Dear developers,
I am interested in understanding in more details how tinc's metaprotocol
works. I apologize in advance if this was already described somewhere, I
could not find it in the mailing list archive.
So let's say machine A has a
Address= ip.b.example
and manages to contact server B via the meta connection.
1) Then B's tinc daemon will send to A edge and subnet informations.
For instance server B will send an edge message to A stating that it can
connect to C and that C address is ip_adress_of_C. It will also send
another subnet message stating which subnets correspond to C. The reason
that edge messages and subnet messages are separate is that in 'switch'
mode tinc may send several subnet messages for the same node C.
(The subnets configured for C in A's configuration file are not taken into
account, only the ones announced, except if StrictSubnets is activated).
2) Now that A learnt about C, does it relay these messages to the other
tinc daemon it has a meta connection to? If so how does tinc avoids loops?
3) Now let's say that A sends a message to an IP belonging to the subnet of
C. Then tinc needs to find a way to send the packet to C.
The magic happens in `graph.c`. If I understand correctly, n->nexthop
indicates the (next hop) routing information, but I am not sure what is the
meaning of n->via. So it looks like this: if the connection to C is
indirect then A goes through B, otherwise it attempt to send the packet
directly to C.
Question: does A also attempt to open a meta connection to C? If not how
can it check that the packets to C arrive to destination?
More generally I am interested in understanding how 'indirect'
connections
work in tinc. For instance I see in `protocol_auth.c` that TCPOnly implies
'OPTION_INDIRECT' (as documented in the doc), but it seems (according to
the docs) like tinc can still try to send data via the TCP meta connection?
Thanks in advance!
Damien Robert
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://www.tinc-vpn.org/pipermail/tinc-devel/attachments/20190912/92e37f71/attachment.html>
