Hi, Guus
The use case the shared default gateway for multi-tenant, if that the case the
node who own the default gateway will have problem to route with different
tenant who has overlapped address scope? Is it true when no any other tools like
the namespaces?
(tenant1)\
(tenant2)——common node—— shared gw node—— Internet
(tenant3)/
But if the each tenant have it’s dedicate default gateway, but the path from the
tenant node to the default gateway node will be shared by some common tinc node,
then the netname of tinc can handle this, right? I think the common tinc node is
not handle physical to vpn, it’s only vpn relay.
(tenant1)\ /gw for tenant1——Internet
(tenant2)——common node—— gw for tenant2—— Internet
(tenant3)/ \gw for tenant3—— Internet
> On 3 May 2017, at 12:40 AM, Guus Sliepen <guus at tinc-vpn.org>
wrote:
>
> On Tue, May 02, 2017 at 08:46:45PM +0800, Bright Zhao wrote:
>
>> For use case of multi-tenancy use case, should I use multiple netnames
(/etc/tinc/tenant1, /etc/tinc/tenant2/, etc.) for the network, so that even
different tenant have overlapped network address will be possible to work in the
same physical host? or can not?
>
> If you have multiple netnames, then you can have overlapping network
> addresses all you like as far as tinc is concerned. However, if you want
> the physical host to also be able to communicate with the other nodes of
> each tennant, then you might have a problem. You could use network
> namespaces or other forms of containers to keep the networks separate
> for your kernel.
>
> --
> Met vriendelijke groet / with kind regards,
> Guus Sliepen <guus at tinc-vpn.org>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc