<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
I'm sorry that I'm asking basic networking question in specialized
mailing list, if this is inappropriate please let me know.<br>
<br>
But there is still something that I don't understand regarding the
conversation below. Even if I assign each PC a new IP, how routing
will work? <br>
I can put new IPs on the computers, but router will know nothing
about them and because of it I don't see how PCs can see each other
by these new IP addresses.<br>
<br>
Andrew.<br>
<br>
On 7/10/2010 2:14 p.m., Donald Pearson wrote:
<blockquote
cite="mid:AANLkTi=_rSo3rtOpv6OgQfY-7XQDqBw1KNnWv2Fqk+Da@mail.gmail.com"
type="cite">Sure it's possible, you just need to assign each node
a new IP in the <a moz-do-not-send="true"
href="http://10.30.1.0/24">10.30.1.0/24</a> network. It's not
part of the Tinc configuration, it's part of the network
configuration of each computer.<br>
<br>
All Tinc is doing, is creating a layer 2 path for them to reach
each other. Yes broadcasts will traverse the VPN. It literally
is virtual ethernet over the internet. :)<br>
<br>
<div class="gmail_quote">On Wed, Oct 6, 2010 at 9:04 PM, Andrew
Savinykh <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:andrews@brutsoft.com">andrews@brutsoft.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt
0.8ex; border-left: 1px solid rgb(204, 204, 204);
padding-left: 1ex;">
<div bgcolor="#ffffff" text="#000000"> Donald, thank you for
this. <br>
<br>
Do i read you right that to be able to receive broadcasts
across LANs I have to use the address space that I already
have and make sure that this space is the same for both
LANs?<br>
<br>
What I'm trying to do is to define a *completely new subnet*
that will act as the common LAN foR both LAN A and LAN B.<br>
<br>
To re-iterate:<br>
I have one router that is 10.1.1.1 and gives out DHCP
10.1.1.* and the other router 192.168.0.1 that gives out
DHCP 192.168.0.*. <br>
I would like to leave these address spaces alone and define
a new on 10.30.1.* that computer from both networks can
participate in effectively forming a new virtual LAN.<br>
<br>
Is this possible with tinc? I know this possible with other
software, I'm just having hard time figuring out if this is
something I can configure tinc to do.<br>
<font color="#888888"> <br>
Andrew</font>
<div>
<div class="h5"><br>
<br>
<br>
<br>
On 7/10/2010 1:13 p.m., Donald Pearson wrote:
<blockquote type="cite">Sorry you're right. I was
looking at the IP address schema where all nodes would
use the <a moz-do-not-send="true"
href="http://10.30.0.0/24" target="_blank">10.30.0.0/24</a>
network.<br>
<br>
There's no need to install tap adapters on the other
devices. You have basically 2 realistic options if
you want the LAN function<br>
<br>
You can specify multiple IP addresses for a single
interface, even in Windows. You'll find this under
the TCP/IP properties of the network adapter. And
clicking on the Advanced button on the page where you
can set a static IP or designate DHCP.<br>
<br>
A 2nd option would be to re-ip one of your locations
so that they all use the same subnet natively.<br>
<br>
Bridging the tap adapter allows your network frames
received by your physical interface to reach the TAP
adapter and therefore traverse the VPN. This enables
later 2 connectivity, the same way a real switch
does. Virtual Ethernet over the Internet is how I
like to describe it. This is how I have my VPN
configured personally.<br>
<br>
Without the bridge, a frame that is received at the
physical interface has the frame stripped off and the
packet inspected. Now we're talking layer 3. If the
packet is destined for a network on the other side of
the VPN, your Tinc node frames the packet back up with
a new frame, and sends it over the VPN. This act of
stripping the frame, reading the packet for the
network destination, and applying a new frame to get
it there is what Routing is. Without the bridge in
place, your Tinc node is literally routing between the
physical interface and the tap interface. With the
bridge, you're creating a layer 2 pathway so the
frames can shoot across directly. Of course this
means both sides need to be on the same subnet which
you obviously already know.<br>
<br>
Be warned that this configuration comes with it's
drawbacks. DHCP will traverse your VPN. I had
location A computers getting addresses from location B
which makes for some really inefficient internet
traffic.<br>
</blockquote>
</div>
</div>
</div>
</blockquote>
</div>
</blockquote>
<br>
</body>
</html>