very high traffic without any load
Lars Kruse
lists at sumpfralle.de
Sun May 5 23:00:08 CEST 2019
Hello Christoph,
I am glad, that you discovered the source of the problem!
Am Sat, 4 May 2019 08:30:28 +0200
schrieb "Christopher Klinge" <Christ.Klinge at web.de>:
> The goal was that all connections between my nodes, regardless of whether
> they are destined for internal or external ipv6 addresses, end up using the
> VPN.
This is indeed a bit tricky.
I use a setup with a similar goal based on IPv4. I solved it there by using DNAT
rules for the traffic to be routed through the VPN (based on destination ports).
But DNAT is probably not appropriate in a modern IPv6 world :)
In an IPv6 world you may want to use policy routing.
Simply add specific rules based on the incoming interface ("iif"), the source
address ("from") or ports ("sport" / "dport"). The routes in the target
routing table can be filled by your "node-up" scripts.
Cheers,
Lars
More information about the tinc
mailing list