How to set Subnet in a node which act as both server and client role?
Bright Zhao
startryst at gmail.com
Mon May 1 12:00:43 CEST 2017
Hi, Tinc experts
Diagram as below, A is trying to access host X behind C:
A >> B >> C — “host X"
B is the tinc server for A, but also B is the tinc client to connect to C.
My question is, if I only use one VPN (/etc/tinc/myvpn), then the host configuration for B will be tricky.
As the tinc server to A, B’s host config (/etc/tinc/myvpn/hosts/B) needs have the Subnet = X/32, which indicate the VPN serve for this host.
But as the tinc client to C, B’s host config shouldn’t include Subnet = X/32, because X/32 is behind C.
If not direct connection available from A to C, the only way I can figure it out is to setup two VPNs, /etc/tinc/vpn1 and /etc/tinc/vpn2:
A >> vpn1 >> B >> vpn2 >> C — “host X”
If so, the /etc/tinc/vpn1/hosts/B can have Subnet =X/32; but the /etc/tinc/vpn2/hosts/B can exclude Subnet =X/32 since it’s the client side for C.
Let me know if there’s any other simple way to achieve this.
More information about the tinc
mailing list