Thanks, let me give a try, and get back to you. :-)
> On 1 May 2017, at 3:29 PM, Narcissus Emi <[email protected]> wrote: > > I don't really think Address config in node description will decide it will > listening for the public connection or not. From my own case, even if a real > private node(pppoe dynamic address, tcp port listening not allowed, but Udp > allowed) can have a p2p direct connection, I think it based on udp NAT > traverse, but if you use TCPonly for this node, and also forbidden the > incoming traffic to this public TCP port, it will definitely working on a > intermediate only mode. Maybe just try it out,l ;) > > -- > Narcissus Emi > 日時: 2017年5月1日 15:24:26, Bright Zhao ([email protected] > <mailto:[email protected]>) が書きました:: > >> Oh, thanks, in my current case, I haven’t config “Address” parameter in A’s >> host config, is this will make A prohibited it listen on the tinc ports? >> >> Question: >> 1. if I config “Address” in A’s config, and even though A is in a private >> subnet, it might still possible for A to establish connection with X(X is >> public IP address)? >> 2. If there any parameter to disable the direct connection discovery, and >> only allow to through intermediate node? >> >> >>> On 1 May 2017, at 3:16 PM, Narcissus Emi <[email protected] >>> <mailto:[email protected]>> wrote: >>> >>> Indeed it depends, tinc will have a port listening for incoming >>> connections(both tcp and udp), if A have exposed its listening ports, a >>> direct connection will be tried to build between the nodes, otherwise it >>> will go from the intermediate node. >>> >>> -- >>> Narcissus Emi >>> 日時: 2017年5月1日 15:12:16, Bright Zhao ([email protected] >>> <mailto:[email protected]>) が書きました:: >>> >>>> H, Narcissus >>>> >>>> Quick one for the below case, if node A have a direct connection to node >>>> B, and node B have a connection to node X, then I found node A will be >>>> able to talk to node X, but the communication path is go through node B, >>>> instead of build direct connection between A and X, is that right? I >>>> tested this in my environment. >>>> >>>> A >> B >> X >>>> >>>>> On 1 May 2017, at 3:07 PM, Narcissus Emi <[email protected] >>>>> <mailto:[email protected]>> wrote: >>>>> >>>>> X-up is being called when any connection is being built between node A >>>>> and node X, it doesn't have anything to do whether you have connectTo in >>>>> the config file or not. >>>>> Because tinc is a mesh network, if node A have a direct connection to >>>>> node B, and node B have a connection to node X, you can have a connection >>>>> between A and X, and X-up is being called at the moment when it built a >>>>> connection on demand. >>>>> >>>>> -- >>>>> Narcissus Emi >>>>> 日時: 2017年5月1日 14:15:14, Bright Zhao ([email protected] >>>>> <mailto:[email protected]>) が書きました:: >>>>> >>>>>> Hi, Tinc Expert >>>>>> >>>>>> in my tinc.conf, the ConnectTo to host X is commented, like below: >>>>>> >>>>>> #ConnectTo = X >>>>>> >>>>>> and there is a script: /etc/tinc/netname/hosts/X-up, I thought commented >>>>>> the ConnectTo X wouldn’t trigger the X-up, but it did. >>>>>> >>>>>> Why? What’s the logic behind to trigger host-up? How can I avoid this >>>>>> except remove the host-up file? >>>>>> >>>>>> >>>>>> Bright Zhao >>>>>> _______________________________________________ >>>>>> tinc mailing list >>>>>> [email protected] <mailto:[email protected]> >>>>>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >>>>>> <https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc> >>>>> _______________________________________________ >>>>> tinc mailing list >>>>> [email protected] <mailto:[email protected]> >>>>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >>>>> <https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc> >>>> >>>> _______________________________________________ >>>> tinc mailing list >>>> [email protected] <mailto:[email protected]> >>>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >>>> <https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc> >>> _______________________________________________ >>> tinc mailing list >>> [email protected] <mailto:[email protected]> >>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >>> <https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc> >> >> _______________________________________________ >> tinc mailing list >> [email protected] <mailto:[email protected]> >> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >> <https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc> > _______________________________________________ > tinc mailing list > [email protected] > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
_______________________________________________ tinc mailing list [email protected] https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
