The method that I used to accomplish this with some buddies was with some non-standard subnetting.<div><br></div><div>example:</div><div><br></div><div>Joe configures his house to use <a href="http://192.168.1.0/24">192.168.1.0/24</a></div>
<div>Tim configures his house to use <a href="http://192.168.2.0/24">192.168.2.0/24</a></div><div>Bob configures his house to use <a href="http://192.168.3.0/24">192.168.3.0/24</a></div><div><br></div><div>All 3 individuals stand up Tinc in switched mode (there is no "subnet" setting for tinc when in switched mode).</div>
<div><br></div><div>Now, any devices that you wish to participate in the VPN, you change their subnet mask from from 255.255.255.0 to 255.255.0.0 (/16 instead of /24). In that way the devices with the /16 subnet mask will consider any 192.168.x.x IP to be on the LAN, and Tinc will provide that switched fabric for them, making it work.</div>
<div><br></div><div>Nothing else special needs to be done on anybody's network. Devices that you choose not to reconfigure with the new subnet mask, will still be able to communicate with your modified subnet mask devices. </div>
<div><br></div><div>But there is one caveat. All broadcasts will make it across the VPN. I actually had problems where members of the VPN would pull DHCP address from *other members*. So Joe with his <a href="http://192.168.1.0/24">192.168.1.0/24</a> network would turn on his computer and when it requested DHCP, somehow Tim's router would respond faster, and Joe's computer would receive a 192.168.2.x address. So, any internet traffic from that computer would first traverse the VPN and exit to the internet via Tim's internet gateway.</div>
<div><br></div><div>My ultimate solution to this that I liked very much was the "ebtables" package for linux. It's very much like IP tables but it works on frames at layer 2, and can therefore catch and drop dhcp traffic and any other traffic you may want to stop, such as UPnP requests from your friends poking holes in your firewall. :)<br>
<br><div class="gmail_quote">On Sat, Oct 1, 2011 at 6:55 AM, Sich <span dir="ltr"><<a href="mailto:sich@cafe-philo.net">sich@cafe-philo.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Le 30/09/2011 14:48, Leon Merten Lohse a écrit :<div class="im"><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Howdy,<br>
<br>
I would like to bring this topic up again. Gaming via tinc. We use tinc-1.0.16 on Linux, Win7 and WinXP so far.<br>
Setup was pretty straight forward. All the nodes have mode set to switch and subnet to <a href="http://10.0.0.0/24" target="_blank">10.0.0.0/24</a>.<br>
Ping works, smb shares work. Everything seems fine BUT connecting ingame only works with 1 out of 5 games.<br>
In some games, we see each other in the lobby. I conclude, that UDP broadcasts work. In some games only the Win7 machine sees the WinXP machine. But even then, most games crash, when we try to actually connect.<br>
<br>
I doubt this is a limitation of tinc. It's more likely to be a configuration problem, I guess.<br>
<br>
Any ideas?<br>
Thanks in advance.<br>
<br>
Regards<br>
Leon<br>
</blockquote>
<br></div>
Hello,<br>
<br>
In some games the broadcast is only send on one interface...<br>
If you want to use tinc for gaming you will need to have only 1 ethernet interface.<br>
For this you have to build a bridge between your local card and the tinc virtual card.<br>
<br>
With this you will have to setup all your local lan on the same network that the vpn (in your case <a href="http://10.0.0.0/24" target="_blank">10.0.0.0/24</a>).<br>
Take care on duplicate ip on all the network (your but the others to) and for dhcp server... The dhcp will go through the vpn, and your dhcp server can provide ip for people on other network.<br>
<br>
It's the only way I have found to be able to play on all games through LAN.<br><font color="#888888">
<br>
Sich</font><div><div></div><div class="h5"><br>
______________________________<u></u>_________________<br>
tinc mailing list<br>
<a href="mailto:tinc@tinc-vpn.org" target="_blank">tinc@tinc-vpn.org</a><br>
<a href="http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" target="_blank">http://www.tinc-vpn.org/cgi-<u></u>bin/mailman/listinfo/tinc</a><br>
</div></div></blockquote></div><br></div>