Frithjof Hammer a écrit : > My Questions: > * Is this (nodes can talk to eachother without having the crypto keys) the > correct behavior? > Yep, each node contact the other to distribute the network information. > * What can I do get my desired behavior (only nodes sharing the keys of > eachother can talk) ? > You can build 2 different network. So there is no problem to share the keys. Then on B you have 2 tincd daemon on 2 different port and 2 different configuration. Then you start your 2 tincd with the network name like tincd -n vpn1 and tincd -n vpn2.
The other way is to configure your firewall to only allow traffic that you want. > * sending a killall -USR2 tincd gets me a lot of nice debug stuff. Is there a > documentation what is meant by the option value and the weight value? > I don't know this. > * Is there a posibility to resolve the routing path through a tinc mesh? > Tinc only give you a virtual interface.... Is your job to resolve routing or filtering issue. > > I don't want to setup two vpns because my scenario is more complex: It > involves seven nodes and I want to define for each and everyone of them to > which other nodes they may talk to. > Then work with static routing or configure your firewall if you don't wan't to have multiple vpn daemon... > Any hints? > > Thanks > Frithjof > _______________________________________________ > tinc mailing list > [email protected] > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > _______________________________________________ tinc mailing list [email protected] http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
