Subnet specification for tinc node as default gateway
Nikolaus Rath
Nikolaus at rath.org
Mon Sep 2 05:39:37 CEST 2013
Guus Sliepen <guus-NnCthlHDAqpg9hUCZPvPmw at public.gmane.org> writes:
> On Sun, Sep 01, 2013 at 03:35:01PM -0700, Nikolaus Rath wrote:
>
>> > Did you restart the tincd on the gateway after you added that Subnet? It should
>> > work otherwise.
>>
>> Duh. No, I didn't. I didn't even add the extra subnet on the
>> gateway. Now that I've done that, it seems to work. Thanks!
>>
>>
>> I'm still confused why this is necessary though. Why isn't it enough to
>> define the subnet in the local tinc's configuration? At the moment it
>> seems that even for the local tinc instance, the subnet specification on
>> the remote server takes precedence. That's a bit counterintuitive - then
>> why am I specifying the subnets for every node on every node in the
>> first place?
>
> Assuming you don't use TunnelServer or StrictSubnets, you don't have to. You
> only have to specify the Subnet a host uses on that host itself. It announces
> those Subnets to all the other nodes via the meta protocol. It ignores Subnets
> from all host config files but its own. Also, even if you could specify Subnets
> for another node locally, that wouldn't help; as soon as those packets reach
> that other node, that node doesn't know what to do with them (well, unless you
> use Forwarding = kernel).
Ah, I get it. I was assuming it'd be the other way around. But now that
I now it, it does make sense.
Thanks!
-Nikolaus
--
»Time flies like an arrow, fruit flies like a Banana.«
PGP fingerprint: 5B93 61F8 4EA2 E279 ABF6 02CF A9AD B7F8 AE4E 425C
More information about the tinc
mailing list