Hide node meta data?

Lars Kruse lists at sumpfralle.de
Tue Nov 17 15:28:22 CET 2020


Hello,

I am using tinc in a lot of contexts related to servers and general
infrastructure.
Recently another potential use-case appeared: providing a VPN for remote
devices (located at customer sites and maybe not exclusively under our control).

The tinc configuration allows to restrict the direct traffic between such
remote devices easily:
 DirectOnly = yes
 Forwarding = off
 TunnelServer = no

The tricky part seems to be meta data: every node is aware of all other nodes
(and partly also their IP addresses). This is not desirable in a context where
devices from multiple customers would be part of the same network.

Can you imagine a trivial solution, which would prevent this sharing of meta
information regarding other nodes and edges?

According to my understanding, such a use-case is simply out of scope for tinc.
But nevertheless I would be surprised and happy, if this assumption would prove
to be wrong :)

Cheers,
Lars


PS: providing a separate tinc network for each customer would be a potential
workaround. Maybe this will be the way to go ...


More information about the tinc mailing list