Help linking subnets
Marco Avoledo
mavoledo at gmail.com
Thu Jan 22 08:25:29 CET 2015
Hi, after trying for days I ended up with a working tinc configurazion of 2
subnets, now my goal is to add 2 more subnets and comunicate.
I might seem dumb at this point but honestly I don't work in IT or
Networking stuff, and so I dont have that deep knowledge.
A little explanation of my configuration is
HOST A (VPN server)
Public IP: 1.2.3.4
tun0 Subnet = 192.168.10.0/24
tun0 IP = 192.168.10.1
HOST B (VPN Client configured in a Raspberry Pi)
eth0 NET = 192.168.2.10 255.255.255.0 gw 192.168.2.1
tun0 Subnet = 192.168.10.0/24
tun0 Subnet = 192.168.2.0/24
HOST C (VPN Client configured in a Raspberry Pi)
eth0 NET = 192.168.1.101 255.255.255.0 gw 192.168.1.1
tun0 Subnet = 192.168.10.0/24
tun0 Subnet = 192.168.1.0/24
HOST D (VPN Client configured in Android device, just accessing VPN Network)
Every Host have its own tinc-up set up like:
HOST A:
#!/bin/sh
ifconfig $INTERFACE 192.168.10.1 netmask 255.255.255.0
route add -net 192.168.1.0/24 dev $INTERFACE
route add -net 192.168.2.0/24 dev $INTERFACE
route add -net 192.168.3.0/24 dev $INTERFACE
HOST B:
#!/bin/sh
ifconfig $INTERFACE 192.168.10.2 netmask 255.255.255.0
HOST C:
#!/bin/sh
ifconfig $INTERFACE 192.168.10.3 netmask 255.255.255.0
HOST D:
#!/bin/sh
ifconfig $INTERFACE 192.168.10.4 netmask 255.255.255.0
Every Host have its own tinc.conf set up to connect to HOST A (Except for
HOST A itself obviously) VPN is using router mode.
Every Host have each other's host file in proper directory, containing PUB
KEY + VPN SUBNET + HOST SUBNET
For HOST A:
Address = XXXX.XXXXX.XX
Subnet = 192.168.10.1/32
For HOST B:
Subnet = 192.168.10.0/24
Subnet = 192.168.2.0/24
For HOST C:
Subnet = 192.168.10.0/24
Subnet = 192.168.1.0/24
For HOST D:
Subnet = 192.168.10.0/24
Every file is exactly the same on every HOST.
There are no problems when connecting, every host can connect to the server
(HOST A) fine.
>From HOST A I can ping Host A / Host B
>From HOST B I can ping HOST A / Host B
>From HOST C I can only ping myself
>From HOST D I can only ping myself
After trying a lot of net add net remove and reading tons of replies to
numerous questions online, after asking to irc I initially managed to work
with 2 subnet seeing each others, but adding this two more definitely
ruined the work.
My question is: what do I need to add in every conf/tinc-up file in order
to let HOST A Access every single machine in every Subnet 192.168.1.*
192.168.2.* 192.168.3.* and eventually visa versa, what to add to every
HOST B/C/D to be able to directly access every machine in every subnet as
above.
HOST A route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
default 178.62.128.1 0.0.0.0 UG 0 0 0 eth0
178.62.128.0 * 255.255.192.0 U 0 0 0 eth0
192.168.1.0 * 255.255.255.0 U 0 0 0 tun0
192.168.2.0 * 255.255.255.0 U 0 0 0 tun0
192.168.3.0 * 255.255.255.0 U 0 0 0 tun0
192.168.10.0 * 255.255.255.0 U 0 0 0 tun0
HOST B route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 eth0
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0
HOST C route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0
My bad I'm not that handy with networking stuff.
Any hint is appreciated.
Thanks in advance
Marco
-------------- parte successiva --------------
Un allegato HTML � stato rimosso...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20150122/d58a5413/attachment.html>
More information about the tinc
mailing list