Connecting two overlay meshes into a single mesh
Guus Sliepen
guus at tinc-vpn.org
Tue Apr 3 21:33:18 CEST 2012
On Tue, Apr 03, 2012 at 02:24:48PM +0200, Ivan Vilata i Balaguer wrote:
> Hi everyone. I'm wondering whether a setup like the one described below
> would be possible with Tinc:
>
>
> nodeA1 nodeB3
> | |
> (Network A) --- [GWA] --- (Internet) --- [GWB] --- (Network B)
> | |
> nodeA2 nodeB4
[...]
> - nodeA1: X.Y.1.0/24
> - nodeA2: X.Y.2.0/24
> - GWA: X.Y.0.0/16
[...]
> - nodeB3: X.Y.3.0/24
> - nodeB4: X.Y.4.0/24
> - GWB: X.Y.0.0/16
>
> I know that both separate Tinc meshes would work with a setup like the
> one described in the link above (I checked!).
>
> My doubt is: if GWA and GWB also connect to each other using Tinc via
> the Internet, would traffic from nodeA2 be routed by GWA and GWB to
> nodeB3 and back? Is it ok for Tinc that both GWA and GWB define the
> same subnet? Would GWA forward traffic not addressed to nodeAx nodes to
> GWB?
If GWA and GWB connect to each other using the same tinc daemon they use to
connect with the nodes on their own networks, then yes, nodeA2 will then be
able to communicate with nodeB3. If possible, traffic between those two nodes
will go directly, without having to be forwarded by GWA and GWB.
It is OK to have two identical Subnets, however, one will have priority over
the other. So, while GWA and GWB are connected, packets to X.Y.0.1 will go most
likely only to GWA, whether it is sent from nodeA2 or nodeB3. You can manually
adjust the priority of Subnets (see the manual).
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20120403/50345218/attachment.pgp>
More information about the tinc
mailing list