Does tinc have any plan to add radius accounting/authentication(or flowing overview)?

[Guus Sliepen]

On Fri, Nov 09, 2012 at 05:05:37PM +0800, Misuzi wrote:

> I use tinc-vpn to create private mesh vpn networks between office and house
> in different locations and it works really well. But somehow I'm considering
> if there were any possibility to add radius support for single node traffic
> management.
> 
> I does think it will be really difficult to implement such functions as a
> feature of a mesh network,because all of the traffic was initiated end to end
> without any interventions from any server nodes. But is there any method to
> get some kind of flowing overview of a tinc network?

Tinc version 1.1 has per-node traffic counters (both number of packets and
number of byte) that you can query using a control interface. Indeed, a node
only counts traffic that is either sent from or received by itself, although in
principle you could connect to all nodes in a VPN to get the traffic statistics
of the whole VPN.

Tinc 1.1 comes with a utility called "tincctl" that can connect to a running
tinc daemon using this control interface and get some information from it. The
"tincctl top" command works like the regular "top" command, but instead of
processes and CPU time it shows you VPN nodes and the number of packets and
bytes received and transmitted.

If you really want RADIUS support then there are two options; either write a
small daemon that accepts RADIUS requests and forwards them to tincd using the
control interface, or to add RADIUS support directly into tinc. It is certainly
possible, but such a feature is low on my todo list, but I welcome any patches.

-- 
Met vriendelijke groet / with kind regards,
     Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20121110/bb061ccd/attachment.pgp>