similar to: TrustedNodes option in TINC

Hello, I am tying to create tinc vpn for the ~1000 nodes and was thinking why meta connections are needed at all if I only need static configuration where every node knows addresses of other hosts and due to the amount of traffic any indirect connections will not work, so DirectOnly=yes is a must and then passing around routing information is not needed, right? Currently I have 10 nodes

Hello! I have recently installed tinc on a linux 2.4 machine which has 192.168.0.0/24 private network connected to eth0 and registered ip on eth1. I also installed tinc on Windows 2000 machine on a remote location. for this moment I can establish connection, on Linux machine tincd says: Sep 26 21:10:50 hostname tinc.gscvpn[483]: Node home (y.y.y.y port 655) became reachable But i

Hello, I have been reading through the documentation and trying to set up a very small VPN as a test for a larger rollout that I would like to complete in the future but cannot get this working. The configuration seems like it should be relatively simple, so I'm most likely missing something basic but I just cannot see what I'm doing wrong. At the moment I am trying to get this working

Hallo, Another strange and difficult to understand thing - seems like all the easy bugs in 1.1 are gone ;) waehring (1.1) | +-------------------+--------------+ | | | vpnhub1 (1.1) igor (1.1) turing (1.0) | | | +-------------------+--------------+ | tokamak Whenever another node outside of the graph connects to vpnhub or igor

I would like to discuss the following commit: https://github.com/gsliepen/tinc/commit/4a0b9981513059755b9fd15b38fc198f46a0d6f2 ("Determine peer's reflexive address and port when exchanging keys") This is a great feature as it basically allows peers to do UDP Hole Punching (via MTU probes) even when both are having their source ports rewritten by a NAT, which is extremely useful.

While working on SPTPS UDP relaying I realized that there is one issue I didn't account for, which is that the sending node only knows the PMTU to the first relay node. It doesn't know the PMTU of the entire relay path beyond the first hop, because the relay nodes don't provide their own PMTU information over the metaprotocol. Now, in the legacy protocol this is not really an issue,

Hello, should the cvs trunk compile? a configure first gave me errors. I had to replace any appearance of "[config.h]" to config.h in the Makefile. Then a make did not finish: make[2]: Entering directory `/usr/src/tinc/lib' make[2]: Nothing to be done for `all'. make[2]: Leaving directory `/usr/src/tinc/lib' Making all in src make[2]: Entering directory

Hi there I have the following setup Home - Main Tinc server with public IP running on PfSense work - tinc client running behind a CISCO ASA firewall with public IP running on Windows 10 offsite - tinc client running on tomato router behind a double NAT Home & offsite connect & i can see all PCs & devices & connect to them easily, on either side work to Home or offsite connects

Hello, I'm trying to test a tinc vpn between two Linux hosts on the same ethernet. If I start tinc on both sides as 'tinc -n test --bypass-security --debug=5' I can ping both machines from each other and tcpdump shows that the packets pass through the tun-device created by tinc. Connection from 192.168.192.17 port 32852 Sending ID to (null) (192.168.192.17 port 32852): 0 helix 17

Hello, We're suffering from sporadic network blockage(read: unable to ping other nodes) with 1.1-pre17. Before upgrading to the 1.1-pre release, the same network blockage also manifested itself in a pure 1.0.33 network. The log shows that there are a lot of "Got ADD_EDGE from nodeX (192.168.0.1 port 655) which does not match existing entry" and it turns out that the mismatches

Hello. I found that anonymous structures does not work on gcc-2.95. If you guys want to support a bit older platforms I suggest fixing it. You can check out patch I created to fix this issue. I just added 2 extra structures to remove anonymous structs inside connection_status_t and node_status_t. Patch is here: ftp://borg.uu3.net/pub/unix/tinc/tinc.patch Attaching it as well. Regards, Borg

--- doc/tinc.conf.5.in | 3 +++ src/linux/device.c | 7 +++++++ 2 files changed, 10 insertions(+), 0 deletions(-) diff --git a/doc/tinc.conf.5.in b/doc/tinc.conf.5.in index 2bfd5fe..01f7f81 100644 --- a/doc/tinc.conf.5.in +++ b/doc/tinc.conf.5.in @@ -255,6 +255,9 @@ a lookup if your DNS server is not responding. This does not affect resolving hostnames to IP addresses from the host

Hello! I have encountered a bug using tincd with Microsoft Windows: Below you'll find my Setup and my Logs. In short, i do the following: 1. office running tincd 1.0.7 and waiting for connections (no ConnectTo, but this does not resolve the issue) 2. the supporter starts up tincd 1.0.7 on windows (native) 3. ping from windows ("support") to the office: Here the error occours:

Hi all, I have a network with about ~800. The network is a mix of tinc 1.0 and 1.1 nodes. It is gradually expanding for several years now. The problem is that at some point it seams the daemon can not handle the processing of the new connection and the edges. There are 3 major nodes in the system and every other node initially makes connection to one of them. Now after a lot of debugging

+0100 From: Daniel Schall <tinc-devel at mon-clan.de> Date: Thu, 6 Jan 2011 17:00:35 +0100 Subject: [PATCH] Improved PMTU discovery diff --git a/lib/dropin.c b/lib/dropin.c index 52fb5b8..2b803b1 100644 --- a/lib/dropin.c +++ b/lib/dropin.c @@ -165,8 +165,8 @@ #endif =20 #ifdef HAVE_MINGW -int usleep(long usec) { - Sleep(usec / 1000); - return 0; -} +//int usleep(long usec) { +//

Hi! here a little patch for darknet functionality, i hope it does what its intended for sufficiently ... but it seems to work :). what should it do? imagine your friend-network. A trusts B and C. B trusts D and E, D trust F, C trusts G. All trust relationships are mutal A <---> C <---> G ^ \ \-----> B <---> D <---> F ^ \ \---> E

Hi, thank for getting back. I'll answer the questions, but I've already gave up on tinc and switch to zerotier-one. On 2020-07-27 5:10 p.m., borg at uu3.net wrote: > Hi. I have few questions out of curiosity.. Cant help for now with > your problem... > > What version is crashing? 1.1 or 1.0 ? 1.1 is crashing > > How your network is segmented..? > I use tinc myself

Hi. I have few questions out of curiosity.. Cant help for now with your problem... What version is crashing? 1.1 or 1.0 ? How your network is segmented..? I use tinc myself here a lot too (1.0) but my network is very segmented. I use switch mode and handle routing myself, so mesh links arent large.. I would NOT go beyond 30 nodes for full auto-mesh.. its already like 435 edges... Regards,

Hi, I'm using Tinc in a scenario where round-trip time matters. I've multiple nodes behind firewalls (with and without NAT) and a single public server node. How do I can get the current state of UDP data-connections between my firewall'd nodes? According to the docs: - 'dump connections' give me all TCP meta-connections of the current node - 'dump edges' give me

LocalDiscovery works by sending some of the MTU probe packets to the broadcast address (255.255.255.255). If the destination node receives one of these packets, it will update its UDP cache and reply, thus the two nodes will start using their local addresses to communicate. Now, I see two problems with this approach: - In case the two nodes are behind the same NAT and can reach other *but*