net
play

net tinc VPN A quick introduction... Images: TJA, gobeirne, SKAO, - PowerPoint PPT Presentation

Sep 10, 2023 •127 likes •308 views

net tinc VPN A quick introduction... Images: TJA, gobeirne, SKAO, mtearle About tinc Info about authors Ivo Timmermans Guus Sliepen Two current versions 1.0 and 1.1 (in beta) Goals are: Security Reliability

  2. net

  3. tinc VPN

  4. A quick introduction... Images: TJA, gobeirne, SKAO, mtearle

  5. About tinc ● Info about authors – Ivo Timmermans – Guus Sliepen ● Two current versions – 1.0 and 1.1 (in beta) ● Goals are: – Security – Reliability – Efficiency – Scalability – Ease Of Use

  6. Uses for tinc ● Remote Access ● “VPN” ● Interconnect Networks

  7. What it is... ● Userspace Implementation ● SSL based encryption ● Some support for Windows / Mac OS X / Android ● Mesh and Point-to-Point (plus discovery if you want it) ● Switched or Routed networks

  8. What it is not ... ● Standard. Uses dedicated tinc protocol over the wire ● Control connection over TCP, traffic over TCP or UDP

  9. Quick tour of configuration file structure ● /etc/tinc/<network ● /etc/tinc/<network name> name>/hosts – tinc.conf – <hostname> – rsa_key.priv – tinc-up – <hostname>-up – tinc-down – <hostname>-down – host-up – host-down – subnet-up – subnet-down

  10. tinc.conf ● Name Name = tymnet ● Mode Port = 661 ConnectTo = bremen ● ConnectTo ConnectTo = mitre ● LocalDiscovery ● Port ● StrictSubnets

  11. -up and -down scripts ● Substitutions #!/bin/bash ● Triggered on: ip link set $INTERFACE up ip addr add 172.16.86.20/32 dev $INTERFACE – Tinc startup ip route add 172.16.86.0/24 dev $INTERFACE – Subnet – Host

  12. Host Configuration ● Address Address = 192.0.2.16 661 Subnet = 172.16.86.20/32 ● Subnet -----BEGIN RSA PUBLIC KEY----- MIICCgKCAgEA2SeJQsu/FUo7Kbh1hSIrbvm05BdThU0sncSSnXHeNJmgjV/IUEdq 3OUXrM3ED0uJ5AHjXYoIlotj2heKXJx9qzGnZ14nRqlceQpM0fscATSz6nO2KqqO yXze/jYh8ys7m9v9uiy4x+tUPa0JAJ6hJATWX7HrGrziIUN4DUdNMveuUC52uv5V ● PUBLIC KEY 7ldg9xkqffgD9YlvejvZb8ZkNewB9nNhPG7vDQPrEyqEbDDjmxKqWDbz3boJiLYC 9j5JnFyMQKL+15vYitI+BkDS2hEx0FeqEk8PbHY6mBI7Nsx9mnNRX9Iwf4rsf/j2 W3VthAa/GwtoYpFs/QFBsJqG3ZipxFcD/is6R4ihoh18NwrBsyW3iVmkEtZtfptG PduYdOZTpVcjA7ntQLo5V3EehNEuo3Wi0OORMQrYXqMLoRC30d3XYgxfSYUsKDW4 tincd -n sdinet -K 4096 nTpOaHYoNyrcIs+uAlixQV8f82JT7BjiHHL74GyxQu9oQ2FXuSkWFMMfWvlWWw/x 3UjPgC0aNw5i1zqf/F+Bcj4ccnxZh5u7sxPNbr37+x5soSjiMYQdyeCo3z3LkQoa Q5JRhs6VmE25Ayiequc8hUdgkGlIFP2Wb8xQIAPCuVHW++i8r0i6DhTe0F/krCsI CwMNdi/6IIpGSt5p0xPT534WZw2h6mMYp6qcl3D7q5Mfiblg55tISWMCAwEAAQ== -----END RSA PUBLIC KEY-----

  13. Stats /etc/tinc/sdinet# kill -USR1 4327 /etc/tinc/sdinet# kill -USR2 4327 Statistics for Linux tun/tap device (tun mode) /dev/net/tun: total bytes in: 0 total bytes out: 372 Nodes: Connections: berkeley at 203.0.113.165 port 661 cipher 91 digest 64 maclength 4 compression 0 options c status 001a nexthop berkeley via berkeley pmtu 1451 (min 1451 max 1451) bremen at 1.1.158.105 port 661 cipher 91 digest 64 maclength 4 compression 0 options c status 001a nexthop bremen via bremen pmtu 1451 (min 1451 max 1451) bremen at 1.1.158.105 port 58625 options c socket 8 status 00c2 hannover at 203.0.113.165 port 661 cipher 0 digest 0 maclength 0 compression 0 options c status 0018 outbuf 1245/0/0 nexthop bremen via hannover pmtu 1518 (min 0 max 1518) mitre at 198.51.100.166 port 661 cipher 91 digest 64 maclength 4 compression 0 options c status 001a nexthop mitre via mitre pmtu 1451 (min 1451 max 1451) mitre at 198.51.100.166 port 54192 options c socket 9 status tymnet at MYSELF cipher 0 digest 0 maclength 0 compression 0 options c status 0018 nexthop tymnet via tymnet pmtu 1518 (min 0 max 1518) 01c2 outbuf 1039/0/0 End of nodes. Edges: berkeley to mitre at 198.51.100.166 port 661 options c weight 475 berkeley at 203.0.113.165 port 1026 options c socket 10 status berkeley to tymnet at 192.0.2.16 port 661 options c weight 230 01c2 outbuf 1039/0/0 bremen to hannover at 203.0.113.165 port 661 options c weight 1049 bremen to mitre at 198.51.100.166 port 661 options c weight 593 bremen to tymnet at 192.0.2.16 port 661 options c weight 770 End of connections. hannover to bremen at 1.1.158.105 port 661 options c weight 1049 mitre to berkeley at 203.0.113.165 port 661 options c weight 475 mitre to bremen at 1.1.158.105 port 661 options c weight 593 mitre to tymnet at 192.0.2.16 port 661 options c weight 275 tymnet to berkeley at 203.0.113.165 port 661 options c weight 230 tymnet to bremen at 1.1.158.105 port 661 options c weight 770 tymnet to mitre at 198.51.100.166 port 661 options c weight 275 End of edges. Subnet list: 172.16.86.10/32#10 owner berkeley 172.16.86.20/32#10 owner tymnet 172.16.86.30/32#10 owner mitre 172.16.86.40/32#10 owner bremen 172.16.86.50/32#10 owner hannover fdf1:20fe:4a33:db:0:0:0:1/128#10 owner berkeley fdf1:20fe:4a33:db:0:0:0:5/128#10 owner hannover End of subnet list.

  14. Demo 1 – Routed Network

  15. Demo 2 – Yes, it does IPv6

  16. Demo 3 – Switched Network ● Let’s do a simple VPN

  17. Questions? ● More info at: tinc-vpn.org ● See also: – https://github.com/nibalizer/tinc-presentation – https://www.tinc-vpn.org/activities/ ● Talk will be uploaded at: – https://github.com/mtearle/netmcr-talk

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

DPW Road Projects Updates Tuesday, October 15, 2019 GSPE Line-up Village Streets

DPW Road Projects Updates Tuesday, October 15, 2019 GSPE Line-up Village Streets

DPW Road Projects Updates Tuesday, October 15, 2019 GSPE Line-up Village Streets Overview of DPW (FHWA &amp; DoD Funded) Projects GTIP 2020-2023 Briefing Village Streets Update $2.9 M from THF NTP issued to Hawaiian Rock

470 views • 28 slides
Africa in 2018 What to expect A presentation to the Norwegian African Business Association

Africa in 2018 What to expect A presentation to the Norwegian African Business Association

Africa in 2018 What to expect A presentation to the Norwegian African Business Association (NABA) January 2018 Roy Mutooni, CFA, MBA (Tel: + 27 (0) 11 243-4004, roy.mutooni@abam.com) African Growth: Cyclically Synchronised, Structurally

391 views • 15 slides
Online Tuning of Stream Programs or How To Get The Most Ouf Of Your Multicore Walter F. Tichy

Online Tuning of Stream Programs or How To Get The Most Ouf Of Your Multicore Walter F. Tichy

Online Tuning of Stream Programs or How To Get The Most Ouf Of Your Multicore Walter F. Tichy Institute for Program Structures and Data Organization KIT University of Baden-Wrttemberg and National Research Center of the Helmholtz

279 views • 27 slides
Dr. Tun Shwe Director, Oil Seed Crop and Food Legume Division Department of Agricultural

Dr. Tun Shwe Director, Oil Seed Crop and Food Legume Division Department of Agricultural

11th EAST ASIA PLANT VARIETY PROTECTION FORUM MEETING Philippines July 31 2018 NATIONAL GOAL OF PVP SYSTEM PERFORMANCE In Myanmar MYANMAR DELEGATES Dr. Tun Shwe Director, Oil Seed Crop and Food Legume Division Department of Agricultural

416 views • 8 slides
JOHN SMI HN SMITH HS BREW S BREWERY ERY NEW EW LAUTER TUN. LAUTER TUN. Br

JOHN SMI HN SMITH HS BREW S BREWERY ERY NEW EW LAUTER TUN. LAUTER TUN. Br

JOHN SMI HN SMITH HS BREW S BREWERY ERY NEW EW LAUTER TUN. LAUTER TUN. Br Brewhouse Fl ewhouse Floor oor Support Supports Exposed Exposed Lauter Tun Bein Lauter Tun Being Low g Lowered Throu red Through The Roof h The

159 views • 5 slides
Annual General Meeting 2017 International RS:X Class Association September 16, 2017 Enoshima

Annual General Meeting 2017 International RS:X Class Association September 16, 2017 Enoshima

Contents Annual General Meeting 2017 International RS:X Class Association September 16, 2017 Enoshima Yacht Harbour, Enohsima, JAPAN Full Members - Delegates &amp; Proxies No NCA Delegate Proxy Vote No NCA Delegate Proxy Vote 1 BEL

803 views • 58 slides
YOUR REGION FOR BUSINESS Prepared For Markham Development Services Committee September 9,

YOUR REGION FOR BUSINESS Prepared For Markham Development Services Committee September 9,

YOUR REGION FOR BUSINESS Prepared For Markham Development Services Committee September 9, 2016 October 3, 2016 WHAT IS TORONTO GLOBAL? + The new regional investment attraction agency focused solely on greenfield investment attraction.

817 views • 34 slides
Part I Understanding the local context and leveraging the available ICT technologies 9 June

Part I Understanding the local context and leveraging the available ICT technologies 9 June

Development of a national broadband strategy in the Middle East and Africa Part I Understanding the local context and leveraging the available ICT technologies 9 June 2012 David Eurin MK689 2 Contents Introduction Understanding the

245 views • 20 slides
Fisheries MCS Activities in Ghana Samuel Quaatey Director, Fisheries Commission Presentation at

Fisheries MCS Activities in Ghana Samuel Quaatey Director, Fisheries Commission Presentation at

Fisheries MCS Activities in Ghana Samuel Quaatey Director, Fisheries Commission Presentation at ATLAFCO Workshop on Monitoring, Control and Surveillance (MCS), effective tools for combating Illegal, Unreported, and Unregulated (IUU) Fishing

1.51k views • 18 slides
UN/CEFACT meeting Flux project Introduction DG Mare D4 17/10/2013 FISHERIES Example of EU

UN/CEFACT meeting Flux project Introduction DG Mare D4 17/10/2013 FISHERIES Example of EU

FISHERIES UN/CEFACT meeting Flux project Introduction DG Mare D4 17/10/2013 FISHERIES Example of EU fisheries international arrangements Slide 2 FISHERIES Slide 3 FISHERIES The issue, part 1 Fishing vessels can fish all over the

926 views • 49 slides
0.5 Pauatahanui Stream Daily Flow MALF 0.45 90% MALF 0.4 0.35 Stream Flow (m 3 /s) 0.3 0.25

0.5 Pauatahanui Stream Daily Flow MALF 0.45 90% MALF 0.4 0.35 Stream Flow (m 3 /s) 0.3 0.25

0.5 Pauatahanui Stream Daily Flow MALF 0.45 90% MALF 0.4 0.35 Stream Flow (m 3 /s) 0.3 0.25 0.2 0.15 0.1 0.05 0 1 Jan 1981 1 Feb 1981 1 Mar 1981 1 Apr 1981 1 May 1981 1 Jun 1981 Time Water allocation Te Awarua-o-Porirua whaitua

224 views • 10 slides
MAXIMUS IN THE BALTIC SEA - WHAT COULD WE LEARN FROM THE LAST TWO DECADES? Didzis Ustups and

MAXIMUS IN THE BALTIC SEA - WHAT COULD WE LEARN FROM THE LAST TWO DECADES? Didzis Ustups and

TURBOT SCOPHTHALMUS MAXIMUS IN THE BALTIC SEA - WHAT COULD WE LEARN FROM THE LAST TWO DECADES? Didzis Ustups and Dace Zilniece Institute of Food Safety, Animal Health and Environment BIOR Riga, Latvia Flatfish in the Baltic Sea flounder

171 views • 16 slides
Mittimakalik HTA Manautaq HTA Pangnirtung HTA Amorak HTA 4 Mayukalik HTA B ACKGROUND

Mittimakalik HTA Manautaq HTA Pangnirtung HTA Amorak HTA 4 Mayukalik HTA B ACKGROUND

Brand Summary B AFFIN F ISHERIES Baffin Fisheries Statement on Last-in First-out (LIFO) Management June 3, 2016 1 E XECUTIVE S UMMARY Baffin Fisheries is a strong proponent of the adjacency principal, and supports those who have

384 views • 27 slides
QIK IMPLEMENTATION STRATEGY Business Structure A Initial Market B Strategic Growth C

QIK IMPLEMENTATION STRATEGY Business Structure A Initial Market B Strategic Growth C

QIK IMPLEMENTATION STRATEGY Business Structure A Initial Market B Strategic Growth C Resources D Initial Product E Value Added Product F Purchase and Distribution G Business Structure A Appropriate &amp;

591 views • 10 slides
WELCOME TO THE EXTRAORDINARY GENERAL MEETING 21 NOVEMBER 2017 CONTENTS CONTENTS THE

WELCOME TO THE EXTRAORDINARY GENERAL MEETING 21 NOVEMBER 2017 CONTENTS CONTENTS THE

Local Property Overseas Property Purpose Built Student Construction Dormitory Development Development Accommodation WELCOME TO THE EXTRAORDINARY GENERAL MEETING 21 NOVEMBER 2017 CONTENTS CONTENTS THE RESOLUTIONS WHY THIS EGM IS

229 views • 18 slides
LANDING OBLIGATION - GERMANY Overview Quota allocation Fisheries in competence of Federal

LANDING OBLIGATION - GERMANY Overview Quota allocation Fisheries in competence of Federal

QUOTA MANAGEMENT AND LANDING OBLIGATION - GERMANY Overview Quota allocation Fisheries in competence of Federal Ministry of Food and Agriculture German Fishing quotas managed by the Federal Office for Agriculture and Food in Hamburg on

233 views • 12 slides
Interaction of the RFMOs and the High Seas Regime Phillip Saunders Dalhousie Law School Marine

Interaction of the RFMOs and the High Seas Regime Phillip Saunders Dalhousie Law School Marine

Dalhousie Law School Interaction of the RFMOs and the High Seas Regime Phillip Saunders Dalhousie Law School Marine and Environmental Law Programme Regime for ABNJ All areas beyond national jurisdiction (ABNJ) Includes water column

761 views • 28 slides
The Exploration and Discovery History of the Guyana- Ghana Conjugate Equatorial Corridor John R.

The Exploration and Discovery History of the Guyana- Ghana Conjugate Equatorial Corridor John R.

For Questions call John Dribus 504-232-2221, jdribus@hotmail.com The Exploration and Discovery History of the Guyana- Ghana Conjugate Equatorial Corridor John R. Dribus, Global Geologist and Advisor, Dribus Geologic Consulting LLC Dribus

369 views • 34 slides
Aquaculture aspects and future demand for seafood in China Haijin LIU Chinese

Aquaculture aspects and future demand for seafood in China Haijin LIU Chinese

Aquaculture aspects and future demand for seafood in China Haijin LIU Chinese Academy of Fishery Sciences 1 Under saturated development of the fishery resources in the world, why FAO has still

445 views • 41 slides
1 2 Cree &amp; Inuit Territories - Quebec

1 2 Cree &amp; Inuit Territories - Quebec

1 2 Cree &amp; Inuit Territories - Quebec 3 4 NUNAVIK Territory north of the 55th parallel in Quebec (507,000 sq.km) 14 coastal communities (no reserves lands First

721 views • 56 slides
2016 MARKETING 2015 HIGHLIGHTS Opened 10 new stores The Art of Shaving Piercing Pagoda

2016 MARKETING 2015 HIGHLIGHTS Opened 10 new stores The Art of Shaving Piercing Pagoda

2016 MARKETING 2015 HIGHLIGHTS Opened 10 new stores The Art of Shaving Piercing Pagoda HourTime Sarar Joes Jeans Tory Burch Outlet Lindt Chocolate Bar Pop-Up lululemon athletica UGG

579 views • 11 slides
Management of written-off vehicles Department of Transport and Main Roads Vehicle Standards

Management of written-off vehicles Department of Transport and Main Roads Vehicle Standards

Management of written-off vehicles Department of Transport and Main Roads Vehicle Standards Transport Regulation Branch April 2019 1 | Queensland Governments objectives for the community 2 | WOV Policy | April 2019 Written-off

286 views • 14 slides
Country Presentation Statistics Turkey Item 11: Coverage and time of recording Prime Ministry

Country Presentation Statistics Turkey Item 11: Coverage and time of recording Prime Ministry

ESA/STAT/AC.142.19 UNITED NATIONS UNITED NATIONS ECONOMIC COMMISSION DEPARTMENT OF ECONOMIC AND SOCIAL AFFAIRS FOR AFRICA STATISTICS DIVISION International Workshop on Country Practices in Compilation of International Merchandise Trade

438 views • 11 slides
TURKISH EXPERIENCE ON TRADE FACILITATION PRESENTATION CONTENT Modernization of Border Crossing

TURKISH EXPERIENCE ON TRADE FACILITATION PRESENTATION CONTENT Modernization of Border Crossing

TURKISH EXPERIENCE ON TRADE FACILITATION PRESENTATION CONTENT Modernization of Border Crossing Points in Turkey as a New Prospect in the UNESCAP Region Measures taken for coordination between various institutions involved in overall trade

399 views • 22 slides

More recommend