similar to: tinc config use cases

In what use case one should use Switch mode? Similarly, when to use Router mode? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc-devel/attachments/20191102/6829e86a/attachment.html>

Do we know the size of biggest deployment(site-site and client-site) which is tinc based VPN? Or it is just used in toy projects at schools to learn something about VPN? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20191105/0ce00ca7/attachment.html>

Hi, We just found the tinc, looks like it is really a better VPN solution than traditional VPN, I am wondering, is there some cases we can refer, like is there some big cluster running in the production environment ? Thank you. -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hi, I wrote a draft puppet module to maintain a L2 mesh based on tinc [1]. I tried to explain what it is about so that it makes sense even to people who know nothing about tinc [2]. Before polishing it so that it can be useful to the general public instead of just myself, I would very much appreciate your comments. This is my first experience with tinc and I would like to improve :-) Thanks for

The following is maybe a bug report, and a proposed patch. Using latest stable tinc 1.0.12. I have a central server and a few clients connecting to this server. I don't want clients to speak directly, but I want all the communications to pass by the server. My configuration is: Mode = switch TunnelServer = Yes I need layer2 because of some ethernet stuff on the clients. When you have

Hi I have got Tinc working on two Windows PCs that are both behind NAT firewalls - I want to backup files from one to the other across a VPN and Tinc looks perfect for this. Even though I have Tinc working, I am a little confused by the configuration which makes me think maybe I have something wrong which may mean my VPN is not secure. My confusion concerns the host file for the local PC and

I see what you want me to do. But it does incur an extra MAC layer header to each VPN packet, more fragmentation. And broadcasts leak to all peers. It sure saves you from doing any improvements, but there are side effects that are undesirable to many customers. This is specially a problem if I want two VPN connections between two sites using redundant connections, we get an instant L2 loop. With

why dont you place a service dependency on your tinc service init/systemd files to depend on your fuse/mount service? On Tuesday, 23 August 2016, Florent B <florent at coppint.com> wrote: > Hi everyone, > > I have a special setup were hosts files of Tinc are stored in a > directory mounted by fuse and shared across my hosts (Proxmox /etc/pve). > > On boot, sometimes Tinc

Oops, did I forget to mention how good a design the REST of tinc is, operationally speaking. Config files aside, it is a really good VPN. md On 1/11/2015 10:05 PM, md at rpzdesign.com wrote: > I would say the weakest part of the TINC design is the configuration > file layout. > > There is no way to split out the essentially static configuration for > all nodes in the cluster and

Hi! I have compiled and installed tinc 1.1pre5 on a ubuntu machine. With the tinc 1.0.x version that is included in the ubuntu repository I am used to having the config files in /etc/tinc/ and where each vpn has a own directory. The file nets.boot placed in /etc/tinc where I can specify which vpn tunnels that is going to start automatically. How can I get the vpn tunnels to start automatically

On Sun, Jan 24, 2016 at 12:10:42PM +0300, Yazeed Fataar wrote: > Can you recommend a good strategy in securely managing the config and hosts > files please? The private keys (those files ending in .priv) should only be readable by root. When tinc generates the public/private keypairs, it already ensures the private key file is only reabable by root. The rest of the files in /etc/tinc can

On Sun, Jan 24, 2016 at 01:59:19PM +0300, Yazeed Fataar wrote: > So based of this , having your central tinc server in VPS Provider , will > allow potentially the provider to replicate your config files and thus > exposing all your remote sites connected. My situation I face is all my > remote sites have dynamic addresses ,and in order for me to create a > connection point between

On 24/01/16 12:19, Yazeed Fataar wrote: > I cannot use dynamic dns , the remote sites connect through 4G LTE and > get assigned "Private Addresses" that are NATd to a Public Address. The > LTE clients can only make connections outward to the Internet and > features such as PAT and Dynamic DNS will not work. Therfor for these > remote sites I need a Central Server Located

Hi Guus Can you recommend a good strategy in securely managing the config and hosts files please? <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> This email has been sent from a virus-free computer protected by Avast. www.avast.com

On Sun, Jan 24, 2016 at 10:01:23AM +0300, Yazeed Fataar wrote: > I hope this was not asked before. What methods can be used to secure the > "tinc" config files? If for example using a VPS provider like digital ocean > , how can one be sure that the local admins dont access your container and > read the contents of the tinc config files? Is there a better solution , >

On Sun, Jan 24, 2016 at 12:48:13PM +0300, Yazeed Fataar wrote: > Thanks Guus.. So if someone had to gain access to my vm-disk. They > would not be able to view the contents of the files in ""etc/tinc" if > I do "sudo chmod go= /etc/tinc" .. My paranoia is around a VPS > provider who had admin access to all containers. I know that I have > to create a root

Hi, I have a question. I have a routeable /24 netblock including a server at a colocation and I would like to use tincd to tunnel part of that netblock to an internal network on another location being connected to the internet via gateway with DSL link and a single static IP address, so I can use public routable IP addresses on the local network. I have tincd 1.0 pre7 installed on both the local

I have tried starting tinc with this command line tincd -n vpn -d5 -D and get this error tincd 1.0.8 (May 16 2007 17:41:21) starting, debug level 5 No value for variable `MIGJAoGBAMnEdtmSs9pe+y0H4aHpQRO0GbJ3DFbEgHoaxsl1sKZ6eTHug klBJxXM' on line 3 while reading config file C:\Program Files\tinc/vpn/hosts/jenks Cannot open host configuration file for myself! Terminating ne1 help?

I've played around with the config some more after finding and reading through the mailing list archives. I think I'm being tripped up by my ipchains ruleset, so I'm going to play with it when I get home tonight and can set up a private network. If I have any further problems, I'll subscribe to, then send a message to the mailing list. Thanks for your patience and a VPN that's

I'm having a bit of a problem getting tinc up and running between a pair of RedHat (one 6.0, the other 6.1) boxes. It's installed and configured to the point where they can connect, but I'm not seeing any traffic passing between the two systems. System A looks like - tinc.conf: # Sample tinc configuration. # Insert your own ip numbers instead of the placeholders, # and be sure to use