Hi,
I spend some time to investigate tinc to see how use it, Tinc is really
good.
I met some wired issue, maybe some guys can do me a favor.
In my case, there are 3 regions, and 2 servers in each region, total 6
servers.
each of servers will connect the servers in other regions, but no
connection to server in same region in configuration.
Region us-east
Region us-west
Region uk
tinc.conf like:
Name = useast1
AddressFamily = ipv4
GraphDumpFile = /var/log/tinc/tinc.graph
KeyExpire = 3600
mode = router
PingInterval = 10
PingTimeout = 5
ProcessPriority = high
ConnectTo = uswest1
ConnectTo = uswest2
2 servers in each region with the same subnet
/etc/tinc/NETWORK/hosts in us-east like:
Region us-east
Address = x.x.x.x
Cipher = aes-128-gcm
#Compression = 10
Digest = sha1
Subnet = 10.21.0.0/16#5
Subnet = 10.21.0.71/32
Address = x.x.x.x
Cipher = aes-128-gcm
#Compression = 10
Digest = sha1
Subnet = 10.21.0.0/16#8
Subnet = 10.21.0.44/3
1.when I ping some ip in us-east subnet behind the us-east tinc server from
uk tinc server, it works well, it will go through one of them
tinc on uk ---> tinc server-1 on us-east --> server behind tinc
2.when I stop tinc, it will pick another tinc server in us-east to reach
destination address
tinc on uk ---> tinc server-2 on us-east --> server behind tinc
3.but when I block ping on the active tinc server with iptables, the ping
request will goto us-west, then goto us-east tinc server
tinc on uk ---> tinc server on us-west --> tinc server-1 on us-east -->
server behind tinc
Why tinc can not use another tinc server same like #2, I tried
LocalDiscovery, subnet with priority, but it doesn't work like my thoughts.
My tinc version is 1.0.26, do I need to upgrade to 1.1 ?
Thank you very much.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://www.tinc-vpn.org/pipermail/tinc/attachments/20160202/c11e9532/attachment.html>
