local address announcements
Daniel Schall
Daniel-Schall at web.de
Tue Nov 23 23:13:01 CET 2010
> > > Tue Nov 23 18:09:42 2010: Unable to sign multicast response to
> > > clientbp
> >
> > My algorithm is able to sign multicast packets only if a key exchange
> > has occurred before.
> > (key exchange happens when you first contact the other node.)
> > Therefore, if you ping the nodes once (over the tinc interface), the
> > keys should get exchanged and multicast signing should work.
> > Yes, this is an issue that could easily be improved.
> >
> > Anyway, the code is still beta, it works most of the time, but I
> > experience some strange behavior too.
> > Sometimes, nodes do not see each other, but I did not yet find out, why.
>
> I can confirm that it doesn't work always :-) Well, can't get it to work.
> Currently I installed both keys on each server - I assume that is
neccessary?
>
>
Assuming we have three nodes (A, B and C).
A acts as a server and has the keys of B and C.
B and C do not have each other's keys, only the key from A.
Nevertheless should B and C be able to establish a direct UDP connection:
They first exchange keys with A to establish a meta connection.
A tells B, how C can be reached, and vice-versa.
After exchanging keys over the meta connection they both have with A, B and
C are able to directly communicate.
This applies to the "standard" packet exchange as well as my multicast/local
approach.
More information about the tinc-devel
mailing list