Hello Christoph,
I am glad, that you discovered the source of the problem!
Am Sat, 4 May 2019 08:30:28 +0200
schrieb "Christopher Klinge" <christ.kli...@web.de>:
> The goal was that all connections between my nodes, regardless of whether
> they are destined for internal or external ipv6 addresses, end up using the
> VPN.
This is indeed a bit tricky.
I use a setup with a similar goal based on IPv4. I solved it there by using DNAT
rules for the traffic to be routed through the VPN (based on destination ports).
But DNAT is probably not appropriate in a modern IPv6 world :)
In an IPv6 world you may want to use policy routing.
Simply add specific rules based on the incoming interface ("iif"), the source
address ("from") or ports ("sport" / "dport"). The routes in the target
routing table can be filled by your "node-up" scripts.
Cheers,
Lars
_______________________________________________
tinc mailing list
tinc@tinc-vpn.org
https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
