Routing internet traffic through innernet

[jedahan]

I'd like to use this when traveling away from home, to have traffic routed through the network created via innernet, if that is an appropriate use case.

If we have established a home router as a peer 10.42.0.1, and laptop as 10.42.10.123, what would be needed for macOS / Linux to route all traffic through that interface?

Would there have to be some sort of interface bridging involved, if the router defaults to being a gateway at 192.168.0.1?

[canselcik]

I wonder if you could get away with creating a 0.0.0.0/0 CIDR and creating an association between the user segment.

But if you were to enable IP forwarding on the server's kernel and also create a default route to your router, it might just work.

I am currently having an unrelated problem where my peers in the same CIDR seem to be failing to communicate with one another.

[mcginty]

Hey @jedahan! Yeah, we don't currently have any concept of an "exit node," to steal a term from Tor.

You could, however, have a peer run a separate WireGuard interface that's configured to forward IP traffic, and other peers could connect to that second interface through innernet, in a multi-hop type setup (kind of like what Mullvad does).

It could be interesting to have an "innernet-exit" project that reads the innernet peers list and can automatically setup this proxying interface and make it easy for peers to use it to route internet traffic through.

[mcginty]

@canselcik feel free to open a separate issue for your connection problems. I'm certain there are improvements we can make to diagnosing connection issues and improving NAT traversal.

[finnje]

@jedahan If you change your default route on your laptop to point to your home router like this ip route add default via 10.42.01 all your traffic on your laptop will go into the tunnel.

But yea, if you could pass an argument like inn gateway <interface> to do that command for you like a wireguard postup would do it would be super useful.

[rohithmeethal]

I couldn't get to to connect to internet using ip route, I have disabled ufw on exit node and enabled ipv4 forwarding. Still no luck. If anyone got it working please explain the steps, that could be really useful :) Thanks

[mcginty]

@rohithmeethal innernet isn't meant to forward internet traffic - everything about it is hard-coded to assume that one peer has one IP, and peers do not forward each other's packets.

This issue is about adding that feature in the future, but in the mean time you're better off with another tool (and/or participating in the design of this feature)!

[stevefan1999-personal]

@jedahan If you change your default route on your laptop to point to your home router like this ip route add default via 10.42.01 all your traffic on your laptop will go into the tunnel.

But yea, if you could pass an argument like inn gateway <interface> to do that command for you like a wireguard postup would do it would be super useful.

It doesn't work unless the address you are going to is in the AllowedIP of your innernet file, sadly I didn't see any way of manually adding allowed IP into innernet

[mcginty]

Yeah, right now there's no way to do this. The larger feature you're looking for is "site-to-site" but there hasn't been development time yet to introduce it. I think at this point I'd be interested in adding a collaborator to innernet for someone who has the time/capacity to work on something bigger like this. I think it's a valid request and possible though.

[csarn]

I'm also interested in this feature! As a workaround, you could have your "exit node" set up as an http/socks proxy (maybe via ssh?), and configure your laptop to use this node's innernet address as a proxy. Only works for software/protocols that allow using a proxy, of course.