[Babel-users] route forwarding(?) in mesh VPN
Baptiste Jonglez
baptiste at bitsofnetworks.org
Thu Jan 12 08:08:43 UTC 2017
Hi,
On Thu, Jan 12, 2017 at 04:42:09PM +0900, Benda Xu wrote:
> I am trying to run babeld (1.5.1 of Debian package) on tinc[1] mesh VPN
> in switch mode and disabled internal forwarding.
> cat tinc.conf
> ,----
> | Mode = switch
> | Forwarding = off
> | Broadcast = direct
> `----
>
> which mimicks a wireless mesh network.
Nice use-case, I do the same in semi-production :)
>
> Taking a 3-node (A, B, C) setup for example,
>
> A--C--B
>
> They share the same babel configuration, "manifold" is the interface
> name of the tinc vpn.
> cat /etc/babeld.conf
> ,----
> | debug 3
> | interface manifold wired true link-quality true max-rtt-penalty 256 split-horizon true
> | redistribute local if manifold ip 10.16.16.0/24 ge 28 allow
> | redistribute ip 10.16.16.0/24 ge 28 metric 64
> | redistribute local deny
> `----
>
> <snip>
>
> Next I want to let A talk to B via C. If I replace the proto number on
> C from 42 to static manually:
There's no need for such hacks. Propagating routes around is the default
behaviour of babeld (it's a routing daemon, after all).
In your case, the problem comes from the split-horizon optimisation: you
should disable it, because it only makes sense for transitive media.
Since you enabled it, and (from the point of view of C) A and B are on the
same medium, C assumes that A and B can communicate directly, so it does
not relay the routes it learns.
Baptiste
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/babel-users/attachments/20170112/79468c56/attachment.sig>
More information about the Babel-users
mailing list