1) Install tinc on your Linux (e.g. apt-get install tinc) MAKE SURE YOU HAVE AT LEAST TINC 1.0.13
2) mkdir /etc/tinc/ninux
3) Create /etc/tinc/ninux/tinc.conf
Name = yournickname ConnectTo = Norimberga Mode = switch
Please pick a unique yournickname. Norimberga is our hub server. Mode switch is required because tinc will operate with a tap interface, needed to run olsr on it.
4) Create the hosts folder mkdir /etc/tinc/ninux/hosts/
5) Generate a Keypair tincd -n ninux -K
6) Create the file /etc/tinc/ninux/hosts/Norimberga
This file has the address and the public key of the server
Address = svn.ninux.org -----BEGIN RSA PUBLIC KEY----- MIIBCgKCAQEA30bZWtIej9kj837Eb8C+nxvEXfy4Jly41tuJYfzpJiP/pTQGaPyF XDEdfwAq8qJpfLaRfKl0pQ9rbDo4zjSlNW8e/5BxTnobXHcvSD9sm8bNAME2qBkI plmeWt4RvDmEKDrJWyUIoyKyaTcCkXpfHslTJSBBj7TSjYX9SCfTkSS3GjNDWMjc C02i2+ZB3balcR+Ea046l/GVFp0htxrUFxew5RDXPmmaiQRF6cpm3fMNtdq9ixz+ uJNjmfHW/lHk4KMUj6KMLca9mS4TWsFxLYmP0jZi7lD2hA3dNCW4nua8HHYPwj+X Mh/vucAMckowzaf+51bGD+o8HVuM1hm4TwIDAQAB -----END RSA PUBLIC KEY-----
If you want also a backup link use also our secondary server
6a) Create the file is /etc/tinc/ninux/hosts/guinness
Address = hispanico.ninux.org -----BEGIN RSA PUBLIC KEY----- MIIBCgKCAQEAp2VqrJOPTubK+I6lineZZ0QcgsuxtPaGqlEHbCis2I03Tv2KQ8ka JQOdyuPcn/1KJE5Ys0JUgl67W5fneicQOSei/+9e/AbuzcPA35/Ldu/sfv+SP2/T XSU+W681zyfUFk8fQqbaU6XXSYMJX1ZEWAv5sWWRSA0612xIkzKZoG628mwBYoGG d9kjnkZRpqFJd2ZFyn+/wyX5yof/3TZ7UIntnUVgljOn6cscDFzOh+zAqbrPXyaD ha8pP9ZvOILlK55ZDx1NLoMWiS1x4L8J0u+vUsTgjvo466J5AuYrwt4HpLvULUQq Pgvk/5z4OPLWUi7jgjQAQ/GO7hg69ybDyQIDAQAB -----END RSA PUBLIC KEY-----
6b) Modify the file /etc/tinc/ninux/tinc.conf
Name = yournickname ConnectTo = Norimberga ConnectTo = guinness Mode = switch
7) Get an IP address in the subnet 10.0.1.0/24 and add your self in the table on this wiki page: GestioneIndirizzi
8) Create the file /etc/tinc/ninux/tinc-up
ip link set dev ninux up ip a a dev ninux HEREYOURIPADDRESS/24 broadcast 10.0.1.255 #Adjust MTU ip link set mtu 1350 dev ninux iptables -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Where in place of HEREYOURIPADDRESS you must put the IP address choosen at point 7 of this guide
Make the file executable chmod +x /etc/tinc/ninux/tinc-up
9) Send an email to contatti@ninux.org with your Nickname choosen at point 3 and your generated public key so we can authorize you in the VPN main and backup server.
10) Once you received notification that your public key is authorized you can try to connect
tincd -n ninux
If everything worked out you can ping 10.0.1.1. Now configure olsr to use the interface "ninux"
Important notes on the OLSR configuration
It is FUNDAMENTAL to:
- Use olsr version 0.6.1
- Insert a Link Quality Multiplier in the interface part of the olsrd.conf file. On servers, it should looks like
Interface "ninux"
{
LinkQualityMult default 0.2
}on OpenWRT just look below.
**BEWARE:** if you use this configuration on a pc and you don't want to override the default gw you shoul use a LOWER metric for your prefered gw. This can be do using metric of your distro, on debian the default gw metric is 100 so lower it to 0 is a MUST.