On Sun, Nov 19, 2017 at 05:42:37PM +0800, Mulianto wrote: > Hi, > > Subnet there means as , for this subnet you can reach via me (for ip route > command). > > For the host file there, means i am responsible for this area. Any packet > going to this area will pass through me. > > Your vpn can have multiple subnet/area. > > You can use hostname as the gateway but must make the dns resolv correct, and > it will need more config. > > You need to understand about subnetting to better understand this. > > Regards, > > Mulianto > > > Sent from my Mini Ipad > > > On 16 Nov 2017, at 19.56, Philip Blagoveschensky <[email protected]> wrote: > > > > Hello, I am not very good at linux networking. I have read tinc > > documentation > > multiple times and I still don't understand what the "Subnet = ..." > > directive > > does in /etc/tinc/$NET_NAME/hosts/$HOST_NAME > > > > Right now I have a simple virtual lan organized with tinc, and I use the > > following in every device's config file (replacing the last part of the > > address): > > > > # This computer will have this ip address in the vpn > > Subnet = 10.20.30.22/32 > > > > This allows me to connect to $HOST_NAME using ip address 10.20.30.22. > > > > Now what I don't understand is why the guides on how to use one of tinc > > peer as > > the default gateway tell me to write this too: > > > > Subnet = 0.0.0.0/0 > > > > I don't understand what this does. > > Why is it not enough to set routes on the client device like this? > > > > ip route add 0.0.0.0/0 via 10.20.30.22 dev $NET_NAME metric 40 > > ip route add $SERVER_IP_ON_INTERNET/32 via 192.168.0.1 dev enp3s0 > > > > Does all this mean, that it's impossible to sometimes use $HOST_NAME_1 as > > the > > default gateway and sometimes another $HOST_NAME_2, because their > > `Subnet = 0.0.0.0/0` will clash, and something will fuck up? > > > > -- > > Philip Blagoveschensky > > _______________________________________________ > > tinc mailing list > > [email protected] > > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > _______________________________________________ > tinc mailing list > [email protected] > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
Are you saying that if I want to reach XXX.XXX.XXX.XXX/32 via $HOST2 from $HOST1, then I not only need to set route 'XXX.XXX.XXX.XXX/32 via ip-address-of-$HOST2 dev tinc-dev' on $HOST1, but also need to have tinc Subnet records for $HOST2 that at least include 'Subnet = XXX.XXX.XXX.XXX/32'? And if I don't include that subnet in tinc configuration, but only set route on $HOST1 and allow packet forwarding on $HOST2, then it won't work? -- Philip Blagoveschensky
signature.asc
Description: PGP signature
_______________________________________________ tinc mailing list [email protected] https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
