search for: pmtudiscovery

> Currently, i have nodes with PMTUDiscovery =yes and ClampMSS = yes. Hello, these features were introduced in 1.0.13 correct ?? I also understand that the two settings are by default "yes" if not explictly set to "no" in the config file. what may happen if I have a network with mixed versions from 1.0.11 and 1.0.13, w...

Currently, i have nodes with PMTUDiscovery =yes and ClampMSS = yes. When the server does not receive a PMTU request back from one of the clients even when the packet size is very small (say 164), then it reverts to TCP. Should i turn off PMTUDiscovery or should it be ok to leave on? It takes a very long time to do simple pings (1 second or...

...I am able to ping between hosts with packet sizes up to 1417 bytes. I did some testing with setting the PMTU value and setting PMTUDiscover = no, however it had no affect. Both hosts are running Windows XP. Host files; Address = argyle.thruhere.net Port = 8002 IndirectData = yes # PMTU = 1024 # PMTUDiscovery = no #TCPOnly = Yes -----BEGIN RSA PUBLIC KEY----- Address = nixon.endoftheinternet.org Port = 8003 IndirectData = yes # PMTU = 1024 # PMTUDiscovery = no #TCPOnly = Yes -----BEGIN RSA PUBLIC KEY----- tinc.conf for both is very simple; Name = <Argyle | Nixon> ConnectTo = <Argyle | Nixon&g...

...years, but I didn´t fix a performance problem. There a about 20 nodes in this network. Master: 10.0.0.12 (dedicated host in a datacenter, debian, 100mBit port) tinc.conf: Name = TincKnoten12 AddressFamily = ipv4 Interface = tun ProcessPriority=high mode = router #DirectOnly = no Compression=0 PMTUDiscovery = yes #IndirectData = yes #ReplayWindow = 64 #ConnectTo = TincKnoten1 GraphDumpFile = /tmp/tinc-graph LocalDiscovery = yes ClampMSS = yes PMTU = 1400 #DirectOnly=yes #IndirectData=yes Cipher=AES-128-CBC #TCPOnly=yes mac:10.0.0.20 (1gig directly to our backbone via mpls from out office-vlan) Name...

...tinuously. Below is the server configuration. Name = tserver AddressFamily = ipv4 BindToAddress = 192.168.21.254 30000 KeyExpire = 28800 ReplayWindow = 0 DeviceStandby = no DeviceType = tap DirectOnly = yes Mode = hub ProcessPriority = high ClampMSS = yes Cipher = none Digest = none MACLength = 0 PMTUDiscovery = yes I have taken out what I believe is performance sapping options in an effort to boost performance. All clients (Windows 7) configuration is identical save its own name. Name = <client name> ConnectTo = tserver AddressFamily = ipv4 KeyExpire = 28800 ReplayWindow = 0 Broadcast = direct...

...alized the problem is probably not MTU related. I appreciate any thoughts and help. Here are my current configs: Server A Conf: Name = serverA Device = /dev/net/tun Address Family = ipv4 Server A host: Address = xx.xx.xx.xx Subnet = 192.168.0.10 Subnet = 10.75.70.0/24 PMTU = 1436 ClampMSS = yes PMTUDiscovery = yes Server A TincUp: ip link set $INTERFACE up ip addr add 192.168.0.10 dev $INTERFACE ip route add 192.168.0.0/24 dev $INTERFACE ip route add 192.168.1.0/24 dev $INTERFACE Server B Conf: Name = khwisnmp Device = /dev/net/tun Address Family = ipv4 ConnectTo = librenms Server B host: ubnet...

Dear all, we have a very strange problem, - we have 3 VPN endpoints - all are in one NETWORK - all daemons come up and connect without any problem and normally we have no problem working through the VPN but in some cases the connection does not work because the traffic leaves the TAP interface on one VPN endpoint but never arrives on the other end, the similarities between the packages seem to

...et mtu 1454 dev eth0" I'm not shure about what is the exact size of ethernet frame header, which tap device use in switch mode? Is there FCS field? - Sure it should be. But is there InterFrame Space and Preamble in the "switch environment"? And how this correlate with PMTU and PMTUDiscovery options? Should I really manually change MTU for tap device? I very appreciate your help. Thanks!

Try removing all MTU related settings from both sides. Allow tinc to learn on its own. " PMTU = 1436 ClampMSS = yes PMTUDiscovery = yes" in the config, " Address Family = ipv4" is likely not necessary, i would recommend removing it. " Device = /dev/net/tun" should not be used, unless tinc is having issues locating the tun device. however " DeviceType = tun" should be added, especialy as yo...

...--------------------------- Name=central Mode=router AddressFamily=any BindToInterface=eth0 MaxTimeout=333 KeyExpire=888 PingInterval=88 PingTimeout=4 #Forwarding=kernel TunnelServer=yes --------------------------------------- hosts/central --------------------------------------- Compression=10 PMTUDiscovery=yes Subnet=10.0.0.0/28 Subnet=0.0.0.0/0#10 ============================================================================== My Office Node (10.13.1.1) configurations: ============================================================================== --------------------------------------- tinc.conf ----...

...ce the release of tinc versions 1.0.33. Here is a summary of the changes in tinc 1.0.33: * Allow compilation from a build directory. * Source code cleanups. * Fix some options specified on the command line not surviving a HUP signal. * Handle tun/tap device returning EPERM or EBUSY. * Disable PMTUDiscovery when TCPOnly is used. * Support the --runstatedir option of the autoconf 2.70. Thanks to Rafael Sadowski and Pierre-Olivier Mercier for their contributions to this version of tinc. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next...

...ce the release of tinc versions 1.0.33. Here is a summary of the changes in tinc 1.0.33: * Allow compilation from a build directory. * Source code cleanups. * Fix some options specified on the command line not surviving a HUP signal. * Handle tun/tap device returning EPERM or EBUSY. * Disable PMTUDiscovery when TCPOnly is used. * Support the --runstatedir option of the autoconf 2.70. Thanks to Rafael Sadowski and Pierre-Olivier Mercier for their contributions to this version of tinc. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next...

...alpine linux 2.7.8 in 2 seperate environments. The first environment is running for about a month without any problems. The second environment causes some trouble. It looks like a memory leak on the client side. tincd.conf: ConnectTo=ServerHost Device=/dev/net/tun Mode=switch Name=ClientHost PMTUDiscovery = yes DeviceType=tap PriorityInheritance = yes Compression=10 hosts/ServerHost Address=XXXX PMTUDiscovery = yes PriorityInheritance = yes -----BEGIN RSA PUBLIC KEY----- XXX -----END RSA PUBLIC KEY----- Linux Kernel 3.10.40-0-grsec #1-Alpine SMP Wed May 14 07:59:37 UTC 2014 x86_64 Linux apk...

...* Added the ability to set a firemall mark on sockets on Linux. * Minor improvements to the build system. * Added a cache of recently seen addresses of peers. * Add support for --runstatedir to the configure script. * Fixed linking with libncurses on some distributions. * Automatically disable PMTUDiscovery when TCPOnly is enabled. * Fixed removing the tinc service on Windows in some situations. Thanks to Todd C. Miller, Etienne Dechamps, Daniel Lublin, Gjergji Ramku, Mike Sullivan and Oliver Freyermuth for their contributions to this version of tinc. -- Met vriendelijke groet / with kind regards,...

...* Added the ability to set a firemall mark on sockets on Linux. * Minor improvements to the build system. * Added a cache of recently seen addresses of peers. * Add support for --runstatedir to the configure script. * Fixed linking with libncurses on some distributions. * Automatically disable PMTUDiscovery when TCPOnly is enabled. * Fixed removing the tinc service on Windows in some situations. Thanks to Todd C. Miller, Etienne Dechamps, Daniel Lublin, Gjergji Ramku, Mike Sullivan and Oliver Freyermuth for their contributions to this version of tinc. -- Met vriendelijke groet / with kind regards,...

...DD_EDGE when DirectOnly=yes? 4. is there a way to know why tinc thinks node is unreachable (I see quick changes from reachable to unreachable and back again in debug logs)? My current theory is that it is because ConnectTo target nodes are maxing out cpu and losing packets (and probably losing PMTUDiscovery packets). Thank you! --

...n alpine linux 2.7.8 in 2 seperate environments. The first environment is running for about a month without any problems. The second environment causes some trouble. It looks like a memory leak on the client side. tincd.conf: ConnectTo=ServerHost Device=/dev/net/tun Mode=switch Name=ClientHost PMTUDiscovery = yes DeviceType=tap PriorityInheritance = yes Compression=10 hosts/ServerHost Address=XXXX PMTUDiscovery = yes PriorityInheritance = yes -----BEGIN RSA PUBLIC KEY----- XXX -----END RSA PUBLIC KEY----- Linux Kernel 3.10.40-0-grsec #1-Alpine SMP Wed May 14 07:59:37 UTC 2014 x86_64 Linux apk...

Hello! I have 3 PCs - Windows, FreeBSD and Ubuntu. FreeBSD runs as a tinc server as it has a real IP. Ubuntu runs as a tinc client as it has a dynamically changing public IP. Windows has not tinc installed yet. Therefore I use Putty ssh client to ssh to FreeBSD machine (as it has real IP) and then from there I ssh to the Ubuntu box using its virtual IP. The connection establishes well, I can ping

Hi there, I am using tinc since some monthes. I think the basic idea of extending vpn to a mesh of systems via tun/tap is great. And I think it is one of the useable developments compared to the much more complex vpn solutions I had used in the past. Great work. Setting up tinc I have fought with the configuration (and with the concepts) for a while as I have found no example that covers my

...strange. All of a sudden, the vpn would not work as a full-mesh. Certain nodes were not contactable. I re-generated my rsa-keys, and checked my configuration. My vpn uses the following in tinc.conf, as I am routing both ipv4 and v6. === name = node1 mode = switch AddressFamily = any PMTU = 1280 PMTUDiscovery = yes TCPonly = no ConnectTo = hub1 ConnectTo = hub2 ConnectTo = hub3 === My VPN has some hosts called by nodex. These nodes are dynamic-ip, and set to contact (connectTo) the hubs when they bring up their tincd. The hubx nodes are fixed-ip, and are connected to each other in a full mesh. With...