single host with two different ports
Rob Townley
rob.townley at gmail.com
Wed Dec 23 18:46:27 CET 2009
On Wed, Dec 23, 2009 at 10:08 AM, Guus Sliepen <guus at tinc-vpn.org> wrote:
> On Wed, Dec 23, 2009 at 09:26:12AM -0600, Rob Townley wrote:
>
>> > That's unfortunately not supported by tinc (yet). You can have multiple
>> > Addresses, but only one Port statement in host config files.
>>
>> Dynamic ports handled by dynamic dns SRV and TXT records would make
>> this so much easier.
>>
>> tinc client connects to ddns based server. ddns updates SRV and TXT
>> records with firewall outgoing dynamic port number.
>
> Ok, I'll have a look how hard it is to query SRV records. Otherwise, I'll
> probably just make it so you can also specify a port number in an Address
> statement.
>
>> The only host file needed would be the users own tinc dns server as
>> long as tinc added the capability to look up hosts, port numbers, and
>> keys in dns.
>
> Tinc can already look up hostnames. But keys in DNS is not so easy. Sure you
> can put a public key in a TXT or other type of record, but then you have to
> trust DNS to be secure. You would need some kind of authentication for that,
> but that's planned for tinc 2.0.
The sysadmin would run a dns server accessible only to his own tinc
clients and specified in the only host record needed to be
distributed. ..../tinc/tincvpnnet/hosts/dns
KEY is a dns record type for storing public keys.
http://en.wikipedia.org/wiki/List_of_DNS_record_types
>
> --
> Met vriendelijke groet / with kind regards,
> Guus Sliepen <guus at tinc-vpn.org>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
>
> iEYEARECAAYFAksyQJYACgkQAxLow12M2nulygCfcRHeJTRYhT1YJa9/ajI3NCGl
> v뀉⺆�缢⾐ᐂ銥�
> =fhyF
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>
>
More information about the tinc
mailing list