Hello list, I use tinc with QOS, and since some weeks I got problem with tunnel disconnection because the default "Pingtimeout" of 5 sec is reach. I think it happens because of the QOS shappe the tinc traffic (data here) to let some BP for VOIP, but whate is very strange is that the ICMP protocol is not include in the shapping, so tinc would never 'see' latency on the link, even if there is latency caused by the QOS. So the question is does tinc really use ICMP to check remote hosts or use it's own UDP packets ? A second one would be : does tinc check the remote host only when there is no traffic on the wire ? which, when I read the man, would tend to be yes ;-) Thanks, C?dric
Sorry a bit tired, some corrections : Le 24/07/13 21:29, C?dric Lemarchand a ?crit :> but whate is very strange is that the ICMP protocol is not include in > the shapping, so tinc would never 'see' latency on the link, even if > there is latency caused by the QOS.but what is very strange is that the ICMP protocol is not included in the shapping, so *in the case tinc use ICMP*, tinc would never 'see' latency on the link, even if there is latency caused by the QOS.
On Wed, Jul 24, 2013 at 09:29:58PM +0200, C?dric Lemarchand wrote:> I use tinc with QOS, and since some weeks I got problem with tunnel > disconnection because the default "Pingtimeout" of 5 sec is reach. > I think it happens because of the QOS shappe the tinc traffic (data > here) to let some BP for VOIP, but whate is very strange is that the > ICMP protocol is not include in the shapping, so tinc would never > 'see' latency on the link, even if there is latency caused by the > QOS. > > So the question is does tinc really use ICMP to check remote hosts > or use it's own UDP packets ?Tinc uses its own UDP packets the check other hosts. This is done on purpose, so that they don't get a special treatment compared to the regular UDP packets!> A second one would be : does tinc check the remote host only when > there is no traffic on the wire ? which, when I read the man, would > tend to be yes ;-)It always checks the remote host every PingInterval seconds. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20130724/0cc1b0e3/attachment.sig>
(Hey C?dric, it appears we're both following tinc *and* ZFS On Linux. What are the odds...) On 24/07/2013 20:29, C?dric Lemarchand wrote:> I use tinc with QOS, and since some weeks I got problem with tunnel > disconnection because the default "Pingtimeout" of 5 sec is reach. > I think it happens because of the QOS shappe the tinc traffic (data > here) to let some BP for VOIP, but whate is very strange is that the > ICMP protocol is not include in the shapping, so tinc would never 'see' > latency on the link, even if there is latency caused by the QOS. > > So the question is does tinc really use ICMP to check remote hosts or > use it's own UDP packets ?tinc doesn't use ICMP. It uses PING/PONG messages on the TCP metaconnections to ensure the control graph is healthy, and UDP messages (MTU probes) to opportunistically check for potential UDP connectivity. If your nodes are getting disconnected because of timeouts, it's because tinc's PING/PONG messages are not getting through on your TCP metaconnections. -- Etienne Dechamps