From bf3343ca2d0c70750e5e3e04cccc229457a49eb5 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Thu, 11 Feb 2010 11:10:53 +0100 Subject: [PATCH] Use $INTERFACE in example tinc-up scripts. Also remove Device and TCPOnly statements from the examples. Add Interface statements where non-tinc related scripts use a fixed name for the VPN interface. --- examples/bridging.mdwn | 9 ++++----- examples/firewall.mdwn | 3 +-- examples/ipv6-network.mdwn | 26 +++++++++++--------------- examples/masquerading-firewall.mdwn | 3 +-- examples/on-firewall.mdwn | 4 ++-- 5 files changed, 19 insertions(+), 26 deletions(-) diff --git a/examples/bridging.mdwn b/examples/bridging.mdwn index ca5e6ec..8d43427 100644 --- a/examples/bridging.mdwn +++ b/examples/bridging.mdwn @@ -84,7 +84,7 @@ required if tinc was replaced with an actual switch or hub. ### Configuration of tinc -Note that switch' and hub' mode do not utilize the Subnet variable in the host +Note that switch and hub mode do not utilize the Subnet variable in the host files. Instead, any packet received by the bridge interface will be passed to the TUN/TAP device for processing. If your tinc instance is running in hub mode, all packets are forwarded to the remote tinc instance. In switch mode, @@ -93,16 +93,15 @@ forwarded to the remote tinc instance. > host# cat /etc/tinc/vpn/tinc.conf > Name = segment1 -> Device = /dev/tun > Mode = switch > ConnectTo = segment2 > > host# cat /etc/tinc/vpn/tinc-up > #!/bin/sh > -> ifconfig vpn 0.0.0.0 -> brctl addif bridge vpn -> ifconfig vpn up +> ifconfig $INTERFACE 0.0.0.0 +> brctl addif bridge $INTERFACE +> ifconfig $INTERFACE up > > host# ls /etc/tinc/vpn/hosts > segment1 segment2 ... diff --git a/examples/firewall.mdwn b/examples/firewall.mdwn index dee8c5e..2a97952 100644 --- a/examples/firewall.mdwn +++ b/examples/firewall.mdwn @@ -76,13 +76,12 @@ masquerading firewall example. > host# cat /etc/tinc/vpn/tinc.conf > Name = atwork -> Device = /dev/tun > ConnectTo = home > > host# cat /etc/tinc/vpn/tinc-up > #!/bin/sh > -> ifconfig vpn 192.168.10.20 netmask 255.255.0.0 +> ifconfig $INTERFACE 192.168.10.20 netmask 255.255.0.0 > > host# ls /etc/tinc/vpn/hosts > atwork home diff --git a/examples/ipv6-network.mdwn b/examples/ipv6-network.mdwn index 9ea6da4..653dc11 100644 --- a/examples/ipv6-network.mdwn +++ b/examples/ipv6-network.mdwn @@ -40,17 +40,15 @@ This document is to highlight an example setup for using tinc to create an IPv6 * "routera" configuration for tinc (the master router): > >cat tinc.conf > Name = routera -> Device=/dev/net/tun -> TCPOnly = on > Mode = switch > Interface = vpn6 > > >cat tinc-up > #!/bin/sh > #Enable tinc -> ip -6 link set vpn6 up mtu 1280 txqueuelen 1000 -> ip -6 addr add 2001:db8:beef::1/64 dev vpn6 -> ip -6 route add 2001:db8:beef::/48 dev vpn6 +> ip -6 link set $INTERFACE up mtu 1280 txqueuelen 1000 +> ip -6 addr add 2001:db8:beef::1/64 dev $INTERFACE +> ip -6 route add 2001:db8:beef::/48 dev $INTERFACE > #Static routing table > ip -6 route add 2001:db8:beef:2::/64 via 2001:db8:beef::2 > ip -6 route add 2001:db8:beef:3::/64 via 2001:db8:beef::3 @@ -63,30 +61,28 @@ This document is to highlight an example setup for using tinc to create an IPv6 > ip -6 route del 2001:db8:beef:3::/64 via 2001:db8:beef:::3 > ip -6 route del 2001:db8:beef:4::/64 via 2001:db8:beef:::4 > #Disable tinc -> ip -6 route del 2001:db8:beef::/48 dev vpn6 -> ip -6 addr del 2001:db8:beef::1/64 dev vpn6 -> ip -6 link set vpn6 down +> ip -6 route del 2001:db8:beef::/48 dev $INTERFACE +> ip -6 addr del 2001:db8:beef::1/64 dev $INTERFACE +> ip -6 link set $INTERFACE down > * "routerb" configuration for tinc (the other non-master routers will be like this one): > >cat tinc.conf > Name=routerb -> Device=/dev/net/tun -> TCPOnly = yes > Mode = switch -> Interface = vpn6 > ConnectTo = routera +> Interface = vpn6 > > >cat tinc-up > #!/bin/sh -> ip -6 link set vpn6 up mtu 1280 -> ip -6 addr add 2001:db8:beef::2/64 dev vpn6 +> ip -6 link set $INTERFACE up mtu 1280 +> ip -6 addr add 2001:db8:beef::2/64 dev $INTERFACE > ip -6 route add default via 2001:db8:beef::1 > > >cat tinc-down > #!/bin/sh > ip -6 route del default via 2001:db8:beef::1 -> ip -6 addr del 2001:db8:beef::2/64 dev vpn6 -> ip -6 link set vpn6 down +> ip -6 addr del 2001:db8:beef::2/64 dev $INTERFACE +> ip -6 link set $INTERFACE down 5. You can use [radvd](http://www.litech.org/radvd/) or [Quagga](http://www.quagga.net/) to perform [stateless address autoconfiguration](http://www.ietf.org/rfc/rfc2462.txt) on your LAN. This is an example zebra.conf for LAN autoconfiguration (don't forget to enable the zebra daemon): > ipv6 forwarding diff --git a/examples/masquerading-firewall.mdwn b/examples/masquerading-firewall.mdwn index 63377c1..75d6f75 100644 --- a/examples/masquerading-firewall.mdwn +++ b/examples/masquerading-firewall.mdwn @@ -72,13 +72,12 @@ The network setup is as follows: > host# cat /etc/tinc/vpn/tinc.conf > Name = atwork -> Device = /dev/tun > ConnectTo = home > > host# cat /etc/tinc/vpn/tinc-up > #!/bin/sh > -> ifconfig vpn 192.168.10.20 netmask 255.255.0.0 +> ifconfig $INTERFACE 192.168.10.20 netmask 255.255.0.0 > > host# ls /etc/tinc/vpn/hosts > atwork home diff --git a/examples/on-firewall.mdwn b/examples/on-firewall.mdwn index e2cce3f..e645168 100644 --- a/examples/on-firewall.mdwn +++ b/examples/on-firewall.mdwn @@ -94,13 +94,13 @@ The network setup is as follows: > firewall# cat /etc/tinc/vpn/tinc.conf > Name = office -> Device = /dev/tun > ConnectTo = branch +> Interface = vpn > > firewall# cat /etc/tinc/vpn/tinc-up > #!/bin/sh > -> ifconfig vpn 10.20.30.1 netmask 255.255.0.0 +> ifconfig $INTERFACE 10.20.30.1 netmask 255.255.0.0 > > firewall# ls /etc/tinc/vpn/hosts > office branch employee_smith employee_jones ... -- 2.20.1