Subnet / routing question
Hans de Groot
hansg at dandy.nl
Wed Nov 12 11:33:46 CET 2008
Hi,
I have been messing arroudn with tinc for a while and now I got a
configuration working like the example (4.7) from the manual
I have 3 systems, in my case system a is the only one that can be
accessed directly.
B and C connect to A
I have 3 subnets
A 5.1.0.0 gw 5.1.0.1
B 5.2.0.0 gw 5.2.0.1
C 5.3.0.0 gw 5.3.0.1
This work fine and the gateways are ip number son t he interfaces of the
3 servers.
I can connect to any of the gateways from all the computers.
So I can ping from 5.3.0.1(C) to 5.2.0.1(B) and 5.1.0.1(A) and vice
versa. So I got this working.
When reading the manual I was under the impression that tincd knows
about the existing local subnets that are running/accesible on each
individual computer as long as you add the subnet lines to the hostfile
of the host that has that subnet..
The config of system A looks like this
Address = xxx.xxx.xxx.xxx
Cipher = blowfish
Compression = 0
Digest = sha1
IndirectData = Yes
Port = 655
Subnet = 5.1.0.0/16
Subnet = 192.168.0.0/24
TCPonly = Yes
-----BEGIN RSA PUBLIC KEY-----
...
-----END RSA PUBLIC KEY-----
The config on system C looks like this
Cipher = blowfish
Compression = 0
Digest = sha1
IndirectData = Yes
Port = 655
Subnet = 5.3.0.0/16
Subnet = 192.168.200.0/24
TCPonly = Yes
-----BEGIN RSA PUBLIC KEY-----
....
-----END RSA PUBLIC KEY-----
So I thought that this was al that is neccesary to beable to connect
from system C to the 192.168.0.0 subnet on system A
But when I ping or traceroute on system C to 192.168.0.16 (an existing
ip on the subnet of system A) it simply uses the default gw on system C
which of course cannot find that ip.
So, my question is, Do I have to manually add routes in all systems
involved? Or am I missing something here?
If I have to add routes, why do I have to Add the extra Subnet lines
telling tinc which subnet resides on which tincd?
Thanks for you help
Hans de Groot
---
Hans de Groot
Email: hansg at dandy.nl www: http://www.dandy.nl
More information about the tinc
mailing list