similar to: Mulitiple Networks on a Node [Solved]

There is no concept of "client" or "server" in tinc. tinc is purely peer-to-peer. "ConnectTo" statements only indicate which node will attempt to establish the initial connection, but once the connection is established, direction does not matter. It is unclear from your message which node is responsible for which subnet. If X/32 truly belongs to C, then simply set

Hi, Tinc experts Diagram as below, A is trying to access host X behind C: A >> B >> C — “host X" B is the tinc server for A, but also B is the tinc client to connect to C. My question is, if I only use one VPN (/etc/tinc/myvpn), then the host configuration for B will be tricky. As the tinc server to A, B’s host config (/etc/tinc/myvpn/hosts/B) needs have the Subnet = X/32,

Hi, Etienne In addition, is there any option or switch can turn of the automatic direct connection? For the example below, even A has the route to C and can establish UDP connection directly, but I need the traffic to go through B, how can I achieve that easily? (instead of remove something from A’s routing table, or manually block the connection between A and C) > On 1 May 2017, at 6:28 PM,

You’re talking about Layer 2 bridging by Tinc? The use case here is layer 3 routing, but anyway, thanks for your feedback. > On 1 May 2017, at 8:09 PM, LowEel <loweel at gmx.de> wrote: > > I cannot understand why you say the configuration for B will be tricky. > > If you select the switch mode, and some machine can initiate a > connection to some other machine, until

Hi, Etienne I took a look for the below host configuration parameter (IndirectData), the default is no. For the below example: A ConnectTo B, B ConnectTo C: If IndirectData = no (default), then A wouldn’t establish direct connection with C, but will be forwarded by B. If IndirectData = yes, then A will try to establish direct connection with C, even though A don’t have the statement of

Hi All, Let say > df Session_Setup DCT FwdDataVols_bin counts 761 0 1 1 87162 762 0 1 2 11495 763 0 1 3 3986 764 0 1 4 1583 765 0 1 5 920 766 0 1 6 920 767 0 1

Hi, Lars Thanks for your suggestion, will give it a try later to see how it performs. But, yesterday, I did a below test: A ConnectTo B and C, B ConnectTo D, C ConnectTo D; All nodes turned "IndirectData" on in its host configuration, so the tunnel only follow metacomnection instead of direct connect. D announced default route by having the Subnet = 0.0.0.0/0 statement in its host

Sure, let me reply all here for my finding. @Lars @Guus A’s tinc.conf: Name = bright AddressFamily = ipv4 ConnectTo = aly_hk A’s tinc-up: #!/bin/sh ifconfig $INTERFACE 10.0.0.110 netmask 255.255.255.0 A’s host config: Subnet = 10.0.0.110/32 (VPN address) Subnet = 192.168.31.0/24 (LAN address) IndirectData = yes (enabled for every tinc nodes) The node aly_hk (vpn address 10.0.0.3) connects with

Hi Guys, i wanted to share this with u and ask for little help at the same time: i used iptables to secure my server, so i wnet ahead and blocked avery thing except a couple of domain protocols and UDP ports of SIP, IAX2 and that range 15000 to 20000, tested it and OK. when in production, the calls were taking a huge time 7s to be established and somtimes after call setup people cannot hear ech

Hi, Tinc expert If there’re multiple tinc nodes announce default route in their host configuration of Subnet = 0.0.0.0/0, how for the remaining nodes to select which is the best route to get out? All of them participant in the same tinc net. I did some test, like A as the branch, B,C,D as the nodes to announce default route; when all up , A select B, but if B down, A will go C, C down, A will

Hi, I have some questions about running multiple tinc deamons. The docs say you can do it to support separate VPNs, but I don't see any examples. I have been running a single tinc vpn for months with no problems, now I'm trying to add a second separate vpn. I'm running the static tinc version 1.0pre7 (built Apr 9 2002 14:00:34, protocol 14) on Debian potato. I did not want to go

Hi all! I still have never managed to fully wrap my head around how UDP data tunnels can be established between nodes. Everytime I think I understand it, I see something that confuses me again Just now I am seeing the following: I have nodes A, B + C A has everybody's keys and host configuration files. B and C only have A's key, and host config with A's public IP address. B and

Hello, How does tincd determine the subnet(s) of other remote nodes? Does tincd read its copies of the hosts file and parse and follow the subnet information contained in the local files? Or does tincd solely trust the subnet information dynamically advertised by each remote node? In my experimentation, it seems that: a) tincd reads its own subnet(s) from its copy of its own host file, but

Hi Ok I have a simple lab setup with three nodes , one acting as the "Central Node" and the other two as remote nodes which "*ConnectTo*" the central node in order to be able to communicate with each other. What I would like to know is , once the tinc remote nodes establish a connection to the "Central Node" , my understanding was that if the remote nodes want to

Hello, I am running the staticly linked version, tinc version 1.0pre7 (built Apr 9 2002 14:00:34, protocol 14) on four Debian potato systems. The kernels are all 2.2.19. The vpn is set up as a star with one hub and three spokes. The hub and one of the legs share the same ISP and are on the same subnet. Both the other two legs are on different ISP's. All the systems are running masquerading

my network: local pc(192.168.1.2)-->openwrt_adsl_router A( 192.168.1.1/24&11.22.33.44pppoe&10.10.10.1/24 tinc)<---remote B: 10.10.20.1/24 ^ | remote C:10.10.0.1/24 all running tinc 1.0.x, ADSL router

Hi, Etienne Exactly, I just did the test, remove the Subnet = X/32 from B, so I understood that the Subnet on host configuration is indicate local attached network, or let’s call it when going outside of the VPN domain. And yes, A will try to establish UDP connection direct to C (if it has the route), so the first time, I can ping from A to X, and I found the traffic didn’t go through B, but

I have some tinc nodes behind a nat router. Which ipaddress should i use in de host file for the tinc nodes behind a nat router. The internet ipaddress or the private ipaddress ? Perry

yes, I have these in C host file: Subnet=10.10.0.0/24 Subnet=0.0.0.0/1 Subnet=128.0.0.0/1 ## not metioned, because I think is maybe works in same as 0.0.0.0/1 B host file doesn't have 0.0.0.0/1 and 128.0.0.0/1 I only added one route to 5.6.7.8 via B, not via C On Mon, Feb 29, 2016 at 4:40 PM, Maxim Vorontsov <6012030 at gmail.com> wrote: > hi. > > Are you add only

Yes. Look up the "IndirectData" configuration option. On 1 May 2017 at 11:30, Bright Zhao <startryst at gmail.com> wrote: > Hi, Etienne > > In addition, is there any option or switch can turn of the automatic > direct connection? For the example below, even A has the route to C and can > establish UDP connection directly, but I need the traffic to go through B,