linking non-neighboring networks together?
Guus Sliepen
guus at tinc-vpn.org
Sun Mar 15 17:08:25 CET 2015
On Sun, Mar 15, 2015 at 01:08:42AM -0400, Patrick C wrote:
> I am trying to determine the best way to link different private networks
> together, similar to the branch office example given online. However, in my
> case, the private networks are split up. For example, I would like to
> connect subnets such as:
>
> 10.30.0.0/16
> 172.23.0.0/16
> 10.90.50.0/24
> 192.168.3.0/24
>
> How does this affect my tinc-up files? What subnet mask do I give the tinc
> interface? Can this work?
You can have tinc work with all these subnets simultaneously. Assuming
you are on a node that has IP address 172.23.1.1, you would put the
following in its tinc-up script:
#!/bin/sh
ip addr add 172.23.1.1/16 dev $INTERFACE
ip route add 10.30.0.0/16 dev $INTERFACE
ip route add 10.90.50.0/24 dev $INTERFACE
ip route add 192.168.3.0/24 dev $INTERFACE
ip link set dev $INTERFACE up
This will ensure packets for those subnets will always go via tinc. You
can also do this more dynamically, and instead of having those ip route
commands in tinc-up, you can put this in the script named subnet-up:
#!/bin/sh
ip route add $SUBNET dev $INTERFACE
This will automatically add routes based on what Subnets your nodes
have in their host config files.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20150315/dff13cff/attachment.sig>
More information about the tinc
mailing list