentation, it indicate the tinc.conf can support multiple ConnecTo, also the tinc can support multiple netname, like /etc/tinc/net1, /etc/tinc/net2. My question is, for my above

...simple port though, a lot of glue required to get it to a state Apple would approve. This had been on my list of projects to attempt if I could find the time and energy to commit to it. If you do port it I would be very interested! Regards, Ryan Mounce On 26 July 2017 at 20:54, Bright Zhao <startryst at gmail.com> wrote: > +1, waiting for this for quite a while. > > Paul Chobert <paul at chobert.fr>于2017年7月26日 周三下午7:23写道： >> >> Hi, >> >> Is there any existing solution to install iOS9 on unjailbroken iOS devices >> ? >> >> If there is n...

...ent to C. > > These packets will then be sent directly to C using UDP (tinc is clever and will try various NAT traversal techniques). If that's not possible for any reason, tinc will automatically fall back to relaying packets through B. > > On 1 May 2017 at 11:00, Bright Zhao <startryst at gmail.com <mailto:startryst at gmail.com>> wrote: > Hi, Tinc experts > > Diagram as below, A is trying to access host X behind C: > > A >> B >> C — “host X" > > B is the tinc server for A, but also B is the tinc client to connect to C. > >...

Hi, Tinc expert If there’re multiple tinc nodes announce default route in their host configuration of Subnet = 0.0.0.0/0, how for the remaining nodes to select which is the best route to get out? All of them participant in the same tinc net. I did some test, like A as the branch, B,C,D as the nodes to announce default route; when all up , A select B, but if B down, A will go C, C down, A will