In addition to described above, when connecting to an existing network, you must obtain the existing host keys and provide your own.īy using two-way synchronization (for example, unison), the number of additional operations increases to N, where N is the number of public nodes. It is advisable to create a script that clears the created parameters after stopping ( tinc-down).create a script that sets the host address and related parameters ( tinc-up).describe the node configuration file (served subnets, public addresses) ( hosts /).describe the general configuration of the node (type, name) ( nf).Tinc is positioned as an easy-to-configure service, however, something went wrong - to create a new node, minimal requirements are: Whenever possible, Tinc attempts to establish a direct connection between the two nodes behind NAT by punching. (after 2) in case of server failure in Singapore, traffic is transferred to the server in China and vice versa.Due to censorship rules, connection to China has been closed: Moscow russia-srv Manila Singapore Shanghai.Normal situation: Moscow russia-srv china-srv Shanghai.Using the traffic exchange between Shanghai and Moscow as an example, consider the following Tinc scenarios (approximately): Manila (Philippines) is not a threat to anyone, and therefore is allowed by everyone (due to the distance from everyone and everything).connections to Singapore are pretty stable (from personal experience).the network border of China Russia is unstable and may fall (due to both countries’ censorship rules).Due to Russian censorship rules, all the other ISPs were eventually blocked except the “friendly” China (unfortunately, not so unrealistic).Servers have a public addresses, clients are behind a NAT.Even nodes without a public address can become a relay server.Ĭonsider a situation with three servers (China, Russia, Singapore) and three clients (Russia, China and the Philippines): In this article, only version 1.0.x was used.įrom my point of view, some of the strongest features of Tinc is ability to forward messages over peers when direct connection is not possible. There are two branches of tinc development: 1.0.x (in almost all repositories) and 1.1 (eternal beta). Support for multiple operating systems: Linux, FreeBSD, OS X, Solaris, Windows, etc.the ability to connect isolated networks at the ethernet level (virtual switch).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |