tinc - Jan 2016 - un/Tap IP Configuration

I read tinc documentation part:

"
For Branch A

BranchA would be configured like this:



In /etc/tinc/company/tinc-up:



# Real interface of internal network:

# ifconfig eth0 10.1.54.1 netmask 255.255.0.0

ifconfig $INTERFACE 10.1.54.1 netmask 255.0.0.0



...



Note that the IP addresses of eth0 and tap0 are the same. This is quite
possible, if you make sure that the netmasks of the interfaces are different. It
is in fact recommended to give both real internal network interfaces and tap
interfaces the same IP address, since that will make things a lot easier to
remember and set up.
"

Can you explain best the last statement saying that real eth0 and tap0 can have
some ip with different netmask ?
Overlapping: 10.1.0.0 - 10.1.255.255  and 10.0.0.0 - 10.255.255.255

Cannot be arise conflicts ?

If my internal network is 172.16.0.0/19 and I have eth0 ip =
172.16.1.10/255.255.224.0 and I set tun/tap ip = 172.16.1.10/255.0.0.0  I've

172.16.0.0 - 172.16.31.255 range network for eth0
and
172.0.0.0 - 172.255.255.255 range network for tun/tap

How the system knows how to resolve this overlapping ?
Doesn't be the two networks totally independent (non overlapping) to allow
correct routing ?


Roberto



-------------- parte successiva --------------
Un allegato HTML ? stato rimosso...
URL:
<http://www.tinc-vpn.org/pipermail/tinc/attachments/20160122/26a6cd95/attachment.html>

On Fri, Jan 22, 2016 at 03:21:06PM +0000, mlist wrote:

[...]
> Note that the IP addresses of eth0 and tap0 are the same. This is quite
possible, if you make sure that the netmasks of the interfaces are different. It
is in fact recommended to give both real internal network interfaces and tap
interfaces the same IP address, since that will make things a lot easier to
remember and set up.
> "
> 
> Can you explain best the last statement saying that real eth0 and tap0 can
have some ip with different netmask ?
> Overlapping: 10.1.0.0 - 10.1.255.255  and 10.0.0.0 - 10.255.255.255
In general, you can use the same IP address on more than one interface.
And the routing table decides where to route packets to. If you assign
10.1.0.1/16 to eth0, and 10.1.0.1/8 to tap0, then the routing table will
look like:

10.1.0.0/16 dev eth0
10.0.0.0/8 dev tap0

Specifically, the route to eth0 will have priority over the one to tap0,
so packets for your local LAN will always be sent to the real Ethernet
interface, and any other packets in the 1.0.0.0/8 range will be sent to
the VPN. If you'd have the same netmask on both the kernel wouldn't know
which interface to route packets to.

-- 
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL:
<http://www.tinc-vpn.org/pipermail/tinc/attachments/20160122/ea4c6f4c/attachment.sig>