Routing setup with pfSense package
Lars Kruse
lists at sumpfralle.de
Wed Aug 29 23:05:48 CEST 2018
Hello Corey,
Am Wed, 29 Aug 2018 16:33:30 -0400
schrieb Corey Boyle <coreybrett at gmail.com>:
> I just found that the VPN Netmask option in the pfSense tinc GUI is
> related to the "netmask" option in /usr/local/etc/tinc/tinc-up
>
> ifconfig $INTERFACE 192.168.117.1 netmask 255.255.0.0
>
> What exactly is this line doing? Is it assigning the address that my
> lan adapter has to the tunnel interface as well?
Above you see the environment variable "INTERFACE". It is described in
"man tinc.conf".
The command above assigns an IP address to the network interface provided
by the tinc daemon.
In your forum thread you mentioned, that 192.168.117.0/24 is the address range
of your LAN interface. Thus the "ifconfig" line above is probably a mistake,
since you will end up with two network interfaces using the same address range.
This is not impossible, but most likely not your goal :)
Instead you probably want to pick an address range for the tinc network
interface. Each node should have one IP in this network. This IP needs to be
mentioned in two places for each node:
* as a Subnet line in the node's host file ("Subnet = w.x.y.z/32")
(make sure that all host files are in sync in order to reduce confusion)
* as part of an "ifconfig" command (see above) in "tinc-up"
Maybe you could also get away without assigning an IP address to the tinc
interface at all, but this would surely make debugging harder.
Afterwards you will be able to ping the other tinc nodes and direct traffic
over this interface.
Have fun investigating!
Cheers,
Lars
More information about the tinc
mailing list