avoiding duplicate IPs in tinc scripts

Hamish Moffatt hamish at moffatt.email
Wed Aug 1 03:42:58 CEST 2018


Currently I have the local tinc node's VPN IP in both the tinc-up script 
as well as in its hosts/$NODE file Subnet setting. Can this be avoided, 
to simplify deployment?

Actually I am currently using a DNS lookup in the tinc-up script to get 
the local VPN IP ($NODE.myvpndomain), but this fails if DNS isn't ready 
when tinc-up is run. (DeviceStandby=yes fixes this, but then the 
subnet-up script is run before tinc-up).

I notice that tinc runs the subnet-up script for the local subnet 
immediately after the tinc-up script, with $REMOTEADDRESS empty, so I 
tried putting some of the interface configuration there instead. This 
seemed to work fine. So tinc-up says only:

#!/bin/bash
ip link set dev $INTERFACE up

and subnet-up says

#!/bin/sh
if [ -z "$REMOTEADDRESS" ]; then # local network
     ip addr add $SUBNET dev $INTERFACE
fi

ip route add $SUBNET dev $INTERFACE


Any downsides to this? Will it work on tinc 1.0 as well (I'm testing on 
1.1pre15)?



Hamish



More information about the tinc mailing list