2001-07-22 14:04:38 +00:00
|
|
|
This document describes how nodes in a VPN find and connect to eachother and
|
|
|
|
maintain a stable network.
|
|
|
|
|
2006-04-26 13:52:58 +00:00
|
|
|
Copyright 2001-2006 Guus Sliepen <guus@tinc-vpn.org>
|
2001-07-22 14:04:38 +00:00
|
|
|
|
|
|
|
Permission is granted to make and distribute verbatim copies of
|
|
|
|
this documentation provided the copyright notice and this
|
|
|
|
permission notice are preserved on all copies.
|
|
|
|
|
|
|
|
Permission is granted to copy and distribute modified versions of
|
|
|
|
this documentation under the conditions for verbatim copying,
|
|
|
|
provided that the entire resulting derived work is distributed
|
|
|
|
under the terms of a permission notice identical to this one.
|
|
|
|
|
2002-09-15 22:19:38 +00:00
|
|
|
1. Synchronisation
|
|
|
|
==================
|
|
|
|
|
|
|
|
Each tinc daemon has zero or more connections to other tinc daemons. It will
|
2002-09-16 14:08:04 +00:00
|
|
|
try to keep its own information synchronised with the other tinc daemons. If
|
|
|
|
one of its peers sends information, the tinc daemon will check if it is new
|
|
|
|
information. If so, it will update its own information and forward the new
|
2002-09-15 22:19:38 +00:00
|
|
|
information to all the other peers.
|
|
|
|
|
|
|
|
This scheme will make sure that after a short amount of time all tinc daemons
|
|
|
|
share the same information. It will also almost completely prevent information
|
|
|
|
from looping, because "new" information that is already known is ignored and
|
|
|
|
not forwarded any further. However, since information can also be deleted
|
|
|
|
there's the possibility of a looping sequence of add/delete messages. This is
|
|
|
|
resolved by additionaly adding a unique identifier to each broadcasted message.
|
|
|
|
Messages are dropped if the same message with that identifier has already been
|
|
|
|
seen.
|
|
|
|
|
|
|
|
2. Routing
|
2001-07-22 14:04:38 +00:00
|
|
|
==========
|
|
|
|
|
2002-09-16 14:08:04 +00:00
|
|
|
Every node tells its peers to which other peers it is connected. This way
|
2002-09-15 22:19:38 +00:00
|
|
|
every node will eventually know every connection every node has on the VPN.
|
|
|
|
Each node will use graph algorithms to determine if other nodes are reachable or not and
|
|
|
|
what the best route is to other nodes.
|
2001-07-24 08:51:36 +00:00
|
|
|
|
2002-09-15 22:19:38 +00:00
|
|
|
Because all nodes share the same information, using a deterministic algorithm
|
|
|
|
each node will calculate the same minimum spanning tree for the entire VPN.
|
|
|
|
The MST will be used to send broadcast VPN packets.
|