I don't really understand what you want.
But you can use 2 nodes as "server". Then only those 2 nodes will have
all the host files. The other nodes will just have the 2 "servers"
hosts
and the node file.
When tinc connect he will share all information about the network even
if you don't have the host file localy.
If each node have subnet you will probably need some dynamic routing to
distribute the routing table.
Tinc only build some virtual interface, he don't directly manage routing.
Le 10/11/2016 à 09:25, ygrek a écrit :> Hello,
>
> I am tying to create tinc vpn for the ~1000 nodes and was thinking why
meta connections are
> needed at all if I only need static configuration where every node knows
addresses of other hosts
> and due to the amount of traffic any indirect connections will not work,
so DirectOnly=yes is a must
> and then passing around routing information is not needed, right?
Currently I have 10 nodes
> that are targets to ConnectTo for all other nodes, and all they are doing
is processing ADD_EDGE requests.
>
> So I was thinking:
> 1. is it possible to start mesh vpn with only hosts file and no ConnectTo
directives?
> 2. is it ok that nodes are sending ADD_SUBNET (it consumes cpu to
process) when StrictSubnets=yes?
> 3. is it possible to switch off sending ADD_EDGE when DirectOnly=yes?
> 4. is there a way to know why tinc thinks node is unreachable (I see
quick changes from reachable to unreachable and back again in debug logs)?
> My current theory is that it is because ConnectTo target nodes are
maxing out cpu and losing packets (and probably losing PMTUDiscovery packets).
>
> Thank you!
>