Connecting two overlay meshes into a single mesh

Ivan Vilata i Balaguer ivan at selidor.net
Wed Apr 4 01:30:14 CEST 2012 

Guus Sliepen (2012-04-03 21:33:18 +0200) wrote:

> On Tue, Apr 03, 2012 at 02:24:48PM +0200, Ivan Vilata i Balaguer wrote:
>
>>        nodeA1                                            nodeB3
>>          |                                                  |
>>     (Network A) --- [GWA] --- (Internet) --- [GWB] --- (Network B)
>>          |                                                  |
>>        nodeA2                                            nodeB4
> [...]
>> - nodeA1: X.Y.1.0/24
>> - nodeA2: X.Y.2.0/24
>> - GWA:    X.Y.0.0/16
> [...]
>> - nodeB3: X.Y.3.0/24
>> - nodeB4: X.Y.4.0/24
>> - GWB:    X.Y.0.0/16
>> 
>> My doubt is: if GWA and GWB also connect to each other using Tinc via
>> the Internet, would traffic from nodeA2 be routed by GWA and GWB to
>> nodeB3 and back?  Is it ok for Tinc that both GWA and GWB define the
>> same subnet?  Would GWA forward traffic not addressed to nodeAx nodes
>> to GWB?
>
> If GWA and GWB connect to each other using the same tinc daemon they
> use to connect with the nodes on their own networks, then yes, nodeA2
> will then be able to communicate with nodeB3. If possible, traffic
> between those two nodes will go directly, without having to be
> forwarded by GWA and GWB.

I've been able to perform a simple test with four machines (set up like
nodeA2, GWA, GWB and nodeB3) and it worked like a charm.  I had to add
GWA and GWB's own addresses as Subnets because otherwise I couldn't ping
them: when pinging GWB from GWA Tinc complained of the "Packet looping
back" to itself.  I guess GWA had no other way to know that GWB wasn't
in its own Subnet than GWB being explicit about that.

> It is OK to have two identical Subnets, however, one will have
> priority over the other. So, while GWA and GWB are connected, packets
> to X.Y.0.1 will go most likely only to GWA, whether it is sent from
> nodeA2 or nodeB3. You can manually adjust the priority of Subnets (see
> the manual).

Sorry, but I don't understand.  Nodes in Network A/B (except GWx) don't
have access to the Internet (not even NAT), so nodeB3 doesn't even know
GWA exists.  In this case I guess priorities don't matter much since a
node can only see the GWx in its network.

Just for curiosity: do GWx share the Subnets they know, or do they
simply handle a datagram for a Subnet they don't know to the other one?
In the first case, I guess there'd be no problem in extending the number
of GWx hosts (and thus connected networks) arbitrarily.  Is that true?

Thanks for your answers and also for a great software!
-- 
Ivan Vilata i Balaguer -- https://elvil.net/

More information about the tinc mailing list