Address Variabme for Roadwarriors]

Lonnie Cumberland lonnie at neenet.com
Mon Oct 25 02:39:20 CEST 2004


yes, I want roadwarriors to be able to connect to other roadwarriors but 
use the vpn internal network dns because we will not have "real" 
internet host names for each roadwarrior but can assign them a name on 
our internal VPN DNS with no problems.

For example, if I were a roadwarrior then when I connect to the internet 
and start up my tincd it would make a connection with a know host like 
"www.realcompany.com" so that it can talk to our private VPN DNS and be 
given a name like lonnie.internalnetwork.com maybe something like 
10.0.0.21 as the IP.  Then bob, who is also making a roadwarrior 
connection would connect to the VPN at "www.realcompany.com" to be able 
to see the VPN DNS and could then be assigned "bob.internalnetwork.com" 
with 10.1.34.22 for example but could also resolve my name for his 
ConnectTo. 

Also, there could be many other roadwarriors connecting to my 
lonnie.internalnetwork.com machine as well. Some users might connect to 
Bobs machine and some to mine.

This way roadwarriors can also run the tincd daemons and have other 
roadwarriors connect to them without having to utilize a service like 
"dynDNS".

I am trying to have a way to utilize the private vpn dns that can be 
seen on the 10.x.x.x network to resolve our roadwarriors so that some of 
them can connect ot each other as well without using external services 
like DynDNS and having to register "real" host names for each 
roadwarrior in an internet service as we can run our own DNS ( and 
possibly DHCP ) servers to do these jobs on our 10.x.x.x vpn network.

Basically, let roadwariors connect to our vpn which will be running a 
DNS and/or possibly DHCP (not seen by the REAL internet at all)  so that 
other roadwarriors that connect to our VPN can also connect to a few 
selected roadwarriors it they are connected at that moment.

Does this clear up the idea any?

Thanks again,
Lonnie

Guus Sliepen wrote:

>On Sun, Oct 24, 2004 at 06:19:49PM -0500, Lonnie Cumberland wrote:
>
>  
>
>>What I want to do is this. Take your documentation example where you 
>>have 4 hosts, A, B, C, and D.  You state that B, C will connect to A and 
>>that D will connect to C.
>>
>>In my case, I will have node C being a road warrior and node D wants to 
>>connect to it who is also a road warrior. 
>>
>>My solution to this is to have a private DNS inside the VPN network, 
>>maybe on node A for example, such that all nodes can see the DNS server 
>>and in the case of the road warriors, nodes C & D, we will have that D 
>>can find C because it resolved the 10.0.0.21 ip, for example, from our 
>>private VPN DNS.
>>
>>At least that is the idea anyway.
>>
>>As I understand things now, a roadwarrior host that is going to allow 
>>connection other connections must use something like dyndns to allow 
>>others to resolve a "real" ip.
>>
>>I want to find a way to allow the roadwarior host to allow connections 
>>by letting other nodes in the vpn resolve the roadwarrior host through 
>>the private VPN DNS instead of the service like dyndns.
>>    
>>
>
>It's still not very clear to me. There are VPN addresses (for example,
>from the 10.0.0.0/8 subnet) and real IP addresses (ie, ones that can be
>reached from the Internet). When you say "other nodes in the vpn resolve
>the roadwarrior host", do you mean that they have a "ConnectTo =
>roadwarrior" in their tinc.conf, and that in hosts/roadwarrior they have
>"Address = roadwarrior.internal.dns", and that the VPN DNS server
>resolves roadwarrior.internal.dns to the real IP address of the
>roadwarrior?
>
>  
>
>------------------------------------------------------------------------
>
>_______________________________________________
>tinc mailing list
>tinc at tinc-vpn.org
>http://brouwer.uvt.nl/cgi-bin/mailman/listinfo/tinc
>  
>




More information about the tinc mailing list