Warning Livedoc is no longer being updated and will be deprecated shortly. Please refer to https://documentation.tjhsst.edu.

tinc

From Livedoc - The Documentation Repository
Jump to: navigation, search

tinc is a lightweight Virtual Private Network (VPN) daemon that is now in use in the Computer Systems Lab. It utilizes UDP along with compression to provide a fast tunnel into the school's network. Preliminary tests show that tinc performs at speeds significantly better than TCP OpenVPN (~5x). Below are instructions for generating and installing tinc on a home computer.

Generating

To generate a tinc config, you must be root on the openvpn VM. cd into root's homedir, then run ./add_tinc_user (username), where (username) is the TJ username of the person you're generating the config for (for example, 2017sdamashe). This will generate a configuration in the tinc directory and add the relevant configuration file to the VPN server's tinc config. Give either tinc/(username).tar or tinc/(username).zip to the person, preferably by putting it in their AFS home directory for future access. Both the tar and zip contain the same files, but both are provided for ease of use.

Installing

Installing the configuration on Linux and OSX is very easy:

  • Install tinc and, if you don't have it already, iproute2.
  • Determine which interface is your main interface, (network) below
  • Run mkdir -p /etc/tinc/(network) to make the necessary tinc directories
  • Untar or unzip the provided configuration archive into /etc/tinc/(network)/

The install process is similar on Windows, however network configuration is not done automatically. You will need to unzip/untar your provided configuration into C:\Program Files\tinc\(network), and then create the TAP device as specified in [1].

Running

Start up tinc, preferably using your distro's service manager. There should be some way to specify the network name. Or, if you want to test it, run tincd -D -n (network). Use Ctrl+\ to stop the daemon.

Troubleshooting

If you get a No address specified for tjvpn error when running tincd -D -n (network), you should add the following line to the /etc/tinc/(network)/hosts/tjvpn file:

Address = 198.38.16.152