Address Variabme for Roadwarriors]
Lonnie Cumberland
lonnie at neenet.com
Mon Oct 25 02:39:20 CEST 2004
yes, I want roadwarriors to be able to connect to other roadwarriors but
use the vpn internal network dns because we will not have "real"
internet host names for each roadwarrior but can assign them a name on
our internal VPN DNS with no problems.
For example, if I were a roadwarrior then when I connect to the internet
and start up my tincd it would make a connection with a know host like
"www.realcompany.com" so that it can talk to our private VPN DNS and be
given a name like lonnie.internalnetwork.com maybe something like
10.0.0.21 as the IP. Then bob, who is also making a roadwarrior
connection would connect to the VPN at "www.realcompany.com" to be able
to see the VPN DNS and could then be assigned "bob.internalnetwork.com"
with 10.1.34.22 for example but could also resolve my name for his
ConnectTo.
Also, there could be many other roadwarriors connecting to my
lonnie.internalnetwork.com machine as well. Some users might connect to
Bobs machine and some to mine.
This way roadwarriors can also run the tincd daemons and have other
roadwarriors connect to them without having to utilize a service like
"dynDNS".
I am trying to have a way to utilize the private vpn dns that can be
seen on the 10.x.x.x network to resolve our roadwarriors so that some of
them can connect ot each other as well without using external services
like DynDNS and having to register "real" host names for each
roadwarrior in an internet service as we can run our own DNS ( and
possibly DHCP ) servers to do these jobs on our 10.x.x.x vpn network.
Basically, let roadwariors connect to our vpn which will be running a
DNS and/or possibly DHCP (not seen by the REAL internet at all) so that
other roadwarriors that connect to our VPN can also connect to a few
selected roadwarriors it they are connected at that moment.
Does this clear up the idea any?
Thanks again,
Lonnie
Guus Sliepen wrote:
>On Sun, Oct 24, 2004 at 06:19:49PM -0500, Lonnie Cumberland wrote:
>
>
>
>>What I want to do is this. Take your documentation example where you
>>have 4 hosts, A, B, C, and D. You state that B, C will connect to A and
>>that D will connect to C.
>>
>>In my case, I will have node C being a road warrior and node D wants to
>>connect to it who is also a road warrior.
>>
>>My solution to this is to have a private DNS inside the VPN network,
>>maybe on node A for example, such that all nodes can see the DNS server
>>and in the case of the road warriors, nodes C & D, we will have that D
>>can find C because it resolved the 10.0.0.21 ip, for example, from our
>>private VPN DNS.
>>
>>At least that is the idea anyway.
>>
>>As I understand things now, a roadwarrior host that is going to allow
>>connection other connections must use something like dyndns to allow
>>others to resolve a "real" ip.
>>
>>I want to find a way to allow the roadwarior host to allow connections
>>by letting other nodes in the vpn resolve the roadwarrior host through
>>the private VPN DNS instead of the service like dyndns.
>>
>>
>
>It's still not very clear to me. There are VPN addresses (for example,
>from the 10.0.0.0/8 subnet) and real IP addresses (ie, ones that can be
>reached from the Internet). When you say "other nodes in the vpn resolve
>the roadwarrior host", do you mean that they have a "ConnectTo =
>roadwarrior" in their tinc.conf, and that in hosts/roadwarrior they have
>"Address = roadwarrior.internal.dns", and that the VPN DNS server
>resolves roadwarrior.internal.dns to the real IP address of the
>roadwarrior?
>
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>tinc mailing list
>tinc at tinc-vpn.org
>http://brouwer.uvt.nl/cgi-bin/mailman/listinfo/tinc
>
>
More information about the tinc
mailing list