From 93b2f18e81bb7e8a1d4c64de09f01ac8044e2724 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Thu, 27 Mar 2014 22:42:47 +0100 Subject: [PATCH] Add example zeroconf configuration using Avahi. Thanks to BrainDamage for providing this example. --- examples/zeroconf-ip-and-dns.mdwn | 91 +++++++++++++++++++++++++++++++ 1 file changed, 91 insertions(+) create mode 100644 examples/zeroconf-ip-and-dns.mdwn diff --git a/examples/zeroconf-ip-and-dns.mdwn b/examples/zeroconf-ip-and-dns.mdwn new file mode 100644 index 0000000..fe2f77a --- /dev/null +++ b/examples/zeroconf-ip-and-dns.mdwn @@ -0,0 +1,91 @@ +[[!meta title="zeroconf IP and DNS configuration"]] + +## Example: zeroconf IP and DNS configuration + +This example describes how to setup a network with no centralized dhcp server +and automatic dns resolution and minimum configuration: + +You will need Avahi mDNS daemon up and running (not part of this guide, +please refer to your distro): [http://avahi.org/](http://avahi.org/) + +### Setting up Avahi hostname resolution: + +This will allow your computer to resolve mDNS hostnames which addresses in the form of something.local. +In order to do it, +edit `/etc/nsswitch.conf` and append `mdns_minimal [NOTFOUND=return]` to your `hosts:` line before your `dns` entry, +for example my configuration is: + + hosts: files myhostname mdns_minimal [NOTFOUND=return] dns + +(Note that you can use a different top level domain than .local, +but in such case you need to use `mdns` entry instead of `mdns_minimal`.) + +### Automatic ip assignment and network setup: + +Follow the "how to configure" guide from the [[docs|manual]] to create the key pair and folders, +then edit `tinc.conf` and insert `Mode = switch`, +this will allow to make all nodes to listen to the same subnet mask simplifying the configuration +(although it'll increase traffic since all nodes will get the data). +By default the subnet mask is 169.254.0.0/16. +We'll change how `tinc-up` brings up the VPN interface; instead of using `ifconfig` to bring up the interface, +we'll use `avahi-autoipd daemon`. +This yields many advantages: + +* autoipd daemon automatically assignes an ip address based off available pool +* it'll publish the hostname in the mdns resolution network and will also act as controller for the avahi daemon allowing to browse or publish avahi services + +So in the `tinc-up` script you'll have a line like: `avahi-autoipd -D $INTERFACE`. +That's it! your VPN will have auto assigned IP addresses, and automatically resolved DNS entries once it's up. +In order to list the machines on the network you can use this command: `avahi-browse -d networkname`. + +### Useful bits: + +You can insert static hostname resolution for VPN nodes using `/etc/avahi/hosts` much like `/etc/hosts`. +You can manually ask for preferred IP when calling `avahi-autoipd` by appending `-S` wantedip. + +### Example configuration: + +In my configuration I have a PC everything connects to (alarmpi, reachable at LAN address 192.168.1.12 and public address alarmpi.xyz.com), and a laptop and a phone that can access it. + +Alarmpi's `tinc.conf`: + + Name = alarmpi + Mode = switch + +The laptop's `tinc.conf`: + + ConnectTo = alarmpi + Name = laptop + Mode = switch + +The phone's `tinc.conf`: + + ConnectTo = alarmpi + Name = phone + Mode = switch + +Every node has the same `tinc-up:` + + #!/bin/sh + avahi-autoipd -D $INTERFACE + +`hosts/alarmpi`: + + Address = 192.168.1.12 + Address = alarmpi.xyz.com + + -----BEGIN RSA PUBLIC KEY----- + snip + -----END RSA PUBLIC KEY----- + +`hosts/laptop`: + + -----BEGIN RSA PUBLIC KEY----- + snip + -----END RSA PUBLIC KEY----- + +`hosts/phone`: + + -----BEGIN RSA PUBLIC KEY----- + snip + -----END RSA PUBLIC KEY----- -- 2.20.1