H, Narcissus Quick one for the below case, if node A have a direct connection to node B, and node B have a connection to node X, then I found node A will be able to talk to node X, but the communication path is go through node B, instead of build direct connection between A and X, is that right? I tested this in my environment. A >> B >> X> On 1 May 2017, at 3:07 PM, Narcissus Emi <eminarcissus at gmail.com> wrote: > > X-up is being called when any connection is being built between node A and node X, it doesn't have anything to do whether you have connectTo in the config file or not. > Because tinc is a mesh network, if node A have a direct connection to node B, and node B have a connection to node X, you can have a connection between A and X, and X-up is being called at the moment when it built a connection on demand. > > -- > Narcissus Emi > 日時: 2017年5月1日 14:15:14, Bright Zhao (startryst at gmail.com <mailto:startryst at gmail.com>) が書きました:: > >> Hi, Tinc Expert >> >> in my tinc.conf, the ConnectTo to host X is commented, like below: >> >> #ConnectTo = X >> >> and there is a script: /etc/tinc/netname/hosts/X-up, I thought commented the ConnectTo X wouldn’t trigger the X-up, but it did. >> >> Why? What’s the logic behind to trigger host-up? How can I avoid this except remove the host-up file? >> >> >> Bright Zhao >> _______________________________________________ >> tinc mailing list >> tinc at tinc-vpn.org <mailto:tinc at tinc-vpn.org> >> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc <https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc> > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20170501/d66066dd/attachment-0001.html>
Indeed it depends, tinc will have a port listening for incoming connections(both tcp and Udo), if A have exposed its listening ports, a direct connection will be built between the nodes, otherwise it will go from the intermediate node. -- Narcissus Emi 日時: 2017年5月1日 15:12:16, Bright Zhao (startryst at gmail.com) が書きました::> H, Narcissus > > Quick one for the below case, if node A have a direct connection to node > B, and node B have a connection to node X, then I found node A will be able > to talk to node X, but the communication path is go through node B, instead > of build direct connection between A and X, is that right? I tested this in > my environment. > > A >> B >> X > > On 1 May 2017, at 3:07 PM, Narcissus Emi <eminarcissus at gmail.com> wrote: > > X-up is being called when any connection is being built between node A and > node X, it doesn't have anything to do whether you have connectTo in the > config file or not. > Because tinc is a mesh network, if node A have a direct connection to node > B, and node B have a connection to node X, you can have a connection > between A and X, and X-up is being called at the moment when it built a > connection on demand. > > -- > Narcissus Emi > > 日時: 2017年5月1日 14:15:14, Bright Zhao (startryst at gmail.com) が書きました:: > >> Hi, Tinc Expert >> >> in my tinc.conf, the ConnectTo to host X is commented, like below: >> >> #ConnectTo = X >> >> and there is a script: /etc/tinc/netname/hosts/X-up, I thought commented >> the ConnectTo X wouldn’t trigger the X-up, but it did. >> >> Why? What’s the logic behind to trigger host-up? How can I avoid this >> except remove the host-up file? >> >> >> Bright Zhao >> _______________________________________________ >> tinc mailing list >> tinc at tinc-vpn.org >> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >> > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20170501/fd59bc3f/attachment.html>
Indeed it depends, tinc will have a port listening for incoming connections(both tcp and udp), if A have exposed its listening ports, a direct connection will be tried to build between the nodes, otherwise it will go from the intermediate node. -- Narcissus Emi 日時: 2017年5月1日 15:12:16, Bright Zhao (startryst at gmail.com) が書きました::> H, Narcissus > > Quick one for the below case, if node A have a direct connection to node > B, and node B have a connection to node X, then I found node A will be able > to talk to node X, but the communication path is go through node B, instead > of build direct connection between A and X, is that right? I tested this in > my environment. > > A >> B >> X > > On 1 May 2017, at 3:07 PM, Narcissus Emi <eminarcissus at gmail.com> wrote: > > X-up is being called when any connection is being built between node A and > node X, it doesn't have anything to do whether you have connectTo in the > config file or not. > Because tinc is a mesh network, if node A have a direct connection to node > B, and node B have a connection to node X, you can have a connection > between A and X, and X-up is being called at the moment when it built a > connection on demand. > > -- > Narcissus Emi > > 日時: 2017年5月1日 14:15:14, Bright Zhao (startryst at gmail.com) が書きました:: > >> Hi, Tinc Expert >> >> in my tinc.conf, the ConnectTo to host X is commented, like below: >> >> #ConnectTo = X >> >> and there is a script: /etc/tinc/netname/hosts/X-up, I thought commented >> the ConnectTo X wouldn’t trigger the X-up, but it did. >> >> Why? What’s the logic behind to trigger host-up? How can I avoid this >> except remove the host-up file? >> >> >> Bright Zhao >> _______________________________________________ >> tinc mailing list >> tinc at tinc-vpn.org >> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >> > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20170501/55d11dcc/attachment.html>
Oh, thanks, in my current case, I haven’t config “Address” parameter in A’s host config, is this will make A prohibited it listen on the tinc ports? Question: 1. if I config “Address” in A’s config, and even though A is in a private subnet, it might still possible for A to establish connection with X(X is public IP address)? 2. If there any parameter to disable the direct connection discovery, and only allow to through intermediate node?> On 1 May 2017, at 3:16 PM, Narcissus Emi <eminarcissus at gmail.com> wrote: > > Indeed it depends, tinc will have a port listening for incoming connections(both tcp and udp), if A have exposed its listening ports, a direct connection will be tried to build between the nodes, otherwise it will go from the intermediate node. > > -- > Narcissus Emi > 日時: 2017年5月1日 15:12:16, Bright Zhao (startryst at gmail.com <mailto:startryst at gmail.com>) が書きました:: > >> H, Narcissus >> >> Quick one for the below case, if node A have a direct connection to node B, and node B have a connection to node X, then I found node A will be able to talk to node X, but the communication path is go through node B, instead of build direct connection between A and X, is that right? I tested this in my environment. >> >> A >> B >> X >> >>> On 1 May 2017, at 3:07 PM, Narcissus Emi <eminarcissus at gmail.com <mailto:eminarcissus at gmail.com>> wrote: >>> >>> X-up is being called when any connection is being built between node A and node X, it doesn't have anything to do whether you have connectTo in the config file or not. >>> Because tinc is a mesh network, if node A have a direct connection to node B, and node B have a connection to node X, you can have a connection between A and X, and X-up is being called at the moment when it built a connection on demand. >>> >>> -- >>> Narcissus Emi >>> 日時: 2017年5月1日 14:15:14, Bright Zhao (startryst at gmail.com <mailto:startryst at gmail.com>) が書きました:: >>> >>>> Hi, Tinc Expert >>>> >>>> in my tinc.conf, the ConnectTo to host X is commented, like below: >>>> >>>> #ConnectTo = X >>>> >>>> and there is a script: /etc/tinc/netname/hosts/X-up, I thought commented the ConnectTo X wouldn’t trigger the X-up, but it did. >>>> >>>> Why? What’s the logic behind to trigger host-up? How can I avoid this except remove the host-up file? >>>> >>>> >>>> Bright Zhao >>>> _______________________________________________ >>>> tinc mailing list >>>> tinc at tinc-vpn.org <mailto:tinc at tinc-vpn.org> >>>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc <https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc> >>> _______________________________________________ >>> tinc mailing list >>> tinc at tinc-vpn.org <mailto:tinc at tinc-vpn.org> >>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc <https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc> >> >> _______________________________________________ >> tinc mailing list >> tinc at tinc-vpn.org <mailto:tinc at tinc-vpn.org> >> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc <https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc> > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20170501/e22d5538/attachment-0001.html>