Have anything to do with firewall locations, meaning home vs work vs public vs lockdown. Probably not it at all. On Jul 13, 2016 3:22 PM, "Etienne Dechamps" <etienne at edechamps.fr> wrote:> That's strange. Can you post a detailed log from the affected node (run > tincd -d5 -D), especially the initialization phase? > > On 13 July 2016 at 16:17, Petr Man <petr at madnetwork.org> wrote: > >> Dear all, >> >> I have been successfully running for quite some time a tinc 1.1 network >> in switch mode. I recently added a new node, that refuses to communicate >> over UDP. >> Running "tinc info mynode" from a different box returns: >> Reachability: directly with TCP >> >> It appears that tincd is not listening on UDP port 655 on "mynode". >> Running "ss -nlptu | grep tincd": >> tcp LISTEN 0 3 *:655 *:* >> users:(("tincd",pid=10097,fd=6)) >> >> In the log there is a large number of these messages: >> Received UDP packet from unknown source 123.321.123.321 port 655 >> >> I am puzzled how is tincd getting the packets if it is not listening on >> 655/UDP. >> >> When I start netcat on the node on port 655/UDP I can see garbage coming >> in from the other nodes trying to initiate an UDP connection. >> >> Would you have any hints where to start debugging this? All machines are >> configured the same way and work fine (various linux versions, windows). >> This particular box is on Ubuntu Xenial kernel 4.3.5. >> >> Best, >> Petr >> >> _______________________________________________ >> tinc mailing list >> tinc at tinc-vpn.org >> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >> >> > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160713/6f754acd/attachment.html>
Good morning,
Here is the log, I don't see anything unusual. I took the same tinc binary
and tried on two other machines and it works fine - binds to 655/UDP
without issues:
udp UNCONN 0 0 *:655 *:*
users:(("tincd",18872,7))
tcp LISTEN 0 3 *:655 *:*
users:(("tincd",18872,6))
Petr
On Thu, Jul 14, 2016 at 12:18 AM, Rob Townley <rob.townley at gmail.com>
wrote:
> Have anything to do with firewall locations, meaning home vs work vs
> public vs lockdown. Probably not it at all.
> On Jul 13, 2016 3:22 PM, "Etienne Dechamps" <etienne at
edechamps.fr> wrote:
>
>> That's strange. Can you post a detailed log from the affected node
(run
>> tincd -d5 -D), especially the initialization phase?
>>
>> On 13 July 2016 at 16:17, Petr Man <petr at madnetwork.org>
wrote:
>>
>>> Dear all,
>>>
>>> I have been successfully running for quite some time a tinc 1.1
network
>>> in switch mode. I recently added a new node, that refuses to
communicate
>>> over UDP.
>>> Running "tinc info mynode" from a different box returns:
>>> Reachability: directly with TCP
>>>
>>> It appears that tincd is not listening on UDP port 655 on
"mynode".
>>> Running "ss -nlptu | grep tincd":
>>> tcp LISTEN 0 3 *:655 *:*
>>> users:(("tincd",pid=10097,fd=6))
>>>
>>> In the log there is a large number of these messages:
>>> Received UDP packet from unknown source 123.321.123.321 port 655
>>>
>>> I am puzzled how is tincd getting the packets if it is not
listening on
>>> 655/UDP.
>>>
>>> When I start netcat on the node on port 655/UDP I can see garbage
coming
>>> in from the other nodes trying to initiate an UDP connection.
>>>
>>> Would you have any hints where to start debugging this? All
machines are
>>> configured the same way and work fine (various linux versions,
windows).
>>> This particular box is on Ubuntu Xenial kernel 4.3.5.
>>>
>>> Best,
>>> Petr
>>>
>>> _______________________________________________
>>> tinc mailing list
>>> tinc at tinc-vpn.org
>>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>>>
>>>
>>
>> _______________________________________________
>> tinc mailing list
>> tinc at tinc-vpn.org
>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://www.tinc-vpn.org/pipermail/tinc/attachments/20160714/ed26d46e/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tinc.gamevpn.log
Type: text/x-log
Size: 239537 bytes
Desc: not available
URL:
<http://www.tinc-vpn.org/pipermail/tinc/attachments/20160714/ed26d46e/attachment-0001.bin>
You might want to try with https://github.com/gsliepen/tinc/pull/120 - that said, this bug probably doesn't explain everything because tinc is supposed to log a message from setup_vpn_in_socket() anyway, but there's no such message in your log. In addition, I really don't see any way the "Received UDP packet from unknown source" message could be logged if the UDP socket isn't functional. On 14 July 2016 at 05:10, Petr Man <petr at madnetwork.org> wrote:> Good morning, > > Here is the log, I don't see anything unusual. I took the same tinc binary > and tried on two other machines and it works fine - binds to 655/UDP > without issues: > udp UNCONN 0 0 *:655 > *:* users:(("tincd",18872,7)) > tcp LISTEN 0 3 *:655 > *:* users:(("tincd",18872,6)) > > > Petr > > On Thu, Jul 14, 2016 at 12:18 AM, Rob Townley <rob.townley at gmail.com> > wrote: > >> Have anything to do with firewall locations, meaning home vs work vs >> public vs lockdown. Probably not it at all. >> On Jul 13, 2016 3:22 PM, "Etienne Dechamps" <etienne at edechamps.fr> wrote: >> >>> That's strange. Can you post a detailed log from the affected node (run >>> tincd -d5 -D), especially the initialization phase? >>> >>> On 13 July 2016 at 16:17, Petr Man <petr at madnetwork.org> wrote: >>> >>>> Dear all, >>>> >>>> I have been successfully running for quite some time a tinc 1.1 network >>>> in switch mode. I recently added a new node, that refuses to communicate >>>> over UDP. >>>> Running "tinc info mynode" from a different box returns: >>>> Reachability: directly with TCP >>>> >>>> It appears that tincd is not listening on UDP port 655 on "mynode". >>>> Running "ss -nlptu | grep tincd": >>>> tcp LISTEN 0 3 *:655 *:* >>>> users:(("tincd",pid=10097,fd=6)) >>>> >>>> In the log there is a large number of these messages: >>>> Received UDP packet from unknown source 123.321.123.321 port 655 >>>> >>>> I am puzzled how is tincd getting the packets if it is not listening on >>>> 655/UDP. >>>> >>>> When I start netcat on the node on port 655/UDP I can see garbage >>>> coming in from the other nodes trying to initiate an UDP connection. >>>> >>>> Would you have any hints where to start debugging this? All machines >>>> are configured the same way and work fine (various linux versions, >>>> windows). This particular box is on Ubuntu Xenial kernel 4.3.5. >>>> >>>> Best, >>>> Petr >>>> >>>> _______________________________________________ >>>> tinc mailing list >>>> tinc at tinc-vpn.org >>>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >>>> >>>> >>> >>> _______________________________________________ >>> tinc mailing list >>> tinc at tinc-vpn.org >>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >>> >>> > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160714/0ce81a8d/attachment.html>