Hi ! I want to setup tinc 1.0 pre4 with kernel 2.4.5 I didn't find information about settings of tun/tap device I did in kernel - [*] Prompt for development and/or incomplete code/drivers Network device support <M> Universal TUN/TAP device driver support in /etc/modules.conf - alias char-major-10-200 tun mknod -m 600 /dev/tun c 10 200 chown 0.0 /dev/tun In mailing list archive I found description - Load first "tincd -n <netname>", than "ifconfig <netname> 192.168.1.1 netmask 255.255.255.0" My netname /etc/tinc/test4, I type #tincd -n test4 After this I see tun module was loaded. #lsmod Module Size Used by tun 3424 0 (autoclean) #ifconfig test4 10.x.x.x netmsak 255.255.0.0 SIOCSIFADDR: no such device test4: unknown interface: No such device ... ... ... Sincerely, Igor Belokopytov - Tinc: Discussion list about the tinc VPN daemon Archive: http://mail.nl.linux.org/lists/ Tinc site: http://tinc.nl.linux.org/
On Thu, Jun 28, 2001 at 02:27:11PM -0600, Igor Belokopytov wrote:> I want to setup tinc 1.0 pre4 with kernel 2.4.5 I didn't find > information about settings of tun/tap device[...]> #ifconfig test4 10.x.x.x netmsak 255.255.0.0 > SIOCSIFADDR: no such device > test4: unknown interface: No such deviceCheck if tinc was compiled with support for the tun/tap driver. If you look in your syslog, it should say "/dev/tun is a new style tun/tap device" if it is compiled WITH tun/tap support, otherwise it was compiled without it. If not, check if /usr/include/linux/if_tun.h exists. If not, make sure you have the kernel source installed and create a symlink to /usr/src/linux/include/linux/if_tun.h. Then do a make clean; ./configure; make install. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus@sliepen.warande.net> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20010629/911fee25/attachment.pgp
Hello Guus,
Thank you for your answer.
:Check if tinc was compiled with support for the tun/tap driver. If you look in
:your syslog, it should say "/dev/tun is a new style tun/tap device"
if it is
:compiled WITH tun/tap support, otherwise it was compiled without it.
:If not, check if /usr/include/linux/if_tun.h exists. If not, make sure you have
:the kernel source installed and create a symlink to
:/usr/src/linux/include/linux/if_tun.h. Then do a make clean; ./configure; make
:install.
I had such file (usr/include/linux/if_tun.h), but it was not symlink to
/usr/src/linux/include/linux/if_tun.h (file in directory usr/include/linux was
newer). I made such symlink and recompiled tincd. Now I have message
"/dev/tun is
a new style tun/tap device" in syslog file, I can create <netname>
interface and
can create connection with other peer.
But this connection is so bad (ping results in attached file "ping")
Other peer
use kernel 2.2.17, tincd 1.0pre4 with ethertap interface (tap0)
Also I got error message from other peer (with kernel 2.2.17 and tap device) I
attached it as file "log"
This is my config files
Host "Test"
/etc/tinc/test4/tinc.conf:
Name = test
PrivateKeyFile = /etc/tinc/test4/rsa_key.priv
TapDevice = /dev/tap0
tinc-up:
#!/bin/sh
insmod ethertap -o "ethertap0" unit=0
ifconfig tap0 hw ether fe:fd:00:00:00:00
ifconfig tap0 10.168.99.221 netmask 255.255.0.0
ifconfig tap0 -arp
/sbin/tincd4 --net=test4 -ddddd
Host "Igor"
/usr/local/etc/tinc/test4/tinc.config:
Name = igor
ConnectTo = test
TapDevice = /dev/tun
PrivateKeyFile = /usr/local/etc/tinc/test4/rsa_key.priv
tinc-up:
#!/bin/sh
tincd -n test4
ifconfig test4 10.168.89.2 netmask 255.255.0.0 -arp
Hosts files are the same for both hosts
/usr/local/etc/tinc/test4/hosts/igor (for host Igor) /etc/tinc/test4/hosts/igor
(for host Test)
Subnet = 10.168.89.0/24
Port = 8195
Address = 10.38.9.2
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAPCbbASyUTBk7Gt4ASmMai/WuW8Ujt+GnM5uM4/6dCLEOF/rsLuSPMUQ
h17li6JtoVueVR4SSbVrwQtMD2XDaDAi+AaIRt/4oGT59tXXpB6UDgm+MoBgBGxQ
epaA60aRxl77j6pNbkjxEECvoqw+cDV0m+a9SlU6p+9/870KFa/bAgMA//8-----END RSA PUBLIC
KEY-----
/usr/local/etc/tinc/test4/hosts/test (for host Igor) /etc/tinc/test4/hosts/test
(for host Test)
Subnet = 10.168.99.0/24
Port = 8195
Address = 10.38.9.221
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAMRXTyhi3+DpRtLla7InO62fPn7QT6M8OOFho+Th/mtid8cBGLHut6d5
W63i/eX7vKhvNqrRGrhN4Buk4aZqzUaBa9JeNelM8DZcnffAkmQxDK5zNKGrAG3j
sKKw3axrM2kEe/NC2/G3K9qGvBj3NBZm5azZhgnMbZIf1R/woN7DAgMA//8-----END RSA PUBLIC
KEY-----
Sincerely,
Igor Belokopytov
-------------- next part --------------
64 bytes from 10.168.99.221: icmp_seq=487 ttl=255 time=6.1 ms
64 bytes from 10.168.99.221: icmp_seq=494 ttl=255 time=6.2 ms
wrong data byte #28 should be 0x1c but was 0x4c
15 16 17 18 19 1a 1b 4c f 88 27 4b 7e c4 84 24 25 26 27 28 29 2a 2b 2c 2d
2e 2f 30 31 32 33 34 35 36 37 db db db db 8 d9 5 8 ff ff ff ff
64 bytes from 10.168.99.221: icmp_seq=496 ttl=255 time=6.2 ms
64 bytes from 10.168.99.221: icmp_seq=500 ttl=255 time=6.4 ms
wrong data byte #12 should be 0xc but was 0xfd
14 15 16 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27 28 29 2a 2b
2c 2d 2e 2f 30 31 32 33 34 35 36 37 db db db db 8 d9 5 8 ff ff ff ff
-------------- next part --------------
Jun 29 09:43:09 medguard.computalog.com tinc.test4[2893]: Connection from
10.38.9.2 port 33709
Jun 29 09:43:09 medguard.computalog.com tinc.test4[2893]: Connection with igor
(10.38.9.2) activated
Jun 29 09:44:03 medguard.computalog.com tinc.test4[2893]: Sending packet of 98
bytes to igor (10.38.9.2)
Jun 29 09:44:03 medguard.computalog.com tinc.test4[2893]: No valid key known yet
for igor (10.38.9.2), queueing packet
Jun 29 09:44:03 medguard.computalog.com tinc.test4[2893]: Flushing queue for
igor (10.38.9.2)
Jun 29 09:44:05 medguard.computalog.com tinc.test4[2893]: Sending packet of 98
bytes to igor (10.38.9.2)
Jun 29 09:44:07 medguard.computalog.com tinc.test4[2893]: Sending packet of 98
bytes to igor (10.38.9.2)
Jun 29 09:44:09 medguard.computalog.com tinc.test4[2893]: Sending packet of 98
bytes to igor (10.38.9.2)
Jun 29 09:44:11 medguard.computalog.com tinc.test4[2893]: Sending packet of 98
bytes to igor (10.38.9.2)
Jun 29 09:44:13 medguard.computalog.com tinc.test4[2893]: Sending packet of 98
bytes to igor (10.38.9.2)
Jun 29 09:44:15 medguard.computalog.com tinc.test4[2893]: Sending packet of 98
bytes to igor (10.38.9.2)
Hello Guus,> > > 64 bytes from 10.168.99.221: icmp_seq=487 ttl=255 time=6.1 ms > > 64 bytes from 10.168.99.221: icmp_seq=494 ttl=255 time=6.2 ms > > wrong data byte #28 should be 0x1c but was 0x4c > > 15 16 17 18 19 1a 1b 4c f 88 27 4b 7e c4 84 24 25 26 27 28 29 2a 2b 2c 2d > > 2e 2f 30 31 32 33 34 35 36 37 db db db db 8 d9 5 8 ff ff ff ff > > 64 bytes from 10.168.99.221: icmp_seq=496 ttl=255 time=6.2 ms > > 64 bytes from 10.168.99.221: icmp_seq=500 ttl=255 time=6.4 ms > > wrong data byte #12 should be 0xc but was 0xfd > > 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27 28 29 2a 2b 2c > > 2d 2e 2f 30 31 32 33 34 35 36 37 db db db db 8 d9 5 8 ff ff ff ff > > Please check if you are running the same version of tinc on both machines. >test#/sbin/tincd4 --version tinc version 1.0pre4 (built Jun 25 2001 16:42:58, protocol 10) Copyright (C) 1998-2001 Ivo Timmermans, Guus Sliepen and others. See the AUTHORS file for a complete list. tinc comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions; see the file COPYING for details. igor#/usr/local/sbin/tincd --version tinc version 1.0pre4 (built Jun 29 2001 08:19:36, protocol 10) Copyright (C) 1998-2001 Ivo Timmermans, Guus Sliepen and others. See the AUTHORS file for a complete list. tinc comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions; see the file COPYING for details. On host "test" tinc was compiled with libcrypto.so.0.9.5 and libc-2.1.3 On host "igor" tinc was compiled with libcrypto.so.0.9.6 and libc-2.2.3> Also, try to ping the hosts on their real IP addresses, and see if that also > gives errors. The only time someone report similar errors, it was because of > real network problems, pings to real IP addresses showed the same errors. >Ping of real IP on both hosts is Ok. These two hosts on the same hub. VPN between host "test" and another host with tincd-1.0pre4 on the same network (both hosts use kernel 2.2.17 and ethertap interfaces) works perfect. Sincerely, Igor Belokopytov - Tinc: Discussion list about the tinc VPN daemon Archive: http://mail.nl.linux.org/lists/ Tinc site: http://tinc.nl.linux.org/
>I solved my problem. Sorry. It was my fault - I had old version of libssl-dev (opensll development) package on host "igor" with kernel 2.4.5 Now everything is Ok. Tincd with ethertap interface and compiled with libcrypto 0.9.5 works without problem with tincd with tun interface and compiled with libcrypto 0.9.6 Sincerely, Igor Belokopytov - Tinc: Discussion list about the tinc VPN daemon Archive: http://mail.nl.linux.org/lists/ Tinc site: http://tinc.nl.linux.org/