need help on tinc route problem

Zhang Jun gb2313 at gmail.com
Mon Feb 29 09:12:08 CET 2016 

my network:

local pc(192.168.1.2)-->openwrt_adsl_router A(
192.168.1.1/24&11.22.33.44pppoe&10.10.10.1/24 tinc)<---remote B:
10.10.20.1/24
                                                                    ^
                                                                    |
                                             remote C:10.10.0.1/24


all running tinc 1.0.x,

ADSL router runs as a "server"(only one tinc instance), listening on some
port,
client B and C connect to ADSL router,
from my pc I need to:
1. Access B's subnet 192.168.50.1/24
2. Access some WAN websites via C
3. no traffic between B and C
4. other traffic goes to pppoe interface by default

here are the config files:
A: router

tincd.conf:
device = /dev/net/tun
name = vpn
interface = vpn
addressFamilay = ipv4

##
Address=xxx.dyndns.org
Port=xxx port
subnet=10.10.10.0/24
Subnet=192.168.1.0/24

##tinc-up:
ifconfig vpn 10.10.10.1/24 up
route add -host 10.10.0.1 dev vpn
route add -net 10.10.0.0/24 gw 10.10.0.1

route add -host 10.10.20.1 dev vpn
route add -net 10.10.20.0/24 gw 10.10.20.1
route add -net 192.168.50.0/24 gw 10.10.20.1   (requirement .1)

route add -net many websites networks gw 10.10.0.1 (requirement .2)
...
###########################
B:
connectTo=vpn
##
Subnet=10.10.20.0/24
Subnet=192.168.50.0/24

##
ifconfig Binc 10.10.20.1/24 up
route add -host 10.10.10.1 dev Binc
route add -net 10.10.10.0/24 gw 10.10.10.1
route add -net 192.168.1.0/24 gw 10.10.10.1
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

###########################
C:
connectTo=vpn
##
Subnet=10.10.0.0/24
Subnet=0.0.0.0/1     ----------> this line only exists in server
C:/etc/tinc/hosts/C, but I guess it can be learned by router node

##
ifconfig Cinc 10.10.0.1/24 up
route add -host 10.10.10.1 dev Cinc
route add -net 192.168.1.0/24 gw 10.10.10.1
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

########################
router has B and C host files, B don't have C's and C don't have B's host
file

this works fine for me,

but today, I need to access a WAN server(5.6.7.8) via B, so I added a route:
route add -host 5.6.7.8 gw 10.10.20.1 (B)
I thought it should work like other routes, but the traffic still goes
through C,
after examine the config, I think the problem maybe because of only  C has
"Subnet=0.0.0.0/1"

my questions are:
1. why packet has route with default gw to B can be routed to C ? is it
right behavior?
2. how to route 5.6.7.8 via B ? add "Subnet=0.0.0.0/1" to B's host file ?
I have some trouble to test this now, because B is not easy to access,(best
way is let it connect to me)
also, even this way works, I don't want other networks's traffic(added
route for C) goes through B, or randomly.
3. I removed "Subnet=0.0.0.0/1" from C, then all route(to WAN) via B/C not
work anymore, is there anyway to
let those "route add (WAN networks) gw 10.10.0.1" works without the "Subnet=
0.0.0.0/1" ?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160229/66be5549/attachment.html>

More information about the tinc mailing list