Routing and keying Questions
sich
sich at cafe-philo.net
Sun Jul 6 16:37:25 CEST 2008
Frithjof Hammer a écrit :
> My Questions:
> * Is this (nodes can talk to eachother without having the crypto keys) the
> correct behavior?
>
Yep, each node contact the other to distribute the network information.
> * What can I do get my desired behavior (only nodes sharing the keys of
> eachother can talk) ?
>
You can build 2 different network. So there is no problem to share the keys.
Then on B you have 2 tincd daemon on 2 different port and 2 different
configuration. Then you start your 2 tincd with the network name like
tincd -n vpn1 and tincd -n vpn2.
The other way is to configure your firewall to only allow traffic that
you want.
> * sending a killall -USR2 tincd gets me a lot of nice debug stuff. Is there a
> documentation what is meant by the option value and the weight value?
>
I don't know this.
> * Is there a posibility to resolve the routing path through a tinc mesh?
>
Tinc only give you a virtual interface.... Is your job to resolve
routing or filtering issue.
>
> I don't want to setup two vpns because my scenario is more complex: It
> involves seven nodes and I want to define for each and everyone of them to
> which other nodes they may talk to.
>
Then work with static routing or configure your firewall if you don't
wan't to have multiple vpn daemon...
> Any hints?
>
> Thanks
> Frithjof
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>
More information about the tinc
mailing list