bridging on debian stable endpoints - clarification

Guus Sliepen guus at tinc-vpn.org
Sat Sep 9 14:05:27 CEST 2006 

On Thu, Aug 31, 2006 at 01:16:35PM -0400, mooshii wrote:

> I would like to forward UDP and possibly IPX between the two  
> networks, so I thought it was necessary to bridge the networks  
> together.

You don't need to bridge for unicast UDP, but for broadcast packets and
IPX you indeed have to set up bridges.

> Both debian/stable machines will bind the ethernet NIC and the VPN  
> tunnel (which connects the two debian/stable machines) to a bridge,  
> and route packets as necessary based on ethernet mac addresses.

That's indeed the way to do it.

> This setup is like the example configuration on the tinc web page:
> http://www.tinc-vpn.org/examples/bridging
> and the two tinc daemons establish their connections (meta and data).  
> Both ends send out the proper packets on the vpn tunnel, and although  
> the data is received, it doesn't make it up the stack. tcpdump on  
> either end of the tunnel shows only outbound data.
> 
> It appears that the configuration is correct, but the daemon is at  
> fault. Specifically, it appears to be a known issue with tinc 1.0.3,  
> and the solution is to move to 1.0.4:
> http://brouwer.uvt.nl/pipermail/tinc/2006-January/001497.html
> Unfortunately that version is not available in debian/stable.
> 
> I'm looking for solutions to 'port' the tinc 1.0.4 daemon to debian/ 
> stable, or use a different tool to achieve the same objective (which  
> is to logically link/bridge the two segments together).

You should be able to compile tinc 1.0.4 on Debian stable. It might also
be possible to backport the unstable package to stable, by downloading
the source package, tweaking the build-depends and rebuilding it.

As for other tools, it should also be possible to set up a similar VPN
with OpenVPN.

-- 
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20060909/c24f249d/attachment.pgp

More information about the tinc mailing list