Address Variabme for Roadwarriors]

[Guus Sliepen]

On Sun, Oct 24, 2004 at 06:19:49PM -0500, Lonnie Cumberland wrote:

> What I want to do is this. Take your documentation example where you 
> have 4 hosts, A, B, C, and D.  You state that B, C will connect to A and 
> that D will connect to C.
> 
> In my case, I will have node C being a road warrior and node D wants to 
> connect to it who is also a road warrior. 
> 
> My solution to this is to have a private DNS inside the VPN network, 
> maybe on node A for example, such that all nodes can see the DNS server 
> and in the case of the road warriors, nodes C & D, we will have that D 
> can find C because it resolved the 10.0.0.21 ip, for example, from our 
> private VPN DNS.
> 
> At least that is the idea anyway.
> 
> As I understand things now, a roadwarrior host that is going to allow 
> connection other connections must use something like dyndns to allow 
> others to resolve a "real" ip.
> 
> I want to find a way to allow the roadwarior host to allow connections 
> by letting other nodes in the vpn resolve the roadwarrior host through 
> the private VPN DNS instead of the service like dyndns.

It's still not very clear to me. There are VPN addresses (for example,
from the 10.0.0.0/8 subnet) and real IP addresses (ie, ones that can be
reached from the Internet). When you say "other nodes in the vpn resolve
the roadwarrior host", do you mean that they have a "ConnectTo =
roadwarrior" in their tinc.conf, and that in hosts/roadwarrior they have
"Address = roadwarrior.internal.dns", and that the VPN DNS server
resolves roadwarrior.internal.dns to the real IP address of the
roadwarrior?

-- 
Met vriendelijke groet / with kind regards,
    Guus Sliepen <guus at sliepen.eu.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20041025/42fb1d03/attachment.pgp