Guus Sliepen (2012-04-03 21:33:18 +0200) wrote: > On Tue, Apr 03, 2012 at 02:24:48PM +0200, Ivan Vilata i Balaguer wrote: > >> nodeA1 nodeB3 >> | | >> (Network A) --- [GWA] --- (Internet) --- [GWB] --- (Network B) >> | | >> nodeA2 nodeB4 > [...] >> - nodeA1: X.Y.1.0/24 >> - nodeA2: X.Y.2.0/24 >> - GWA: X.Y.0.0/16 > [...] >> - nodeB3: X.Y.3.0/24 >> - nodeB4: X.Y.4.0/24 >> - GWB: X.Y.0.0/16 >> >> My doubt is: if GWA and GWB also connect to each other using Tinc via >> the Internet, would traffic from nodeA2 be routed by GWA and GWB to >> nodeB3 and back? Is it ok for Tinc that both GWA and GWB define the >> same subnet? Would GWA forward traffic not addressed to nodeAx nodes >> to GWB? > > If GWA and GWB connect to each other using the same tinc daemon they > use to connect with the nodes on their own networks, then yes, nodeA2 > will then be able to communicate with nodeB3. If possible, traffic > between those two nodes will go directly, without having to be > forwarded by GWA and GWB.
I've been able to perform a simple test with four machines (set up like nodeA2, GWA, GWB and nodeB3) and it worked like a charm. I had to add GWA and GWB's own addresses as Subnets because otherwise I couldn't ping them: when pinging GWB from GWA Tinc complained of the "Packet looping back" to itself. I guess GWA had no other way to know that GWB wasn't in its own Subnet than GWB being explicit about that. > It is OK to have two identical Subnets, however, one will have > priority over the other. So, while GWA and GWB are connected, packets > to X.Y.0.1 will go most likely only to GWA, whether it is sent from > nodeA2 or nodeB3. You can manually adjust the priority of Subnets (see > the manual). Sorry, but I don't understand. Nodes in Network A/B (except GWx) don't have access to the Internet (not even NAT), so nodeB3 doesn't even know GWA exists. In this case I guess priorities don't matter much since a node can only see the GWx in its network. Just for curiosity: do GWx share the Subnets they know, or do they simply handle a datagram for a Subnet they don't know to the other one? In the first case, I guess there'd be no problem in extending the number of GWx hosts (and thus connected networks) arbitrarily. Is that true? Thanks for your answers and also for a great software! -- Ivan Vilata i Balaguer -- https://elvil.net/ _______________________________________________ tinc mailing list [email protected] http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
