Direct connections between nodes are in the same LAN (behind common NAT)
Donald Pearson
donaldwhpearson at gmail.com
Tue Feb 22 05:48:52 CET 2011
I think this is what "indirectdata = yes" is used for in the host files?
On Mon, Feb 21, 2011 at 8:00 PM, <kolesnikov at infonetwork.ru> wrote:
> Hi
>
> I'm trying to implement a scheme in which the nodes will have a direct UDP
> tunnel to each other.
> First, all nodes make connection with one public node, and then make
> connections with each other.
>
> And I came across the following problem:
> Remotely located nodes can establish a direct UDP connection, but the nodes
> that are in the same local network can not, and all traffic goes through the
> public node.
> In the log files I see that the nodes can not agree on the MTU.
>
> 1298030480 tinc.vpn[4056]: No response to MTU probes from client_01
>
> I understand this so that local nodes can not receive messages MTU probe
> from each other. Although from the remote nodes they successfully receive
> these messages.
>
> Tell me please, how can I solve this problem?
>
>
>
> Additional information:
>
> I have 4 nodes:
> 1) VPNGATE - public node and all the other nodes are connected with it.
> 2) CLIENT_01, CLIENT_02 - nodes are located in the same LAN.
> 3) CLIENT_03 - remotely located node.
>
>
> === VPNGATE ===
> tinc/vpn/hosts/vpngate
> tinc/vpn/hosts/client_01
> tinc/vpn/hosts/client_02
> tinc/vpn/hosts/client_03
>
> ... tinc.conf:
> AddressFamily = ipv4
> BindToAddress = x.x.x.x (public IP address)
> BindToInterface = eth0
> Name = vpngate
> Device = /dev/net/tun
> PrivateKeyFile = /etc/tinc/vpn/rsa_key.priv
> Mode = switch
>
>
> === CLIENT_0X ===
> tinc/vpn/hosts/vpngate
> tinc/vpn/hosts/client_0X
>
> ... tinc.conf:
> AddressFamily = ipv4
> Name = client_0X
> ConnectTo = vpngate
> Interface = tinc.vpn
> PrivateKeyFile = C:\Program Files\tinc\vpn\rsa_key.priv
> Mode = switch
>
>
> === HOST FILES ===
> VPNGATE:
> Compression = 9
> Address = x.x.x.x (public IP address)
> Subnet = 192.168.10.0/24
> Port = 655
> -----BEGIN RSA PUBLIC KEY-----
>
> CLIENT_0X:
> Compression = 9
> Subnet = 192.168.10.X/32
> -----BEGIN RSA PUBLIC KEY-----
>
>
> and when I have full connectivity:
>
> ping CLIENT_01 ---> VPNGATE = 150 ms
> ping CLIENT_01 ---> CLIENT_03 = 15 ms
> ping CLIENT_01 ---> CLIENT_02 = 300 ms
>
>
> Best regards,
> Dmitry Kolesnikov
>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20110221/0dcaa627/attachment.htm>
More information about the tinc
mailing list