Displaying 20 results from an estimated 6000 matches similar to: "Concept clarification between multiple ConnecTo and multiple netname"
2017 May 01
2
Concept clarification between multiple ConnecTo and multiple netname
Hi, Etienne
Thanks for your clarification, and this helped a lot. And in order to get a better understanding for the mechanism of Tinc and the purpose of ConnectTo statement, can I think the ConnectTo is the way to get the node into the Tinc VPN domain, instead of establish VPN connection between nodes.
Once any node ConnectTo the Tinc VPN domain, it learns all other nodes, subnets, and
2017 May 01
0
Concept clarification between multiple ConnecTo and multiple netname
If you have multiple ConnectTo statements in your tinc.conf, then tinc will
attempt to establish connections with *all* of them. It is not a fallback,
though it is a good idea for every node to have at least two direct
connections for improved resiliency and fault tolerance.
As to whether you should have just one tinc network or multiple networks,
well, that depends on what you're trying to
2017 May 01
0
Concept clarification between multiple ConnecTo and multiple netname
That's exactly right. Corollary: if you take one node from a tinc network
and connect it to a node from another isolated tinc network, the two
networks become one :)
On 1 May 2017 at 13:16, Bright Zhao <startryst at gmail.com> wrote:
> Hi, Etienne
>
> Thanks for your clarification, and this helped a lot. And in order to get
> a better understanding for the mechanism of Tinc
2017 May 01
3
Why host-up script triggered even not ConnectTo?
H, Narcissus
Quick one for the below case, if node A have a direct connection to node B, and node B have a connection to node X, then I found node A will be able to talk to node X, but the communication path is go through node B, instead of build direct connection between A and X, is that right? I tested this in my environment.
A >> B >> X
> On 1 May 2017, at 3:07 PM, Narcissus
2017 May 01
2
Why host-up script triggered even not ConnectTo?
Hi, Tinc Expert
in my tinc.conf, the ConnectTo to host X is commented, like below:
#ConnectTo = X
and there is a script: /etc/tinc/netname/hosts/X-up, I thought commented the ConnectTo X wouldn’t trigger the X-up, but it did.
Why? What’s the logic behind to trigger host-up? How can I avoid this except remove the host-up file?
Bright Zhao
2017 May 01
2
Why host-up script triggered even not ConnectTo?
Oh, thanks, in my current case, I haven’t config “Address” parameter in A’s host config, is this will make A prohibited it listen on the tinc ports?
Question:
1. if I config “Address” in A’s config, and even though A is in a private subnet, it might still possible for A to establish connection with X(X is public IP address)?
2. If there any parameter to disable the direct connection discovery,
2018 Mar 15
3
issues connecting in other sites
Hi Team,
I admit that I am not familiar with Tinc very well, but have Tinc running at approximately 20 sites and functioning as a mesh vpn/network. I am having issues adding an additional site as it will not communicate with the rest. I have taken the firmware of one and flashed it on another router to make it duplicate and then tested it working but when I change the hostname, and IP to what we
2017 May 01
2
How to set Subnet in a node which act as both server and client role?
Hi, Etienne
In addition, is there any option or switch can turn of the automatic direct connection? For the example below, even A has the route to C and can establish UDP connection directly, but I need the traffic to go through B, how can I achieve that easily? (instead of remove something from A’s routing table, or manually block the connection between A and C)
> On 1 May 2017, at 6:28 PM,
2017 May 01
1
How to set Subnet in a node which act as both server and client role?
Hi, Etienne
I took a look for the below host configuration parameter (IndirectData), the default is no. For the below example:
A ConnectTo B, B ConnectTo C:
If IndirectData = no (default), then A wouldn’t establish direct connection with C, but will be forwarded by B.
If IndirectData = yes, then A will try to establish direct connection with C, even though A don’t have the statement of
2015 Jan 12
1
SIMPLE TINC template example
Here is some examples of using templates for TINC configurations and
settings:
In your startup script, BEFORE starting TINC VPN, put a number of
entries to configure your VPN:
sh ./templatewriter.sh LAN LOSI101 8540 255.255.255.0 0.0.0.0 10.99.0.11
10.98.0.11 ConnectTo=LOSI102 ConnectTo= ConnectTo=
**PUT MORE ENTRIES HERE FOR MORE COMPLEX VPN setups
######Templatewriter.sh
#!/bin/bash
2015 Mar 18
1
Multiple entry node support
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
I'm trying to make a VPN network with the help of my friends.
Tinc seems to support multiple connect to options, but isn't it tricky? Will it cause unsynchronized hosts etc? Will the 1.1 invite support it?
PS: every nodes are not 24/7 on, maybe a node will be online but another not.
- --
Sent from my Android device with K-9 Mail. Please
2014 Apr 11
1
BF_encrypt & BF_decrypt when using AES ?
Hi,
I'm doing some perf profiling, and I can see that BF_encrypt &
BF_decrypt of libcrypto.so.1.0.0 (used in tincd) are consuming CPU time.
I'm using Tinc 1.0.23 and Cipher = aes-128-cbc
BF_encrypt & BF_decrypt seems related to Blowfish
(https://www.openssl.org/docs/crypto/blowfish.html).
Is it normal that BF functions are used even if AES is used ? I do not
know anything about
2014 Dec 09
2
Tricky VPN Configurations
On Mon, Dec 08, 2014 at 11:02:24PM -0500, md at rpzdesign.com wrote:
> The self contained example is tricky because I created 4 ip-address on
> the eth0 device (192.168.1.30/31/32/33) so I could test a 4 node VPN
> that lives entirely within a single server.
That's quite hard to do, it's far easier to run four instances of tinc
on four different ports on the same machine.
>
2017 May 01
2
Multiple default gateway from tinc node
Hi, Tinc expert
If there’re multiple tinc nodes announce default route in their host configuration of Subnet = 0.0.0.0/0, how for the remaining nodes to select which is the best route to get out?
All of them participant in the same tinc net.
I did some test, like A as the branch, B,C,D as the nodes to announce default route; when all up , A select B, but if B down, A will go C, C down, A will
2018 Dec 11
3
subnet flooded with lots of ADD_EDGE request
Hello,
We're suffering from sporadic network blockage(read: unable to ping
other nodes) with 1.1-pre17. Before upgrading to the 1.1-pre release,
the same network blockage also manifested itself in a pure 1.0.33
network.
The log shows that there are a lot of "Got ADD_EDGE from nodeX
(192.168.0.1 port 655) which does not match existing entry" and it
turns out that the mismatches
2014 May 28
2
Is netname used in metadata connections ?
Hi all,
I am trying to setup a configuration of Tinc to allow multiple tincd
daemons for a same network (mixing bonding, etc...). I will post my
solution later if I found one. This is to get better speeds in multiple
gigabit/sec networks.
So my question is not about this directly.
I would like to know if the "netname" configured on each node, is used
somewhere in communications
2017 May 02
4
Multiple default gateway from tinc node
Sure, let me reply all here for my finding. @Lars @Guus
A’s tinc.conf:
Name = bright
AddressFamily = ipv4
ConnectTo = aly_hk
A’s tinc-up:
#!/bin/sh
ifconfig $INTERFACE 10.0.0.110 netmask 255.255.255.0
A’s host config:
Subnet = 10.0.0.110/32 (VPN address)
Subnet = 192.168.31.0/24 (LAN address)
IndirectData = yes (enabled for every tinc nodes)
The node aly_hk (vpn address 10.0.0.3) connects with
2017 May 02
4
Multiple default gateway from tinc node
Hi, Lars
Thanks for your suggestion, will give it a try later to see how it performs.
But, yesterday, I did a below test:
A ConnectTo B and C, B ConnectTo D, C ConnectTo D; All nodes turned "IndirectData" on in its host configuration, so the tunnel only follow metacomnection instead of direct connect.
D announced default route by having the Subnet = 0.0.0.0/0 statement in its host
2017 May 01
1
How to set Subnet in a node which act as both server and client role?
There is no concept of "client" or "server" in tinc. tinc is purely
peer-to-peer. "ConnectTo" statements only indicate which node will attempt
to establish the initial connection, but once the connection is
established, direction does not matter.
It is unclear from your message which node is responsible for which subnet.
If X/32 truly belongs to C, then simply set
2017 Jun 01
1
Cache of the the unreachable nodes cause un-optimized route?
Hi, All
Here is the case:
A, B, C, D all configured with "IndirectData = yes”, so connection only happens when there’s a “ConnectTo” in tinc.conf.
Arrow indicate the “ConnectTo” direction
Everything works fine earlier as below:
1. A connect to C, D connect to C
2. C is the transit node where only forward traffic between A and C
3. D advertise 0.0.0.0/0#2
4. A can access internet from D