thr3ads.net - tinc - lose connection with traffic from connector to connectee [Feb 2002]

If this information is useful, please help other people find it:
Share via:

ebina1

2002-Feb-19 22:31 UTC

lose connection with traffic from connector to connectee

using 1.0pre5

A: tinc.conf
------------
Name = A
PrivateKeyFile = /usr/local/etc/tinc/vpn/rsa_key.priv
Device = /dev/tap0
ConnectTo = B

A: tinc-up
---------
#!/bin/sh
modprobe ethertap
ifconfig tap0 hw ether fe:fd:00:00:00:00
ifconfig tap0 192.168.0.3 netmask 255.255.0.0
ifconfig tap0 -arp


B: tinc.conf
------------
Name = B
PrivateKeyFile = /usr/local/etc/tinc/vpn/rsa_key.priv
Device = /dev/tun

B: tinc-up
---------
#!/bin/sh
ifconfig vpn hw ether fe:fd:00:00:00:00
ifconfig vpn 192.168.1.253 netmask 255.255.0.0
ifconfig vpn -arp mtu 1400


tincd on B is running.
tincd on A starts and connects to B.
Now, if the first network data is from B to A such as "ping
192.168.0.3"
from B
then the connection works well in both directions for quite a while.  If 
the connection
is idle for a long time, and then the first data is from A to B the data 
transfer
stops (see below).

If the first network data is from A to B such as "ping 192.168.1.253 from A
then no data gets through and the connection doesn't work right.
 From the syslog on A it appears data is being sent to B, and nothing is 
returning.
We do still get the periodic PING/PONG from A to B but no other data 
gets through.
 From the syslog on B we see:

Feb 19 15:13:11 linux tinc.vpn[2414]: Node A (12.221.73.89) became reachable
Feb 19 15:13:11 linux tinc.vpn[2414]: Got ADD_SUBNET from A 
(12.221.73.89): 10 A 192.168.0.0/24
Feb 19 15:13:22 linux tinc.vpn[2414]: Got REQ_KEY from A (12.221.73.89): 
15 A B
Feb 19 15:13:22 linux tinc.vpn[2414]: Sending ANS_KEY to A 
(12.221.73.89): 16 B A B157130AC44115976F7A773719D0DBEC8E2EADD4EF0BA824 
91 64 4
Feb 19 15:13:22 linux tinc.vpn[2414]: Sending 68 bytes of metadata to A 
(12.221.73.89)
Feb 19 15:13:22 linux tinc.vpn[2414]: Received UDP packet on port 655 
from unknown source cdd4959:517
Feb 19 15:13:45 linux last message repeated 5 times
Feb 19 15:13:51 linux tinc.vpn[2414]: Read packet of 87 bytes from Linux 
tun/tap device
Feb 19 15:13:51 linux tinc.vpn[2414]: Sending packet of 87 bytes to A 
(12.221.73.89)
Feb 19 15:13:51 linux tinc.vpn[2414]: No valid key known yet for A 
(12.221.73.89), queueing packet
Feb 19 15:13:51 linux tinc.vpn[2414]: Sending REQ_KEY to A 
(12.221.73.89): 15 B A
Feb 19 15:13:51 linux tinc.vpn[2414]: Sending 11 bytes of metadata to A 
(12.221.73.89)
Feb 19 15:13:51 linux tinc.vpn[2414]: Got ANS_KEY from A (12.221.73.89): 
16 A B 46808131ED9A3ECFC560A65C1873B50D2C30DD12D41CCF9C 91 64 4
Feb 19 15:13:51 linux tinc.vpn[2414]: Flushing queue for A (12.221.73.89)
Feb 19 15:13:51 linux tinc.vpn[2414]: Received UDP packet on port 655 
from unknown source cdd4959:517
Feb 19 15:14:48 linux tinc.vpn[2414]: Received UDP packet on port 655 
from unknown source cdd4959:517
Feb 19 15:14:57 linux tinc.vpn[2414]: Received UDP packet on port 655 
from unknown source cdd4959:517
Feb 19 15:15:18 linux tinc.vpn[2414]: Got PING from A (12.221.73.89): 8
Feb 19 15:15:18 linux tinc.vpn[2414]: Sending PONG to A (12.221.73.89): 9
Feb 19 15:15:18 linux tinc.vpn[2414]: Sending 2 bytes of metadata to A 
(12.221.73.89)
Feb 19 15:15:31 linux tinc.vpn[2414]: Received UDP packet on port 655 
from unknown source cdd4959:517


The connection and key are negotiated, but all data from A appears to 
come from
an unknown source.

Any ideas?



Tinc:         Discussion list about the tinc VPN daemon
Archive:      http://mail.nl.linux.org/lists/
Tinc site:    http://tinc.nl.linux.org/

Guus Sliepen

2002-Feb-20 11:54 UTC

head link

lose connection with traffic from connector to connectee

On Tue, Feb 19, 2002 at 03:31:10PM -0600, ebina1 wrote:
> tincd on B is running.  tincd on A starts and connects to B.  Now, if
> the first network data is from B to A such as "ping 192.168.0.3"
from
> B then the connection works well in both directions for quite a while.
> If the connection is idle for a long time, and then the first data is
> from A to B the data transfer stops (see below).
> 
> If the first network data is from A to B such as "ping 192.168.1.253
> from A then no data gets through and the connection doesn't work
> right.  From the syslog on A it appears data is being sent to B, and
> nothing is returning.  We do still get the periodic PING/PONG from A
> to B but no other data gets through.  From the syslog on B we see:
[...]> Feb 19 15:13:22 linux tinc.vpn[2414]: Received UDP packet on port 655 
> from unknown source cdd4959:517
The UDP packets come from the right IP address but from another port
(517) instead of from port 655. Is there a masquerading gateway between
A and B perhaps? If so, you might need to add "TCPOnly = yes" to
hosts/A
on B.

-- 
Met vriendelijke groet / with kind regards,
  Guus Sliepen <guus@sliepen.warande.net>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url :
http://brouwer.uvt.nl/pipermail/tinc/attachments/20020220/2d932269/attachment.pgp

Possibly Parallel Threads

Search for more reasonably related threads

tinc - Feb 2002 - lose connection with traffic from connector to connectee

lose connection with traffic from connector to connectee

lose connection with traffic from connector to connectee

Possibly Parallel Threads