Big network, small devices
Ivan Vilata i Balaguer
ivan at selidor.net
Tue Apr 10 10:14:21 CEST 2012
Guus Sliepen (2012-04-06 01:01:45 +0200) wrote:
> On Thu, Apr 05, 2012 at 07:29:55PM +0200, Ivan Vilata i Balaguer wrote:
>
>> I'm interested in using Tinc for building an overlay network on top
>> of a community network. The overlay may consist of some hundreds of
>> nodes, and devices will most probably not be very powerful (Alix or
>> Commell-like or even less). To make the overlay network topology
>> resemble the real one as much as possible, all nodes would ConnectTo
>> all other nodes.
>
> This is not necessary, you only need one (but better a few for
> redundancy) ConnectTo statements. Tinc will figure out how to
> communicate with all the other nodes by itself.
After reading section "The meta-protocol" in the (great) manual more
carefully I think I got the idea. :)
However, this brings another question related with the setup I described
on a previous post:
nodeA1 nodeB3
| |
(Network A) -- gwA --- (Internet) --- gwB --- (Network B)
| |
nodeA2 nodeB4
nodeA1 and nodeA2 ConnectTo gwA, gwA to gwB (and vice versa), and nodeB3
and nodeB4 to gwB. Then if I understood well, a VPN packet sent from
nodeA1 to nodeB3 may be sent by nodeA1 straight to nodeB3's real address
(same for nodeA1 to nodeA2). However, both Network A and Network B use
private addresses and what's more, the same addresses may be present in
both networks!
So I don't see a problem in communications inside one network, but how
does tinc handle the nodeA1 -> nodeB3 situation? Maybe nodeA1 tries to
establish a TCP meta-connection with nodeB3 before trying to send data
and when the connection fails it uses gwA's route instead? Wouldn't the
timeout increase latency substantially from time to time?
>> Has anyone worked with a Tinc setup similar to this one? Do you thik
>> Tinc would scale up to a network with so many connections so as to
>> still be runnable in so low-powered hardware?
>
> ChaosVPN (a large VPN connecting lots of hackerspaces) currently has
> 131 nodes running tinc, and a lot of these are Fonera routers, which
> have much lower specs than Alix or Commell boards as far as I know.
This is very interesting indeed! They even have a mechanism to
disseminate host configuration files, this may come up very handy for
our project. :)
Thanks a lot, Guus. And sorry for my insistence in all those technical
details, but our project has some atypical requirements and being able
to use tinc would be a great boon and a time saver for us. :)
(BTW, this is the project: http://confine-project.eu/ )
Cheers,
--
Ivan Vilata i Balaguer -- https://elvil.net/
More information about the tinc
mailing list