Define which host to use when direct link not possible?

Sich sich at cafe-philo.net
Fri Sep 2 08:33:41 CEST 2016



Le 31/08/2016 à 10:47, Armin a écrit :
> On 30.08.2016 17:37, Guus Sliepen wrote:
>> On Tue, Aug 30, 2016 at 02:38:16PM +0200, Armin Schindler wrote:
>>
>>> we use a meshed VPN with TINC to connect 7 offices.
>>> Some office are in other countries and use other ISPs. The connection
>>> between some ISPs (peering partners) are not that good. This means we
>>> have packet loss between those direct connections.
>>>
>>> To avoid this direct connection, I would like to tell TINC to use
>>> a defined other host to route the packets to.
>>> E.g.
>>> instead of doing direct office-1 to office-2, send always packets
>>> for office-2 to office-5 (because connection with office-5 is very 
>>> stable).
>>>
>>> Is there a way to configure TINC to not use direct connection
>>> for one host, but use a specified, other host for that?
>>
>> You can set IndirectData = yes in hosts/office-2 on hosts/office-1, and
>> vice versa, to prevent it from trying a direct connection.
>>
>> Note that you also should not have ConnectTo = office-2 in office-1's
>> tinc.conf, and vice versa, otherwise the above will not have any effect.
>
> Understood. But this will keep tinc from doing direct only, but it may
> use *any* other host to transfer the data, right?
>
> I would like to set a specific host (with best connection) to be the
> 'man-in-the-middle'.
>
> Armin

Maybe you should try with the route metric.
Play with what Guus say (indirectdata) and using different metric for 
your route. Small metric for your favorite host, and bigger metric for 
the other.
You have to play with the routing system, but maybe just add route to 
office 2 on office 5, and say that office 5 is the GW for office 2 on 
the other router.

I don't know if this will work but you can try.


More information about the tinc mailing list