But I dont understand, how to setup connection.
#TINC CONFIGURATION INSTALL#
Create the following directory structure to hold all your configuration files: mkdir -p /etc/tinc/myvpn/hosts 'myvpn' is your VPN networks name and can be chosen freely. BranchA would be configured like this: In /etc/tinc/company/tinc-up : Real interface of internal network: ifconfig eth0 10.1.54.1 netmask 255.255.0.0 ifconfig INTERFACE 10.1.54.1 netmask 255.0.0. host 1 external ip - 48.48.128.48 internal ip - 10.10.0.200 computers in this office have network 10.10.0.0/24 office 2 host 2 external ip - 5.105.12.5 internal ip - 192.168.3.100 computers in this office have network 192.168.3.0/24 I install plugin Tinc VPN and see two tabs - Networks and Hosts.
Then install tinc via apt-get install tinc. My infrastructure is not that big so I am still doing some things by hand, but it should be easy to automate some parts by using git hooks + puppet|ansible|chef.Ībout the protocol I do not understand why it would be a problem, other than not being ssh or the possibility of being filtered over the network. First make sure your firewall accepts connections on port 655 UDP and TCP. To add the bridge device to the Linux 2.4.0 and higher kernels, select the option under ‘Networking options’ called 802.1d Ethernet Bridging. None of the private keys are committed to the repo, of course. Configuration of the kernel In addition to the standard kernel configuration described in the Configuring the kernel section of the manual, a bridge device needs to be added to your kernel configuration. But if you are building a serious network I do think tinc hits the sweet spot between being easy and allowing for any network you can think of without being tied to a particular server provider that might offer private IPs.Īs for the configuration I use git, which makes it super easy to setup the N+1th server. I just wanted to know why tinc does not get enough love, and you answered accordingly. Now, I must agree on that, it might not be a friendly solution for dead easy routing to an exit node as a proxy with dns-tunneling built in. Restart Tinc daemon from the dashboard or make any changes in Tinc configuration Check that the virtual IP is missing Issue with readding VIPs was resolved by triggering configdctl.py from tincd.
But if you know what you are doing (not saying I always know what I am doing) it can be a powerful tool to build the exact network you want without any provider lock-in. Yes, tinc does not abstract any of these things from you. The start screen lists all configured tinc networks within the applications. For the setup I will say it is on the same level of difficulty as it would be to setup iptables and routes manually. On each host, the Tinc configuration is similar: /etc/tinc/ horde hosts host1 host2 rsakey. It is not meant to replace textual configuration file editing.
0 kommentar(er)
