IDEA: How to change the mesh without changing config files.
Albi Rebmann
albi at albi.life.de
Tue Mar 2 16:32:13 CET 2010
> Albi, your solution, given what Guus has said, means that 3 key pairs need
> to be created at the beginning corresponding to three server/dns records,
> right? I.e. if i do not want to change client config files, i need to move
> each server's key pair to the new server if i decide to change it?
You need to have all public keys of 3 servers on all servers and all
clients. You need all public keys of clients on all servers. If you move
server, you move private key of this server and public keys of all servers
and clients. Public key is no problem, you can even publish it on the web
:-)
> BTW, can tinc handle multiple connections between nodes? I.e. if 2 nodes
> connect to each other using 2+ links, i.e. different ports on one IP or 2
> different IPs.
Why you want multiple tunnels between same computers?
You (clients) will have 3 tunnels to 3 servers as maximum (1 is minimum).
Routing will be handled by tinc. Servers must connect to each other too.
I have tinc network with 2 servers, they connect directly and clients
connect to both servers, so one server can go down without any problem for
vpn.
ALBI...
More information about the tinc
mailing list