No connection between nodes on same LAN

[Daniel Schall]

Thank you guys for your answers.

 

> If you only have the nodes behind the NAT ConnectTo the node with a public
IP

> address, they will never be able to discover that they are on the same
LAN.

> However, if you add a "ConnectTo = Node2" to Node1's tinc.conf, and add

> "Address = 192.168.0.102" to Node1's hosts/Node2 file, then it will make a

> direct connection.

 

Unfortunately, the nodes get their IP by DHCP, so a fixed address would not
help.

Setting up a local node behind each router with a static IP is also not
possible, since my nodes are often on-the-go in foreign networks, where I am
unable to set up static addresses by myself.

 

> Tin does no autoconnect to each other, it does only connect if you set

> "connectto" line in tinc.conf. But tinc does mesh after connect, so all

> connections will be announced and packtes will find destination

> automaticly.

 

As far as I understood the documentation, "connectto" is used to connect
nodes to each other in order to exchange meta-information, where each node
is located at (IP:PORT).

The actual "meshing" always occurs directly between all nodes, unless this
is impossible due to firewalls etc.

So shouldn't it be enough to connect all nodes to a centralized one (Node3),
where they can exchange their address-details in order to connect diretly to
those addresses afterwards?

 

I have attached a sketch of my issue.

The upper half shows the physical setup with 3 nodes, one static and two
behind a router.

The bottom half shows the communication flow between node1 and node2. The
packets follow the line to the NAT-Port, get passed to the other NAT-Port
and back to the target node.

The dottet line shows the desired flow, which would be much shorter than
going over the router.

 

In my opinion, tinc does not support multiple endpoints, hence Node3 saves
only the publicly visible (NATed) endpoints for Node1 and Node2.

The privately visible endpoints in the LAN are not saved and announced back.
Therefore, Node1 and Node2 never know, they are on the same network.

 

Do you have any advice for me, how to achieve the desired behavior?

I'd suggest that each node announces its local endpoint to other nodes on
connectto and the other node saves this endpoint together with the publicly
visible one where it sees the packets coming from.

That would enable each node to select the "best" endpoint to connect to the
other node.

This selection could either be algorithmic by calculating the shortest
distance to the other endpoint or by trying out and selecting the one with
the lowest round trip time.

 

 

Best

 

Daniel

-------------- n?chster Teil --------------
Ein Dateianhang mit HTML-Daten wurde abgetrennt...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20100507/cca3b129/attachment-0001.htm>
-------------- n?chster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname   : TINC.jpg
Dateityp    : image/jpeg
Dateigröße  : 22744 bytes
Beschreibung: nicht verfügbar
URL         : <http://www.tinc-vpn.org/pipermail/tinc/attachments/20100507/cca3b129/attachment-0001.jpg>