Lars, interesting - do you have an example of what that might look like in the config file?
Thanks! On Sun, May 5, 2019 at 6:00 PM Lars Kruse <li...@sumpfralle.de> wrote: > Hello Christoph, > > I am glad, that you discovered the source of the problem! > > > Am Sat, 4 May 2019 08:30:28 +0200 > schrieb "Christopher Klinge" <christ.kli...@web.de>: > > > The goal was that all connections between my nodes, regardless of whether > > they are destined for internal or external ipv6 addresses, end up using > the > > VPN. > > This is indeed a bit tricky. > I use a setup with a similar goal based on IPv4. I solved it there by > using DNAT > rules for the traffic to be routed through the VPN (based on destination > ports). > But DNAT is probably not appropriate in a modern IPv6 world :) > > In an IPv6 world you may want to use policy routing. > Simply add specific rules based on the incoming interface ("iif"), the > source > address ("from") or ports ("sport" / "dport"). The routes in the target > routing table can be filled by your "node-up" scripts. > > Cheers, > Lars > _______________________________________________ > tinc mailing list > tinc@tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > --
_______________________________________________ tinc mailing list tinc@tinc-vpn.org https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc