Hi I am a user of openVPN and am keen to explore tinc to help with a specific problem. My example - I have 10 computers all connected to internet via mobile broadband and public apns. all wan ip addresses are dynamic and change often - there is no machine or point with a static ip. I am not allowed to use any third party services like dyndns. I want each computer to continue to be able to talk to the other even if they go down one by one. is this even possible and can tinc help maintain connectivity over networks where ip addresses are constantly changing, without any static point(s)? Thanks. Stewart p.s. I am not an expert (as is probably obvious from my question) so feel free to go as simple as you like with any answers. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20100507/caeb5b49/attachment.htm>
Interesting question. I run my own dyndns style service for that. how would you plan to do the first connection? Or if there is an outage, how do you expected the servers to find each other? -rsd Em 07-05-2010 18:45, Stewart Watson escreveu:> > Hi > > I am a user of openVPN and am keen to explore tinc to help with a > specific problem. > > My example - I have 10 computers all connected to internet via mobile > broadband and public apns. all wan ip addresses are dynamic and change > often - there is no machine or point with a static ip. I am not > allowed to use any third party services like dyndns. I want each > computer to continue to be able to talk to the other even if they go > down one by one. > > is this even possible and can tinc help maintain connectivity over > networks where ip addresses are constantly changing, without any > static point(s)? > > Thanks. > > Stewart > > p.s. I am not an expert (as is probably obvious from my question) so > feel free to go as simple as you like with any answers. > > > > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20100507/22e76053/attachment.htm>
Warning: no tinc-related soutions below!
On 07May2010 22:45, Stewart Watson <s.watson at orange.net> wrote:
| I am a user of openVPN and am keen to explore tinc to help with a specific
| problem.
|
| My example - I have 10 computers all connected to internet via mobile
| broadband and public apns. all wan ip addresses are dynamic and change often
| - there is no machine or point with a static ip. I am not allowed to use any
| third party services like dyndns. I want each computer to continue to be
| able to talk to the other even if they go down one by one.
|
| is this even possible and can tinc help maintain connectivity over networks
| where ip addresses are constantly changing, without any static point(s)?
I've never used tinc, but if at least one machine is always on you could
have machine report their new IPs to all the others every time it
changes. I'd use ssh with stricthostkeychecking to ensure I didn't
report to "not my machine". Each machine keeps a table (text file) of
its own and the other machines' IPs, and updates from the "new IP"
report. And that text file can be /etc/hosts.
The only fiddly bit is networks that issue private IPs and NAT
to the outside world. You could derive the IP from the ssh connection,
but it wouldn't reverse. OTOH, ssh has a VPN mode itself.
Cheers,
--
Cameron Simpson <cs at zip.com.au> DoD#743
http://www.cskk.ezoshosting.com/cs/
TCP/IP: handling tomorrow's loads today.
OSI: handling yesterday's loads someday.
- Henry Spencer @ U of Toronto Zoology, henry at zoo.toronto.edu
On Fri, May 07, 2010 at 10:45:45PM +0100, Stewart Watson wrote:> I am a user of openVPN and am keen to explore tinc to help with a specific > problem. > > My example - I have 10 computers all connected to internet via mobile > broadband and public apns. all wan ip addresses are dynamic and change often > - there is no machine or point with a static ip. I am not allowed to use any > third party services like dyndns. I want each computer to continue to be > able to talk to the other even if they go down one by one. > > is this even possible and can tinc help maintain connectivity over networks > where ip addresses are constantly changing, without any static point(s)?Yes, as long as it never happens that all nodes are offline or all nodes get a new IP address at the same moment. 1. Ensure all nodes have each other's host config files with their public keys. 2. In each host's tinc.conf file, ConnectTo all other nodes. 3. Copy the attached host-up file to the same directory as the tinc.conf file, and ensure it is executable. The attached host-up script will update the host config files when other hosts change their addresses. It keeps the last three known addresses around. You can also add your own Address statement which will not get erased or modified, it distinguishes the automatically added Address statements by the two spaces before and after the = sign. I hope this will do what you want. I plan to make this functionality part of tinc itself, but that might take some time. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- #!/bin/sh FILE=/etc/tinc/$NETNAME/hosts/$NODE TMP=$FILE.tmp [ -f $FILE ] || exit 0 fgrep -q "Address = $REMOTEADDRESS" $FILE && exit 0 fgrep -v "Address = " $FILE >$TMP echo "Address = $REMOTEADDRESS" >>$TMP fgrep "Address = " $FILE | head -2 >>$TMP mv $TMP $FILE -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20100508/928168d2/attachment.pgp>