Basic configuration problem

Ryan Rustong ryan.rustong at gmail.com
Mon Sep 17 18:57:01 CEST 2012


On Mon, Sep 17, 2012 at 9:23 AM, Ryan Rustong <ryan.rustong at gmail.com>wrote:

> I suggest the following configuration:
>>
>> hosts/server1:
>>
>> Address = 1.1.1.1
>> Subnet = 10.18.73.0/24
>>
>> server1's tinc-up:
>>
>> #!/bin/sh
>> ifconfig $INTERFACE 10.18.73.23 netmask 255.0.0.0
>>
>> hosts/client1:
>>
>> Subnet = 10.0.2.0/24
>>
>> client1's tinc-up:
>>
>> #!/bin/sh
>> ifconfig $INTERFACE 10.0.2.15 netmask 255.0.0.0
>>
>> That way, you should be able to ping 10.0.2.15 directly from the server.
>>
>> I did not realize that the same IP address can be used on multiple
> interfaces.  Unfortunately this does not work either.
>
> Ok, this actually did work, I didn't have the subnet mask set quite that
large in the tinc-up script.  After making that correction I am now able to
get to the IP of the tunnel interface (which is the same as the IP on the
eth0 interface).  I can also get to other IPs in the same subnet by setting
a route on them to use the tinc "server" as the gateway.

However, I am not able to get to any other subnets by adding additional
subnets.  Do all subnets that I wish to access need to fall within the same
subnet as is defined in my tinc-up script?  The problem is that I have some
10.x.x.x addresses and some 192.168.x.x addresses that I would like to be
able to access.

Also, I am not always going to have the clients using the same IP space on
their eth0 interface, which was why I originally defined a separate subnet
specifically to be used on the tun0 interface.  I have some clients with
10.x.x.x addresses on eth0 and some with 192.168.x.x on eth0.
 Unfortunately, even after adding those subnets to the host files as you
mentioned, I still cannot get it to work unless I use switch mode.  Is this
a limitation of how tinc works, or am I possibly still doing something
wrong?

Thanks for your help,
Ryan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20120917/b77419eb/attachment.html>


More information about the tinc mailing list