an other usage example

[Albi Rebmann]

>yes, in our case there is the problem, that for various reasons we use 
>192.168, 10.200, 172.120 /24 subnets for our VPNs and there is no way of
>changing  the IPs. When is understand correctly with the configurations you
>use all VPNs are Subnets of one BIG VPN-Net. Its just not the case.
>  
>
172.120. is offical ip range, 172.20 is private range, maybe you should 
change that.

For your situation (30 networks) tinc is really good, cause you never 
need to change routing.
You should setup tap0 device on boot and route all private networks to 
it. Start tinc and be happy :-) Only things you will have to do is 
exchange public key and add them to the server you want to connect. 
Really nice is, that you don't have to check structure. For make 
connection more stable use 2 uplinks for every connection. We run 2 
static servers with fixed ips and connect with some dynamic home 
netzworks to it. Works nice. Connections go to one or two of the static 
computers. Home networks even use only tcp, cause they can only connect 
and will not be connected. But this depends on what you need.
I run ping check for vpn tunnels, this means if ping does not work 
anymore I restart tinc. Funny thing is, on one computer we had often 
problems that tunnel did not work anymore, on other computer we never 
had this problem. But with small script, poblem is solved and normally 
tunnel works always if you need it.

Only really thing I miss is a windows version which works for XP service 
pack2. I tried that twice, but both times it did not work. Maybe I'm to 
stupid :) So if anybody can help me, I would be happy.


ALBI...