switch mode, how to give a public IP behing a NAT
Guus Sliepen
guus at tinc-vpn.org
Tue Apr 3 21:52:27 CEST 2012
On Tue, Apr 03, 2012 at 09:28:59PM +0200, Cédric Lemarchand wrote:
> > Oh, you should give the bridge an IP address, the interfaces it bridges should
> > have no IP address. Anyway, can you show us the output of "ifconfig -a" and
> > "route -n" on V1, N1 and N2? That would help us understand better how you
> > configured your network.
> Sorry for the response latency, i cannot give any IP address for the
> bridge interface because my public range is full, and yes the bridged
> interfaces has no IP address on both sides.
You should not give the bridge another address, you should give it the address
that eth1 has, and you should remove that address from eth1 (using a command
like "ifconfig eth1 0.0.0.0" or "ip addr flush dev eth1"). If you give the
individual interfaces addresses, bridging might not work as you expect.
> It's a bit frustrating to fail to make Tinc work in ethernet mode, but i
> dont have more time to do more investigation. I have made a routed VPN
> with port forwarding, a weird config, but it's seems to work very well.
> (all the traffic comming on the public IP is forwarded to private IP of
> the video device behind the Tinc VPN).
There are usually multiple ways to achieve your goal :) I should have pointed
you to this proxy-ARP example, it might also do what you want without involving
the bridge:
http://tinc-vpn.org/examples/proxy-arp/
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20120403/6bad7511/attachment-0001.pgp>
More information about the tinc
mailing list