Displaying 20 results from an estimated 50 matches for "pmtudiscovery".
2010 Dec 14
3
PMTUDiscovery and ClampMSS with mixed tincd versions
> Currently, i have nodes with PMTUDiscovery =yes and ClampMSS = yes.
Hello,
these features were introduced in 1.0.13 correct ??
I also understand that the two settings are by default "yes" if not
explictly set to "no" in the config file.
what may happen if I have a network with mixed versions from 1.0.11
and 1.0.13, w...
2010 Dec 13
3
PMTUDiscovery vs ClampMSS
Currently, i have nodes with PMTUDiscovery =yes and ClampMSS = yes.
When the server does not receive a PMTU request back from one of the
clients even when the packet size is very small (say 164), then it
reverts to TCP.
Should i turn off PMTUDiscovery or should it be ok to leave on?
It takes a very long time to do simple pings (1 second or...
2009 Mar 06
2
Problems with UDP frame size??
...I am able to ping between hosts with packet sizes up to 1417 bytes.
I did some testing with setting the PMTU value and setting PMTUDiscover =
no, however it had no affect.
Both hosts are running Windows XP.
Host files;
Address = argyle.thruhere.net
Port = 8002
IndirectData = yes
# PMTU = 1024
# PMTUDiscovery = no
#TCPOnly = Yes
-----BEGIN RSA PUBLIC KEY-----
Address = nixon.endoftheinternet.org
Port = 8003
IndirectData = yes
# PMTU = 1024
# PMTUDiscovery = no
#TCPOnly = Yes
-----BEGIN RSA PUBLIC KEY-----
tinc.conf for both is very simple;
Name = <Argyle | Nixon>
ConnectTo = <Argyle | Nixon&g...
2018 Apr 30
1
Slow Speed
...years, but I didnĀ“t fix a performance problem.
There a about 20 nodes in this network.
Master:
10.0.0.12 (dedicated host in a datacenter, debian, 100mBit port)
tinc.conf:
Name = TincKnoten12
AddressFamily = ipv4
Interface = tun
ProcessPriority=high
mode = router
#DirectOnly = no
Compression=0
PMTUDiscovery = yes
#IndirectData = yes
#ReplayWindow = 64
#ConnectTo = TincKnoten1
GraphDumpFile = /tmp/tinc-graph
LocalDiscovery = yes
ClampMSS = yes
PMTU = 1400
#DirectOnly=yes
#IndirectData=yes
Cipher=AES-128-CBC
#TCPOnly=yes
mac:10.0.0.20 (1gig directly to our backbone via mpls from out office-vlan)
Name...
2016 May 06
1
Lots of Flushing x bytes to y would block messages
...tinuously. Below is the server configuration.
Name = tserver
AddressFamily = ipv4
BindToAddress = 192.168.21.254 30000
KeyExpire = 28800
ReplayWindow = 0
DeviceStandby = no
DeviceType = tap
DirectOnly = yes
Mode = hub
ProcessPriority = high
ClampMSS = yes
Cipher = none
Digest = none
MACLength = 0
PMTUDiscovery = yes
I have taken out what I believe is performance sapping options in an effort
to boost performance.
All clients (Windows 7) configuration is identical save its own name.
Name = <client name>
ConnectTo = tserver
AddressFamily = ipv4
KeyExpire = 28800
ReplayWindow = 0
Broadcast = direct...
2019 Jan 10
2
Can Ping But No Web Interface
...alized the problem is
probably not MTU related. I appreciate any thoughts and help.
Here are my current configs:
Server A Conf:
Name = serverA
Device = /dev/net/tun
Address Family = ipv4
Server A host:
Address = xx.xx.xx.xx
Subnet = 192.168.0.10
Subnet = 10.75.70.0/24
PMTU = 1436
ClampMSS = yes
PMTUDiscovery = yes
Server A TincUp:
ip link set $INTERFACE up
ip addr add 192.168.0.10 dev $INTERFACE
ip route add 192.168.0.0/24 dev $INTERFACE
ip route add 192.168.1.0/24 dev $INTERFACE
Server B Conf:
Name = khwisnmp
Device = /dev/net/tun
Address Family = ipv4
ConnectTo = librenms
Server B host:
ubnet...
2009 Dec 22
2
traffic not going through tunnel
Dear all,
we have a very strange problem,
- we have 3 VPN endpoints
- all are in one NETWORK
- all daemons come up and connect without any problem and normally we have no problem working through the VPN
but in some cases the connection does not work because the traffic leaves the TAP interface on one VPN endpoint but never arrives on the other end, the similarities between the packages seem to
2013 Jan 19
1
Ethernet frame header size of TAP device and apropriate MTU calculation
...et mtu 1454 dev eth0"
I'm not shure about what is the exact size of ethernet frame header,
which tap device use in switch mode?
Is there FCS field? - Sure it should be.
But is there InterFrame Space and Preamble in the "switch environment"?
And how this correlate with PMTU and PMTUDiscovery options?
Should I really manually change MTU for tap device?
I very appreciate your help.
Thanks!
2019 Jan 12
0
Can Ping But No Web Interface
Try removing all MTU related settings from both sides. Allow tinc to learn
on its own.
" PMTU = 1436
ClampMSS = yes
PMTUDiscovery = yes"
in the config, " Address Family = ipv4" is likely not necessary, i would
recommend removing it.
" Device = /dev/net/tun" should not be used, unless tinc is having issues
locating the tun device.
however
" DeviceType = tun"
should be added, especialy as yo...
2015 Apr 23
2
Strange Traffic Problem
...---------------------------
Name=central
Mode=router
AddressFamily=any
BindToInterface=eth0
MaxTimeout=333
KeyExpire=888
PingInterval=88
PingTimeout=4
#Forwarding=kernel
TunnelServer=yes
---------------------------------------
hosts/central
---------------------------------------
Compression=10
PMTUDiscovery=yes
Subnet=10.0.0.0/28
Subnet=0.0.0.0/0#10
==============================================================================
My Office Node (10.13.1.1) configurations:
==============================================================================
---------------------------------------
tinc.conf
----...
2017 Nov 04
1
[Announcement] Tinc version 1.0.33 released
...ce the release of tinc versions 1.0.33. Here is a
summary of the changes in tinc 1.0.33:
* Allow compilation from a build directory.
* Source code cleanups.
* Fix some options specified on the command line not surviving a HUP signal.
* Handle tun/tap device returning EPERM or EBUSY.
* Disable PMTUDiscovery when TCPOnly is used.
* Support the --runstatedir option of the autoconf 2.70.
Thanks to Rafael Sadowski and Pierre-Olivier Mercier for their
contributions to this version of tinc.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next...
2017 Nov 04
1
[Announcement] Tinc version 1.0.33 released
...ce the release of tinc versions 1.0.33. Here is a
summary of the changes in tinc 1.0.33:
* Allow compilation from a build directory.
* Source code cleanups.
* Fix some options specified on the command line not surviving a HUP signal.
* Handle tun/tap device returning EPERM or EBUSY.
* Disable PMTUDiscovery when TCPOnly is used.
* Support the --runstatedir option of the autoconf 2.70.
Thanks to Rafael Sadowski and Pierre-Olivier Mercier for their
contributions to this version of tinc.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next...
2014 Jun 06
0
memory leak
...alpine linux 2.7.8 in 2 seperate environments. The
first environment is running for about a month without any problems.
The second environment causes some trouble. It looks like a memory leak on
the client side.
tincd.conf:
ConnectTo=ServerHost
Device=/dev/net/tun
Mode=switch
Name=ClientHost
PMTUDiscovery = yes
DeviceType=tap
PriorityInheritance = yes
Compression=10
hosts/ServerHost
Address=XXXX
PMTUDiscovery = yes
PriorityInheritance = yes
-----BEGIN RSA PUBLIC KEY-----
XXX
-----END RSA PUBLIC KEY-----
Linux Kernel 3.10.40-0-grsec #1-Alpine SMP Wed May 14 07:59:37 UTC 2014
x86_64 Linux
apk...
2018 Jun 12
1
[Announcement] Tinc version 1.1pre16 released
...* Added the ability to set a firemall mark on sockets on Linux.
* Minor improvements to the build system.
* Added a cache of recently seen addresses of peers.
* Add support for --runstatedir to the configure script.
* Fixed linking with libncurses on some distributions.
* Automatically disable PMTUDiscovery when TCPOnly is enabled.
* Fixed removing the tinc service on Windows in some situations.
Thanks to Todd C. Miller, Etienne Dechamps, Daniel Lublin,
Gjergji Ramku, Mike Sullivan and Oliver Freyermuth for their
contributions to this version of tinc.
--
Met vriendelijke groet / with kind regards,...
2018 Jun 12
1
[Announcement] Tinc version 1.1pre16 released
...* Added the ability to set a firemall mark on sockets on Linux.
* Minor improvements to the build system.
* Added a cache of recently seen addresses of peers.
* Add support for --runstatedir to the configure script.
* Fixed linking with libncurses on some distributions.
* Automatically disable PMTUDiscovery when TCPOnly is enabled.
* Fixed removing the tinc service on Windows in some situations.
Thanks to Todd C. Miller, Etienne Dechamps, Daniel Lublin,
Gjergji Ramku, Mike Sullivan and Oliver Freyermuth for their
contributions to this version of tinc.
--
Met vriendelijke groet / with kind regards,...
2016 Nov 10
1
static configuration
...DD_EDGE when DirectOnly=yes?
4. is there a way to know why tinc thinks node is unreachable (I see quick changes from reachable to unreachable and back again in debug logs)?
My current theory is that it is because ConnectTo target nodes are maxing out cpu and losing packets (and probably losing PMTUDiscovery packets).
Thank you!
--
2014 Jun 11
0
Fwd: memory leak
...n alpine linux 2.7.8 in 2 seperate environments. The
first environment is running for about a month without any problems.
The second environment causes some trouble. It looks like a memory leak on
the client side.
tincd.conf:
ConnectTo=ServerHost
Device=/dev/net/tun
Mode=switch
Name=ClientHost
PMTUDiscovery = yes
DeviceType=tap
PriorityInheritance = yes
Compression=10
hosts/ServerHost
Address=XXXX
PMTUDiscovery = yes
PriorityInheritance = yes
-----BEGIN RSA PUBLIC KEY-----
XXX
-----END RSA PUBLIC KEY-----
Linux Kernel 3.10.40-0-grsec #1-Alpine SMP Wed May 14 07:59:37 UTC 2014
x86_64 Linux
apk...
2008 Oct 02
2
SSH connection hangs on shell commands when used through tinc
Hello!
I have 3 PCs - Windows, FreeBSD and Ubuntu. FreeBSD runs as a tinc server as
it has a real IP. Ubuntu runs as a tinc client as it has a dynamically
changing public IP. Windows has not tinc installed yet. Therefore I use
Putty ssh client to ssh to FreeBSD machine (as it has real IP) and then from
there I ssh to the Ubuntu box using its virtual IP. The connection
establishes well, I can ping
2010 Feb 07
1
Only reaching one machine at network
Hi there,
I am using tinc since some monthes. I think the basic idea of
extending vpn to a mesh of systems via tun/tap is great. And I think
it is one of the useable developments compared to the much more
complex vpn solutions I had used in the past. Great work.
Setting up tinc I have fought with the configuration (and with the
concepts) for a while as I have found no example that covers my
2010 Nov 28
4
TCPOnly is required since 1.0.13?
...strange.
All of a sudden, the vpn would not work as a full-mesh. Certain nodes
were not contactable.
I re-generated my rsa-keys, and checked my configuration. My vpn uses
the following in tinc.conf, as I am routing both ipv4 and v6.
===
name = node1
mode = switch
AddressFamily = any
PMTU = 1280
PMTUDiscovery = yes
TCPonly = no
ConnectTo = hub1
ConnectTo = hub2
ConnectTo = hub3
===
My VPN has some hosts called by nodex. These nodes are dynamic-ip, and
set to contact (connectTo) the hubs when they bring up their tincd.
The hubx nodes are fixed-ip, and are connected to each other in a full mesh.
With...