similar to: About Tinc VPN

Hi all, I am new to Tinc VPN and really would like to make full benefit of this implementation if possible. I would like to know whether I will be able to use Tinc to its full potential. My current setup is as follows, IPfire router/firewall(openvpn client) --->ISP(Internet)--->Amazon VPS(openvpn server). The ipfire router is behind a CARRIER-GRADE NAT, I am able to reach the network

On Sun, Oct 18, 2015 at 02:00:36PM -0500, Bobby Thomas wrote: > IPfire router/firewall(openvpn client) --->ISP(Internet)--->Amazon > VPS(openvpn server). > > The ipfire router is behind a CARRIER-GRADE NAT [...] I have come to > know that Tinc VPN supports spoke to spoke(full mesh) direct > connection bypassing hub (so clients can reach other clients without > going

Thanks for the reply Guss, So in my case the Amazon VPS server is behind a FULL CONE NAT(static NAT), so is that enough to hole punch other nodes. what all ports will should be opened up on the NAT device? Most of the other nodes are behind cg-nat, so I wont have any control over its nat. Thank you, Regards, Bobby Thomas. On Oct 19, 2015 1:45 AM, "Guus Sliepen" <guus at

tinc uses direct UDP communication for performance, not reliability. If you want to establish more metaconnections for increased reliability, you can use AutoConnect (though it probably won't work across NATs). A better solution is to use two central nodes (instead of one) for redundancy. On 11 June 2015 at 18:59, Daniel J. Grinkevich <danielgrinkevich at gmail.com> wrote: > If we

Hello everyone. First of all, i congratulate tinc and its community for such reliable tool it is. I am working on a community wireless project where we have an isolated mesh network that we want to link by VPN. In order to fulfill this requirement we setup a tinc VPN, with two "nodes", servera and serverb. Servera has ip 10.0.0.1/24 and serverb has 10.0.0.2/24, and a spare network

i need forwarding off , cause i need a central node , which is connected directly to all the network , directly , so it can usually upload content directly , without slowing down other nodes in the network , i also don't want it to act as a forwarder , since ,it only has 2mbps of bandwidth , and i don't want it for that purpose , is there any other way to fix this problem ? On 16 March

Hello, Since the present tinc documentation is not very clear about this, please explain the following: is it mandatory to include the local IP address classes in the global VPN address class? Namely, please consider the following setup (which works great in practice): 1. A tinc VPN, full mesh, with n nodes (n > 3) 2. tinc runs on the firewall, which is also the default gateway for each

We have a handful of nodes set up. Some are NAT'd but a few have direct access to the Internet. Sample confs: HostA: Name = HostA AddressFamily = any Interface = tap0 Mode = switch Connectto = HostB GraphDumpFile = /tmp/mesh HostB: Name = HostB AddressFamily = any Interface = tap0 Mode = switch Connectto = HostA GraphDumpFile = /tmp/mesh And so on. If I use HostA as the main meta sever.

Hello! I'm trying to make a wireless mesh network with b.a.t.m.a.n. protocol, and I would like to secure the wireless links with tinc. My test network is 2 wireless routers with OpenWRT Kamikaze firmware, and the network topology is the following: |CLIENT|eth0: 192.168.180| <--> |eth0: 192.168.1.1|MESH-NODE|ath0: 192.168.5.54| <~~> |ath0: 192.168.5.51|GW|eth1: 192.168.1.51|

Hi, I have successfully setup a tinc network between five hosts (in switch mode). Two of the hosts have static and known IP addresses (S1 and S2). Other hosts (H3-H5) connect one (or both) of them. The traffic flows nicely between all hosts. The initial edges (ConnectTo configuration directives) in my test network are: S1<->S2 H3 -> S1 and S2 H4 -> S1 H5 -> S2 As far as I have

I am looking to connect edge-routers in a VPN over the Internet, with requirement: - Mesh - NAT-traversing - 500 mbit throughput. I'm using Tinc 1.0.23 and it does this very nicely (I think I could also use 1.1, once it's considered stable) except for the througphut: the edgerouters cannot encrypt this fast. So I want to relieve the edge routers from this responsibility. If the end hosts

Hi, I use tinc-vpn to create private mesh vpn networks between office and house in different locations and it works really well. But somehow I'm considering if there were any possibility to add radius support for single node traffic management. I does think it will be really difficult to implement such functions as a feature of a mesh network,because all of the traffic was initiated end to

Hi Paul, I've been using various 1.1pre versions on Windows, Linux, and Freetz (embedded OS for routers, similar to OpenWRT) for years, and I can't complain. The tinc 1.1 branch is pretty stable and that's where the majority of development happens. Why do you want to wait for an official release? Regards, Daniel -----Original Message----- From: tinc-devel <tinc-devel-bounces at

Hi again, On Fri, 2018-04-13 at 19:56 +0100, Etienne Dechamps wrote: > tinc is fully capable of traversing NATs automatically and > transparently; it implements techniques such as UDP hole punching > that are specifically designed to do just that. > > The only requirement is that you have *some* nodes on your graph that > are not subject to NATs. In your case that would be your

Hello, Fortunately, the excellent pfSense gateway software offers a pre-packaged tinc directly in its official repository. This allows a pfSense machine to participate in a tinc mesh. However, experimenting with pfSense, I was unable (at least from the web interface) to figure out how to: - configure pre-packaged tinc to start with multiple partners (the equivalent of multiple Connect lines in

tinc hosts listen for connections to Tor v3 onion services, and they connect to peers using Tor SocksPorts. MPTCP aggregates full-mesh connections between hosts. For Internet hosts with well-peered gigabit uplinks, this permits throughput among peers at 30-50 Mbps for multiple streams, vs ~10 Mbps at most for individual connections. https://github.com/annymous/oniontinc includes bash scripts for

Hi all, TL;DR: when Tinc 1.1 release? I plan to use Tinc for my GSoC project which basically simplifies setup of a Tinc mesh providing IPv6 to nodes in community mesh networks. As I'm new to Tinc I don't know it's history and the changes from 1.0 to 1.1, but it seems to have at least a different syntax in some cases. To make and keep it simple for users, I'd like to stick

Yes, slides will be available afterwards. Additionally, a very similar talk will be presented at SCALE this year as well. Do you have any more info about how tinc is used by NYC mesh? Ben On Sun, Nov 15, 2015 at 3:55 PM, Daniel J. Grinkevich < danielgrinkevich at gmail.com> wrote: > Will the slides be posted after the talk? > > We use tinc for NYC Mesh to connect nodes that do

Hello, Please tell me if it's possible to use tinc together with OSPF (instead of static routes in LAN). By OSPF I mean Quagga's GNU/Linux daemon. Namely, I have a group of LANs (private 192.168.x.0/24 each). Each LAN has a GNU/Linux default gateway, 192.168.x.1, that also connects to the Internet via a public IP address (does NAT and firewall for the LAN "behind" it). tinc

Hi there, we're using tinc to mesh together hosts in a public datacenter (instead of using a private VLAN, sort of). So all hosts are reasonably modern; connections are low latency with an available bandwith of around 500Mbit/s or 1Gbit/s (depending on how close they are to each other). Iperf between two nodes directly reports around 940Mbit/s. The CPUs are Intel(R) Core(TM) i7-4770 CPU @