Basic configuration problem

Ryan Rustong ryan.rustong at gmail.com
Mon Sep 17 18:23:51 CEST 2012 

Hi Guus,

Thank you for the information, I need to brush up on my Linux routing
information, as it is apparently not the same as Cisco :).  Unfortunately I
am still not getting any traffic to traverse the VPN.


On Sat, Sep 15, 2012 at 7:23 AM, Guus Sliepen <guus at tinc-vpn.org> wrote:

> The response "Destination Net Unknown" means that tinc does not know where
> to
> send packets with IP address 192.168.1.2 to.
>

I thought that since my route table had an entry for the entire
192.168.0.0/16 subnet from the tinc-up script it would not need a more
specific route.  Does this route not tell the server to send the traffic
over the tunnel interface?
192.168.0.0     *               255.255.0.0     U     0      0        0 tun0

You should add "Subnet = 192.168.1.1" to hosts/server1, and "Subnet =
> 192.168.1.2" to hosts/client1. Then the ping command should work.
>

I tried adding this to each host file but have not noted any difference.


> Alternatively, you can use "Mode = switch" in tinc.conf and omit all the
> Subnet
> statements.
>
> Indeed this does work.  However, I would rather not use switch mode as I
would like to limit the broadcast domain and be able to set firewall rules
on traffic if necessary.


> I suggest the following configuration:
>
> hosts/server1:
>
> Address = 1.1.1.1
> Subnet = 10.18.73.0/24
>
> server1's tinc-up:
>
> #!/bin/sh
> ifconfig $INTERFACE 10.18.73.23 netmask 255.0.0.0
>
> hosts/client1:
>
> Subnet = 10.0.2.0/24
>
> client1's tinc-up:
>
> #!/bin/sh
> ifconfig $INTERFACE 10.0.2.15 netmask 255.0.0.0
>
> That way, you should be able to ping 10.0.2.15 directly from the server.
>
> I did not realize that the same IP address can be used on multiple
interfaces.  Unfortunately this does not work either.

What I have noticed in the logs is that I both send and receive the
ADD_SUBNET statements for each of the subnets in my host config files, but
I don't see any change on the route tables.  Shouldn't I be able to see a
route in my route table for each of the routes that is added?  Is there
something I may be doing wrong with how it starts that is preventing it
from making entries in the route table?

Thanks for your help,
Ryan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20120917/2ede68c6/attachment.html>

More information about the tinc mailing list