Hey Leonardo

I actually have zero experience with tinc. I’ll look into it if I have some spare time in the next few days. In general, I’m pretty satisfied with the current setup.

Let me know if you test something out!

Thanks for the input!


Nicolas


From: Leonardo Taborda <leonardotaborda@networkbogota.org>
Reply: libremesh users <lime-users@lists.libremesh.org>
Date: 31 January 2017 at 14:42:45
To: lime-users@lists.libremesh.org <lime-users@lists.libremesh.org>
Subject:  Re: [lime-users] VPN

Hello guys

Depending on the router you are using, the ar71xx-mini does not have opkg included, but the 8mb image it does. I have tinc running on a wdr3600 for librenet6 service. As Nicolas points out, it has some pitfalls running in the same device mesh and vpn control. Of course i use tinc only to provide ipv6 connectivity.

For Nicolas, would tinc have the same performance issues?

Leonardo

El 31/01/17 a las 06:26, nk@os.vu escribió:
Hi Marvin

I've done a lot of tests with VPNs for the standard setup of the mesh network we're building here in Milano, Italia, and I've found that usually routers are rather terrible at handling VPNs with reasonable speeds, openvpn being the slowest [10mbps up and down] and l2tp+ipsec being faster [15 to 20mbps], at the expense of being less secure. Also, I've gotten to the conclusion that doing the VPN routing in the same device as the one doing the meshing makes it rather difficult to diagnose issues over time and to pinpoint the bottleneck for slow overall speeds.

I know this is not the answer you were looking for, but our definitive setup involves setting up getting a microtik hex router that you can buy for about 60 to 80€ and running l2tp+ipsec to a Streisand instance [a fully self installing VPN and anonymity server]. We've been getting stable 120/120mbps speeds.

This setup also makes it very simple to understand what device is doing what, and how the routing is done on the large scale from the ISPs router, to the VPN router, to the meshing router, to the AP router, and so on [this is our setup].

I don't know how to solve your problem directly, but I thought I'd share my experience with you. Sorry for going slightly off topic.

Hope you can get your setup working nicely however you decide to do it!


Nicolas
________________________________
From: Marvin Arnold <marvin@unplugged.im>
Sent: Jan 31, 2017 06:34
To: lime-users@lists.libremesh.org
Subject: [lime-users] VPN


I would like to finally make my internet at home available to my
neighbors over lime. I called my ISP and they made it pretty clear they
would take action against me if one of the users accessed illicit
content. So I'm thinking about routing all web traffic through a VPN. Is
this the most sensible thing to do?

Assuming it is, I already setup the VPN server and now I'm trying to
connect my lime router as a client.

http://wiki.openwrt.org/inbox/vpn.howto

https://www.robertkehoe.com/2015/08/setup-openvpn-using-openwrt/

But as far as I can tell, opkg is not installed on the router. What's
the best way to install it or install the openvpn client without it?


_______________________________________________
lime-users mailing list
lime-users@lists.libremesh.org
https://lists.libremesh.org/mailman/listinfo/lime-users


_______________________________________________
lime-users mailing list
lime-users@lists.libremesh.org
https://lists.libremesh.org/mailman/listinfo/lime-users

--  
Cordialmente

Leonardo Taborda Ángel
leonardotaborda@networkbogota.org
www.networkbogota.org

"When there is a will, there is a way"
_______________________________________________
lime-users mailing list
lime-users@lists.libremesh.org
https://lists.libremesh.org/mailman/listinfo/lime-users