search for: pingtimeout

Hello list, I use tinc with QOS, and since some weeks I got problem with tunnel disconnection because the default "Pingtimeout" of 5 sec is reach. I think it happens because of the QOS shappe the tinc traffic (data here) to let some BP for VOIP, but whate is very strange is that the ICMP protocol is not include in the shapping, so tinc would never 'see' latency on the link, even if there is latency caused b...

...rs zijn verbonden met een switch. Dit is de inhoud van mijn bestanden: Op computer 1 genaamd suse met ip 192.168.0.99 netmask 255.255.255.0 /etc/tinc/tinc.conf: Name = suse TapDevice = /dev/tun PrivateKeyFile = /etc/tinc/test-vpn/rsa_key.priv ConnectTo = Arnout Hostnames = no KeyExpire = 3600 PingTimeout = 60 /etc/tinc/test-vpn/tinc-up #!/bin/sh ifconfig eth0 down ifconfig eth0 hw ether fe:fd:00:00:00:00 ifconfig eth0 192.168.0.99 netmask 255.255.255.0 ifconfig eth0 -arp /etc/tinc/test-vpn/tinc.conf Name = suse TapDevice = /dev/tun PrivateKeyFile = /etc/tinc/test-vpn/rsa_key.priv ConnectTo = a...

Hi, All Recently, one of my tinc client always suffer connection drop, I was suspect the connection was not stable to cause this issue, and BTW, I’ve set the PingTimeout to 10 seconds already, but this situation still happens a lot sometimes, but when the connection drop happens, the connection recovery pretty fast, normally in a minutes. In order to deep dive into the cause, or proven the network quality problem, I capture the tcpdump from client to server to see...

...e tinc connection to check whether any traffic is possible. >> >> Is there an option somewhere to set the connection timeout? I've already set the ping timeout to 15s and I would like to set the connect timeout to 15s as well. > > The connection timeout is always the same as PingTimeout in tinc. I remember it being faster than that, but in that case I must be mistaken. I had a look around at how to set that timeout and noticed people use a select() construct to do it, not a simple socket setting. So I guess your comment make sense then. Well, I'll check again and get back to...

...t the amount of metadata by only having 3 ConnectTo hosts (the same ones everywhere) and using Broadcast = no DirectOnly = yes Cipher=aes-128-cbc (Apart from Name, AddressFamily, BindToAddress, Interface and ConnectTo that are the only settings we use in tinc.conf). We are also going to increase PingTimeout to 30 and reduce the number of ConnectTo hosts to 2. Is there anything else we can do to limit the amount of metadata (as that seems to be reason why tinc just stops working and only produces log messages about failed connection attempts)? Ideally we would not need any metadata updates at all (ap...

...mally handle this without problems (even on underpowered hardware, like routers running OpenWRT). > The overall configuration is switch mode, with mixed IPv4 and IPv6 host addressing. Otherwise config is empty with these tweaks added to attempt mitigating the issue (with no success): > > PingTimeout=15 > UDPRcvBuf=8388608 > UDPSndBuf=8388608 > ProcessPriority=high Apart from PingTimeout, the other options will not help. Increasing PingTimeout may indeed prevent tinc from prematurely closing connections in case of congestion. > Also, I have tried firewalling the incoming UDP traff...

...shutdown all, then start them sequentially and delayed or this "perfect storm" starts all over again. The overall configuration is switch mode, with mixed IPv4 and IPv6 host addressing. Otherwise config is empty with these tweaks added to attempt mitigating the issue (with no success): PingTimeout=15 UDPRcvBuf=8388608 UDPSndBuf=8388608 ProcessPriority=high The daemon was upgraded to vanilla built 1.0.26 on all but two nodes before the most recent event. Host OS is Debian based, ranging from Squeeze to Jessie and few Ubuntu Trusty, with their respective stock kernels. Also, I have tried fir...

...erver A is open to the world as the main TINC server. There are no firewall rules that prohibit packets from coming into the external interface of this server. tinc.conf on main server, address lets say: noctest_svr.com device = /dev/tun AddressFamily = ipv4 KeyExpire = 30000000 name = noctest_svr pingtimeout = 10 the public key config looks like this: address = XXX.XXX.XXX.XXX compression = 10 subnet = 172.16.244.0/22 subnet = 172.16.240.0/22 The machine has these interfaces, as well as an external interface, to which the clients connect. eth0:1 Link encap:Ethernet HWaddr 00:50:04:AB:D6:BE...

....1) configurations: ============================================================================== --------------------------------------- tinc.conf --------------------------------------- Name=central Mode=router AddressFamily=any BindToInterface=eth0 MaxTimeout=333 KeyExpire=888 PingInterval=88 PingTimeout=4 #Forwarding=kernel TunnelServer=yes --------------------------------------- hosts/central --------------------------------------- Compression=10 PMTUDiscovery=yes Subnet=10.0.0.0/28 Subnet=0.0.0.0/0#10 ============================================================================== My Office Nod...

...e 10.2.0.0/16 owner node1 10.3.0.0/16 owner node2 10.4.0.0/16 owner node3 10.5.0.0/16 owner node4 # cat /etc/tinc/home/tinc-up ifconfig $INTERFACE 10.2.0.10 netmask 255.0.0.0 ifconfig $INTERFACE up # cat tinc.conf Name = node1 ConnectTo = home Mode = router AddressFamily = ipv4 PingInterval = 600 PingTimeout = 15 4 out of 5 nodes work just fine. Node 2 however has issues. It does work fine for 5-30m and then pauses my connection to it. It's still up. I can't ping it over the "pause time" with 0% packet loss. Any TCP connection over the link just pauses for a while. The odd thing is i...

I mean, if I changed pingtimeout on tinc.conf, -kHUP will force the tinc to re-read that parameter into effective? If no, any other ways to make it effective other that kill the process? for tinc 1.0.

...riv PrivateKeyFile = /usr/local/etc/tinc/test-vpn/rsa_key.priv connectTo = pc2 connectTo = pc1 Hostnames = no Hostnames = no KeyExpire = 3600 KeyExpire = 3600 PingTimeout = 60 PingTimeOut = 60 /usr/local/etc/tinc/tinc-up /usr/local/etc/tinc/tinc-up #!/bin/bash #!/bin/bash ifconfig tap0 down ifconfig tap0 down ifconfig ta...

On Tue, Apr 10, 2018 at 03:36:08PM +0200, Hans de Groot wrote: > hosta  <--> hostb  <-->  hostc > > Hosta and hostc are not directly connected via tinc. But both are conncted > via hostb (I called my network tincnet). This works fine I can ssh from > hosta to hostc and vice versa without any problems. > > hostc is in a whitelisted iprange at some service

...e a subnet 0.0.0.0 at hostb so that is probably why traffic goes out via hostb when I do not have the specific subnet/ip at hostc Regards Hans de Groot configs at hosta tinc.conf Name = hosta Device =/dev/net/tun Hostnames = No connectto = hostb Mode = Router KeyExpire = 3600 PingInterval = 10 PingTimeout = 15 PrivateKeyFile = /etc/tinc/tincnet/rsa_key.priv ProcessPriority = high PMTUDiscovery = yes tinc-up #!/bin/bash ifconfig $INTERFACE 192.168.230.21 netmask 255.255.255.0 route add -net 192.168.230.0 netmask 255.255.255.0 gw 192.168.230.1 ip route add default via 192.168.230.160 dev tincnet tabl...

...ones everywhere) and using > > Broadcast = no > DirectOnly = yes > Cipher=aes-128-cbc These options do not directly affect metadata. In particular, "DirectOnly = yes" may actually cause nodes to be less reachable than without that option. > We are also going to increase PingTimeout to 30 and reduce the number of > ConnectTo hosts to 2. Increasing PingTimeout will probably help. As for the ConnectTo hosts: reducing the number will also reduce the amount of metadata traffic proprotionally. However, in your case, with 400 nodes connection to the same 3 central nodes, you mig...

...; > > >TINC Configuration ? Home (OpenWrt Router) > > > >Tinc.conf > >name=Home > >Interface=tinc0 > >PrivateKeyFile=/etc/tinc/Home/rsa_key.priv > >Mode=router > >KeyExpire=3600 > >AddressFamily=ipv4 > >ProcessPriority=normal > >PingTimeOut=5 > >PingInterval=60 > > > >Tinc-up > >ifconfig $INTERFACE 10.0.0.1 netmask 255.255.255.0 > >route add -net 192.168.2.0 netmask 255.255.255.0 dev tinc0 > >route add -net 192.168.3.0 netmask 255.255.255.0 dev tinc0 > > > >home/hosts/Home > >Add...

Hi there, We use tincd over VSAT connections, and if the contract has been reduced to a bare minimum -and- the ship is moving, latency reaches 2 - 5 seconds (yes, seconds). Generally this is not a problem if you are patient (and most smart phones are), but tincd is slightly too fast in deciding that it is not going to work. We also use the tinc connection to check whether any traffic is possible.

On 7 December 2015 at 17:20, Florent B <florent at coppint.com> wrote: > I have a cluster of 5 nodes, running Proxmox 4, and Tinc as "virtual > switch" for my nodes : on each node, a bridge "vmbr1" where Tinc is > connected, provides me a secured network for my VMs (connected to that > bridge). > > When I move (hot move) a VM from a host to another, I

...Broadcast = no > > DirectOnly = yes > > Cipher=aes-128-cbc > > These options do not directly affect metadata. In particular, > "DirectOnly = yes" may actually cause nodes to be less reachable than > without that option. > > > We are also going to increase PingTimeout to 30 and reduce the number of > > ConnectTo hosts to 2. > > Increasing PingTimeout will probably help. As for the ConnectTo hosts: > reducing the number will also reduce the amount of metadata traffic > proprotionally. However, in your case, with 400 nodes connection to the >...

...d a laptop using a dial up connection the host at home: tinc-up (works fine): #!/bin/sh ifconfig tap0 down ifconfig tap0 hw ether fe:fd:00:00:00:00 ifconfig tap0 172.16.11.254 broadcast 172.16.11.255 netmask 255.255.255.0 ifconfig tap0 -arp tinc.conf: Name = janus Hostnames = no KeyExpire = 3600 PingTimeout = 60 PrivateKeyFile = /etc/tinc/p21.net/rsa_key.priv TapDevice = /dev/tap0 /sbin/ifconfig tap0 tap0 Link encap:Ethernet HWaddr FE:FD:00:00:00:00 inet addr:172.16.11.254 Bcast:172.16.11.255 Mask:255.255.255.0 UP BROADCAST RUNNING NOARP MULTICAST MTU:1500 Metric:1...