On Tue, Mar 01, 2016 at 04:31:13AM -0600, md at rpzdesign.com wrote:> Where do I get information about the details of not needing a tinc-up script > anymore? (/etc/network/interfaces)You can just use the normal /etc/network/interfaces way of configuring the interface, like this: iface vpn inet manual address 192.168.1.1 netmask 255.255.255.0 tinc-net <netname>> Also, after that interface comes up and is ready, only THEN do I want to run > other software.During boot, all services that require the network is online are started AFTER all auto interfaces in /etc/network/interfaces have been brought up.> What piece of data can I monitor programmatically (C++, python, etc) to know > when the interface is up and running ok? > > What I want to void is having to execute an ifconfig command and then parse > the output in a program.There's /sys/class/net/<interface>/operstate, which should exist and contain "up" when the interface is up. Otherwise, there's the netlink interface, but I've never worked with that myself. But be warned, whether an interface is up still doesn't mean that your network is actually working. For example, you'd want to mount a NFS share if the interface is up AND if the NFS server itself is up and reachable. If you can instead make your services more resilient to changes in the network state, that would be better. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160301/01c55ea9/attachment.sig>
Gus: Can you give me an example of <netname>. My eth0 device is assigned a public ip address, but I will not use tinc to secure traffic over that interface. There will be an eth1 device that has a externally visible IP Address. It is on this eth1 device that I want the virtual tun0 device to route its traffic. Maybe under Ubuntu, I will have a different device name tun0? (I only tested tinc on centos6 earlier) Thanks, md On 3/1/2016 5:37 AM, Guus Sliepen wrote:> On Tue, Mar 01, 2016 at 04:31:13AM -0600, md at rpzdesign.com wrote: > >> Where do I get information about the details of not needing a tinc-up script >> anymore? (/etc/network/interfaces) > You can just use the normal /etc/network/interfaces way of configuring > the interface, like this: > > iface vpn inet manual > address 192.168.1.1 > netmask 255.255.255.0 > tinc-net <netname> > >> Also, after that interface comes up and is ready, only THEN do I want to run >> other software. > During boot, all services that require the network is online are started > AFTER all auto interfaces in /etc/network/interfaces have been brought > up. > >> What piece of data can I monitor programmatically (C++, python, etc) to know >> when the interface is up and running ok? >> >> What I want to void is having to execute an ifconfig command and then parse >> the output in a program. > There's /sys/class/net/<interface>/operstate, which should exist and > contain "up" when the interface is up. Otherwise, there's the netlink > interface, but I've never worked with that myself. > > But be warned, whether an interface is up still doesn't mean that your > network is actually working. For example, you'd want to mount a NFS > share if the interface is up AND if the NFS server itself is up and > reachable. If you can instead make your services more resilient to > changes in the network state, that would be better. > > > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160301/dec60eac/attachment.html>
On Tue, Mar 01, 2016 at 06:06:46AM -0600, md at rpzdesign.com wrote:> Can you give me an example of <netname>.<netname> is the name of the directory under /etc/tinc where your configuration is. See: http://tinc-vpn.org/documentation/Multiple-networks.html#Multiple-networks> My eth0 device is assigned a public ip address, but I will not use tinc to > secure traffic over that interface. > > There will be an eth1 device that has a externally visible IP Address. It > is on this eth1 device that I want > the virtual tun0 device to route its traffic.Linux doesn't care whether tun0 is virtual or not. So you configure routing to/from your VPN interface the same way you would as when you would have a real interface instead. Since I don't know exactly what you want and how your eth1 is configured, I cannot give a more specific answer.> Maybe under Ubuntu, I will have a different device name tun0? (I only > tested tinc on centos6 earlier)If you use /etc/network/interfaces, then the virtual interface will get the name you specify in the stanza. So if you have: iface vpn inet manual address 192.168.1.1 netmask 255.255.255.0 tinc-net <netname> Then the interface will literally be named "vpn". If you don't use /etc/network/interfaces for starting tinc, then it will give the interface the same name as the netname, unless you override it by using the Interface option in tinc.conf. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160301/b24443a6/attachment.sig>