Big network, small devices
Guus Sliepen
guus at tinc-vpn.org
Tue Apr 10 12:52:10 CEST 2012
On Tue, Apr 10, 2012 at 10:14:21AM +0200, Ivan Vilata i Balaguer wrote:
> However, this brings another question related with the setup I described
> on a previous post:
>
> nodeA1 nodeB3
> | |
> (Network A) -- gwA --- (Internet) --- gwB --- (Network B)
> | |
> nodeA2 nodeB4
>
> nodeA1 and nodeA2 ConnectTo gwA, gwA to gwB (and vice versa), and nodeB3
> and nodeB4 to gwB. Then if I understood well, a VPN packet sent from
> nodeA1 to nodeB3 may be sent by nodeA1 straight to nodeB3's real address
> (same for nodeA1 to nodeA2). However, both Network A and Network B use
> private addresses and what's more, the same addresses may be present in
> both networks!
>
> So I don't see a problem in communications inside one network, but how
> does tinc handle the nodeA1 -> nodeB3 situation? Maybe nodeA1 tries to
> establish a TCP meta-connection with nodeB3 before trying to send data
> and when the connection fails it uses gwA's route instead? Wouldn't the
> timeout increase latency substantially from time to time?
Tinc will always start sending packets via known working connections. So the
first packet of A1 will be sent via gwA and gwB to B3. In the background, it
will try to set up a direct connection to B3. This will fail of course, but it
should not have an effect on latency.
> Thanks a lot, Guus. And sorry for my insistence in all those technical
> details, but our project has some atypical requirements and being able
> to use tinc would be a great boon and a time saver for us. :)
No problem!
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20120410/068ae060/attachment.pgp>
More information about the tinc
mailing list