kpcyrd
commented
7 years ago Please remove "ip4Alloc": 1 from both and try again
Closed yurivict closed 7 years ago
kpcyrd
commented
7 years ago Please remove "ip4Alloc": 1 from both and try again
yurivict
commented
7 years ago Without "ip4Alloc": 1 it works.
I thought ip4Alloc specifies the size of the IP block that this client can have?
kpcyrd
commented
7 years ago Yes, but ip4Alloc works similar to ip4Prefix as a bitmask (if I recall correctly).
I think the value you are looking for is 32, for a single IPv4 address.
yurivict
commented
7 years ago Thanks,
Well, this is at least a configuration validation problem then, because the intersection of two IP ranges wasn't detected.
But I also don't think that this definition of ip4Prefix is reasonable. It should be possible to allocate the range of IP addresses of any length, and such definition of ip4Prefix doesn't allow to do this.
kpcyrd
commented
7 years ago I'm not that much into the details here, but as far as I know:
ip4Prefix controls the prefix if the networkip4Alloc controls the number of addresses allocated to a clientSo it's possible to:
/24/25 to the first client/25 to the second clientThis way you have a rather straight forward routing table: /24 is routed to tun0 on the server and both clients, each client routes their /25 to the appropriate interface for other clients that don't run cjdns.
I'm not sure it makes much sense to set ip4Alloc if you're only assigning single IPs to clients.
Somebody could write a patch to check if ip4Alloc is larger than ip4Prefix, but I think this should be a warning only and shouldn't prevent running such a setup (if that's ever needed).
While trying to set up VPN I have this section on the server:
tun0 on the server has ip=172.16.0.1
However, only the first VPN host is able to connect to the server (to 172.16.0.1), and the second one can't.
cjdns-17.4