Automatic configuration of direct routes behind NAT
Pedro Côrte-Real
pedro at pedrocr.net
Wed Feb 22 14:40:20 CET 2012
Hi,
I've followed the guide at:
http://blogs.operationaldynamics.com/andrew/software/research/using-tinc-vpn
and have a working tinc VPN. Here's my topology:
- CentralNode has a fixed public IP address that everyone connects to
- Leaf1 and Leaf2 may have different IP addresses depending on where
they are, and usually those will be behind NAT (think, two laptops
going around and you get the idea).
I setup Leaf1 and Leaf2 to connect to CentralNode and they both do and
everyone can talk to everyone.
However, when both Leaf's are behind the same NAT it would be nice if
they were able to figure that out and not have to go through
CentralNode for everything. Since the IP addresses are always changing
I can't configure an Address option. Is tinc able to just try and use
whatever is the current IP address of the two hosts and see if it can
communicate? If they're behind the same NAT it would work and if not
it would just continue to go back and forth to CentralNode. In that
situation it would ideally use something like STUN so it could do away
with the central node even when both hosts are behind two different
NATs.
Is anything like this currently possible or planned?
Cheers,
Pedro
More information about the tinc
mailing list