wonder about redirect-gateway subnet/switch-mode
Guus Sliepen
guus at tinc-vpn.org
Tue Jun 21 17:38:13 CEST 2011
On Tue, Jun 21, 2011 at 10:46:33PM +0800, Xuefer wrote:
> quoted from http://www.tinc-vpn.org/examples/redirect-gateway/
> "In fact, one does not have to set the VPN_GATEWAY variable at all. In
> switch mode, the gateway routes are necessary"
> i don't get it. it's is too short to understand. is VPN_GATEWAY set by
> tinc in switch mode? and why is "In switch mode, the gateway routes
> are necessary" mentioned here suddenly?
It is indeed a bit unclear, perhaps it is better with the whole last paragraph
removed.
> afaik, Subnet is announce by node itself to other nodes. that mean i
> cannot set, for example. subnet=1.2.3.4/32 in hosts/X within nodeA,
> while subnet=5.6.7.8/32 in hosts/X within nodeB
You can do the latter if you also use StrictSubnets = yes AND Forwarding =
kernel.
> so, is it correct that i cannot have 0.0.0.0/0 for *two* gateway node
> as in http://www.tinc-vpn.org/examples/redirect-gateway/ ?
You can do that (without needing the above options). Packets are then sent to
only one of the two gateway nodes, unless it is not reachable, in which case
they will be sent to the other one. You can use Subnet weights to explicitly
give one of the nodes a higher priority than the other.
> mode=switch/hub instead of router have to be used in this case ?
That would work as well.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20110621/3c49e89f/attachment.pgp>
More information about the tinc
mailing list