Connecting two overlay meshes into a single mesh
Ivan Vilata i Balaguer
ivan at selidor.net
Wed Apr 4 01:30:14 CEST 2012
Guus Sliepen (2012-04-03 21:33:18 +0200) wrote:
> On Tue, Apr 03, 2012 at 02:24:48PM +0200, Ivan Vilata i Balaguer wrote:
>
>> nodeA1 nodeB3
>> | |
>> (Network A) --- [GWA] --- (Internet) --- [GWB] --- (Network B)
>> | |
>> nodeA2 nodeB4
> [...]
>> - nodeA1: X.Y.1.0/24
>> - nodeA2: X.Y.2.0/24
>> - GWA: X.Y.0.0/16
> [...]
>> - nodeB3: X.Y.3.0/24
>> - nodeB4: X.Y.4.0/24
>> - GWB: X.Y.0.0/16
>>
>> My doubt is: if GWA and GWB also connect to each other using Tinc via
>> the Internet, would traffic from nodeA2 be routed by GWA and GWB to
>> nodeB3 and back? Is it ok for Tinc that both GWA and GWB define the
>> same subnet? Would GWA forward traffic not addressed to nodeAx nodes
>> to GWB?
>
> If GWA and GWB connect to each other using the same tinc daemon they
> use to connect with the nodes on their own networks, then yes, nodeA2
> will then be able to communicate with nodeB3. If possible, traffic
> between those two nodes will go directly, without having to be
> forwarded by GWA and GWB.
I've been able to perform a simple test with four machines (set up like
nodeA2, GWA, GWB and nodeB3) and it worked like a charm. I had to add
GWA and GWB's own addresses as Subnets because otherwise I couldn't ping
them: when pinging GWB from GWA Tinc complained of the "Packet looping
back" to itself. I guess GWA had no other way to know that GWB wasn't
in its own Subnet than GWB being explicit about that.
> It is OK to have two identical Subnets, however, one will have
> priority over the other. So, while GWA and GWB are connected, packets
> to X.Y.0.1 will go most likely only to GWA, whether it is sent from
> nodeA2 or nodeB3. You can manually adjust the priority of Subnets (see
> the manual).
Sorry, but I don't understand. Nodes in Network A/B (except GWx) don't
have access to the Internet (not even NAT), so nodeB3 doesn't even know
GWA exists. In this case I guess priorities don't matter much since a
node can only see the GWx in its network.
Just for curiosity: do GWx share the Subnets they know, or do they
simply handle a datagram for a Subnet they don't know to the other one?
In the first case, I guess there'd be no problem in extending the number
of GWx hosts (and thus connected networks) arbitrarily. Is that true?
Thanks for your answers and also for a great software!
--
Ivan Vilata i Balaguer -- https://elvil.net/
More information about the tinc
mailing list