Have anything to do with firewall locations, meaning home vs work vs public vs lockdown. Probably not it at all. On Jul 13, 2016 3:22 PM, "Etienne Dechamps" <etienne at edechamps.fr> wrote:> That's strange. Can you post a detailed log from the affected node (run > tincd -d5 -D), especially the initialization phase? > > On 13 July 2016 at 16:17, Petr Man <petr at madnetwork.org> wrote: > >> Dear all, >> >> I have been successfully running for quite some time a tinc 1.1 network >> in switch mode. I recently added a new node, that refuses to communicate >> over UDP. >> Running "tinc info mynode" from a different box returns: >> Reachability: directly with TCP >> >> It appears that tincd is not listening on UDP port 655 on "mynode". >> Running "ss -nlptu | grep tincd": >> tcp LISTEN 0 3 *:655 *:* >> users:(("tincd",pid=10097,fd=6)) >> >> In the log there is a large number of these messages: >> Received UDP packet from unknown source 123.321.123.321 port 655 >> >> I am puzzled how is tincd getting the packets if it is not listening on >> 655/UDP. >> >> When I start netcat on the node on port 655/UDP I can see garbage coming >> in from the other nodes trying to initiate an UDP connection. >> >> Would you have any hints where to start debugging this? All machines are >> configured the same way and work fine (various linux versions, windows). >> This particular box is on Ubuntu Xenial kernel 4.3.5. >> >> Best, >> Petr >> >> _______________________________________________ >> tinc mailing list >> tinc at tinc-vpn.org >> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >> >> > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160713/6f754acd/attachment.html>
Good morning, Here is the log, I don't see anything unusual. I took the same tinc binary and tried on two other machines and it works fine - binds to 655/UDP without issues: udp UNCONN 0 0 *:655 *:* users:(("tincd",18872,7)) tcp LISTEN 0 3 *:655 *:* users:(("tincd",18872,6)) Petr On Thu, Jul 14, 2016 at 12:18 AM, Rob Townley <rob.townley at gmail.com> wrote:> Have anything to do with firewall locations, meaning home vs work vs > public vs lockdown. Probably not it at all. > On Jul 13, 2016 3:22 PM, "Etienne Dechamps" <etienne at edechamps.fr> wrote: > >> That's strange. Can you post a detailed log from the affected node (run >> tincd -d5 -D), especially the initialization phase? >> >> On 13 July 2016 at 16:17, Petr Man <petr at madnetwork.org> wrote: >> >>> Dear all, >>> >>> I have been successfully running for quite some time a tinc 1.1 network >>> in switch mode. I recently added a new node, that refuses to communicate >>> over UDP. >>> Running "tinc info mynode" from a different box returns: >>> Reachability: directly with TCP >>> >>> It appears that tincd is not listening on UDP port 655 on "mynode". >>> Running "ss -nlptu | grep tincd": >>> tcp LISTEN 0 3 *:655 *:* >>> users:(("tincd",pid=10097,fd=6)) >>> >>> In the log there is a large number of these messages: >>> Received UDP packet from unknown source 123.321.123.321 port 655 >>> >>> I am puzzled how is tincd getting the packets if it is not listening on >>> 655/UDP. >>> >>> When I start netcat on the node on port 655/UDP I can see garbage coming >>> in from the other nodes trying to initiate an UDP connection. >>> >>> Would you have any hints where to start debugging this? All machines are >>> configured the same way and work fine (various linux versions, windows). >>> This particular box is on Ubuntu Xenial kernel 4.3.5. >>> >>> Best, >>> Petr >>> >>> _______________________________________________ >>> tinc mailing list >>> tinc at tinc-vpn.org >>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >>> >>> >> >> _______________________________________________ >> tinc mailing list >> tinc at tinc-vpn.org >> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >> >>-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160714/ed26d46e/attachment-0001.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: tinc.gamevpn.log Type: text/x-log Size: 239537 bytes Desc: not available URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160714/ed26d46e/attachment-0001.bin>
You might want to try with https://github.com/gsliepen/tinc/pull/120 - that said, this bug probably doesn't explain everything because tinc is supposed to log a message from setup_vpn_in_socket() anyway, but there's no such message in your log. In addition, I really don't see any way the "Received UDP packet from unknown source" message could be logged if the UDP socket isn't functional. On 14 July 2016 at 05:10, Petr Man <petr at madnetwork.org> wrote:> Good morning, > > Here is the log, I don't see anything unusual. I took the same tinc binary > and tried on two other machines and it works fine - binds to 655/UDP > without issues: > udp UNCONN 0 0 *:655 > *:* users:(("tincd",18872,7)) > tcp LISTEN 0 3 *:655 > *:* users:(("tincd",18872,6)) > > > Petr > > On Thu, Jul 14, 2016 at 12:18 AM, Rob Townley <rob.townley at gmail.com> > wrote: > >> Have anything to do with firewall locations, meaning home vs work vs >> public vs lockdown. Probably not it at all. >> On Jul 13, 2016 3:22 PM, "Etienne Dechamps" <etienne at edechamps.fr> wrote: >> >>> That's strange. Can you post a detailed log from the affected node (run >>> tincd -d5 -D), especially the initialization phase? >>> >>> On 13 July 2016 at 16:17, Petr Man <petr at madnetwork.org> wrote: >>> >>>> Dear all, >>>> >>>> I have been successfully running for quite some time a tinc 1.1 network >>>> in switch mode. I recently added a new node, that refuses to communicate >>>> over UDP. >>>> Running "tinc info mynode" from a different box returns: >>>> Reachability: directly with TCP >>>> >>>> It appears that tincd is not listening on UDP port 655 on "mynode". >>>> Running "ss -nlptu | grep tincd": >>>> tcp LISTEN 0 3 *:655 *:* >>>> users:(("tincd",pid=10097,fd=6)) >>>> >>>> In the log there is a large number of these messages: >>>> Received UDP packet from unknown source 123.321.123.321 port 655 >>>> >>>> I am puzzled how is tincd getting the packets if it is not listening on >>>> 655/UDP. >>>> >>>> When I start netcat on the node on port 655/UDP I can see garbage >>>> coming in from the other nodes trying to initiate an UDP connection. >>>> >>>> Would you have any hints where to start debugging this? All machines >>>> are configured the same way and work fine (various linux versions, >>>> windows). This particular box is on Ubuntu Xenial kernel 4.3.5. >>>> >>>> Best, >>>> Petr >>>> >>>> _______________________________________________ >>>> tinc mailing list >>>> tinc at tinc-vpn.org >>>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >>>> >>>> >>> >>> _______________________________________________ >>> tinc mailing list >>> tinc at tinc-vpn.org >>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >>> >>> > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160714/0ce81a8d/attachment.html>