Windows subnets
Andrew Savinykh
andrews at brutsoft.com
Fri Oct 8 03:57:44 CEST 2010
I'm sorry that I'm asking basic networking question in specialized
mailing list, if this is inappropriate please let me know.
But there is still something that I don't understand regarding the
conversation below. Even if I assign each PC a new IP, how routing will
work?
I can put new IPs on the computers, but router will know nothing about
them and because of it I don't see how PCs can see each other by these
new IP addresses.
Andrew.
On 7/10/2010 2:14 p.m., Donald Pearson wrote:
> Sure it's possible, you just need to assign each node a new IP in the
> 10.30.1.0/24 <http://10.30.1.0/24> network. It's not part of the Tinc
> configuration, it's part of the network configuration of each computer.
>
> All Tinc is doing, is creating a layer 2 path for them to reach each
> other. Yes broadcasts will traverse the VPN. It literally is virtual
> ethernet over the internet. :)
>
> On Wed, Oct 6, 2010 at 9:04 PM, Andrew Savinykh <andrews at brutsoft.com
> <mailto:andrews at brutsoft.com>> wrote:
>
> Donald, thank you for this.
>
> Do i read you right that to be able to receive broadcasts across
> LANs I have to use the address space that I already have and make
> sure that this space is the same for both LANs?
>
> What I'm trying to do is to define a *completely new subnet* that
> will act as the common LAN foR both LAN A and LAN B.
>
> To re-iterate:
> I have one router that is 10.1.1.1 and gives out DHCP 10.1.1.* and
> the other router 192.168.0.1 that gives out DHCP 192.168.0.*.
> I would like to leave these address spaces alone and define a new
> on 10.30.1.* that computer from both networks can participate in
> effectively forming a new virtual LAN.
>
> Is this possible with tinc? I know this possible with other
> software, I'm just having hard time figuring out if this is
> something I can configure tinc to do.
>
> Andrew
>
>
>
>
> On 7/10/2010 1:13 p.m., Donald Pearson wrote:
>> Sorry you're right. I was looking at the IP address schema where
>> all nodes would use the 10.30.0.0/24 <http://10.30.0.0/24> network.
>>
>> There's no need to install tap adapters on the other devices.
>> You have basically 2 realistic options if you want the LAN function
>>
>> You can specify multiple IP addresses for a single interface,
>> even in Windows. You'll find this under the TCP/IP properties of
>> the network adapter. And clicking on the Advanced button on the
>> page where you can set a static IP or designate DHCP.
>>
>> A 2nd option would be to re-ip one of your locations so that they
>> all use the same subnet natively.
>>
>> Bridging the tap adapter allows your network frames received by
>> your physical interface to reach the TAP adapter and therefore
>> traverse the VPN. This enables later 2 connectivity, the same
>> way a real switch does. Virtual Ethernet over the Internet is
>> how I like to describe it. This is how I have my VPN configured
>> personally.
>>
>> Without the bridge, a frame that is received at the physical
>> interface has the frame stripped off and the packet inspected.
>> Now we're talking layer 3. If the packet is destined for a
>> network on the other side of the VPN, your Tinc node frames the
>> packet back up with a new frame, and sends it over the VPN.
>> This act of stripping the frame, reading the packet for the
>> network destination, and applying a new frame to get it there is
>> what Routing is. Without the bridge in place, your Tinc node is
>> literally routing between the physical interface and the tap
>> interface. With the bridge, you're creating a layer 2 pathway so
>> the frames can shoot across directly. Of course this means both
>> sides need to be on the same subnet which you obviously already know.
>>
>> Be warned that this configuration comes with it's drawbacks.
>> DHCP will traverse your VPN. I had location A computers getting
>> addresses from location B which makes for some really inefficient
>> internet traffic.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20101008/f8ae9fda/attachment.htm>
More information about the tinc
mailing list