1. server & client
    install tinc

  2. c/S

    mkdir -p /etc/tinc/yajump
    mkdir /etc/tinc/yajump/hosts

  3. S
    vim /etc/tinc/yajump/tinc.conf

     Name = yajump
     Device = /dev/net/tun
     AddressFamily = ipv4
     Interface = tun1
    

    vim /etc/tinc/yajump/tinc-up

     #!/bin/sh
     ip link set $INTERFACE up
     ip addr add  192.168.100.1/32 dev $INTERFACE
     ip route add 192.168.100.0/24 dev $INTERFACE
    

    vim /etc/tinc/yajump/tinc-down

     #!/bin/sh
     ip route del 192.168.100.0/24 dev $INTERFACE
     ip addr del 192.168.100.1/32 dev $INTERFACE
     ip link set $INTERFACE down
    

    chmod +x /etc/tinc/yajump/tinc-up
    chmod +x /etc/tinc/yajump/tinc-down

  4. Client
    vim /etc/tinc/yajump/tinc.conf

     Name = yajump-client
     Device = /dev/net/tun
     ConnectTo = yajump
     Interface = tun0
    

    vim /etc/tinc/yajump/tinc-up

     #!/bin/sh
     ip link set $INTERFACE up
     ip addr add  192.168.100.100/32 dev $INTERFACE
     ip route add 192.168.100.0/24 dev $INTERFACE
    

    vim /etc/tinc/yajump/tinc-down

     #!/bin/sh
     ip route del 192.168.100.0/24 dev $INTERFACE
     ip addr del 192.168.100.100/32 dev $INTERFACE
     ip link set $INTERFACE down
    

    chmod +x /etc/tinc/yajump/tinc-up
    chmod +x /etc/tinc/yajump/tinc-down

  5. 在服务器上建立host配置文件并生成密钥:
    vim /etc/tinc/yajump/hosts/yajump 请将address替换为服务器的公网IP

     Address = 139.59.251.158
     Port = 6155
     Subnet 192.168.100.1/32
     Subnet 0.0.0.0/0
    

    生成秘要

     tincd -n yajump -K
    
  6. 在客户上建立host配置文件并生成密钥:

    vim /etc/tinc/yajump/hosts/yajumpclient

     Port = 6155
     Subnet = 192.168.100.100/32
    

    生成秘要

     tincd -n yajump -K
    

6.1. 配置Openwrt下的tinc的启动文件 /etc/config/tinc

config tinc-net yajump
    option enabled 1
    option logfile /tmp/log/tinc.yajump.log
    option debug 3
    option AddressFamily ipv4
    list ConnectTo yajump
    option Interface tun0
    option Name yajumpclient
    option PrivateKeyFile /etc/tinc/yajump/rsa_key.priv

config tinc-host yajumpclient
    option enabled 1
    option net yajump
    option Port 6155
    option Subnet 192.168.100.0/24
  1. 将Server 与 Client 的host 进行分发到对方相同的目录中
  2. Server 启动tinc: tincd -n yajump -D -d3
  3. Client 启动tinc: /etc/init.d/tinc start

Install chinadns as the secure dns server