similar to: multiple addresses and multiple ports in Switch mode

Something tells me this was covered recently, but i didn't find it again in gmail. The nodes see each other but if i have something misconfigured that is decreasing my speed. All my nodes are behind NATs. i have a remote node that connects to a central node via port forwarding from public port 7777 to hp821 running on port 655. remoteNode ----> public ip 1.2.3.4:7777 ---->

Have anything to do with firewall locations, meaning home vs work vs public vs lockdown. Probably not it at all. On Jul 13, 2016 3:22 PM, "Etienne Dechamps" <etienne at edechamps.fr> wrote: > That's strange. Can you post a detailed log from the affected node (run > tincd -d5 -D), especially the initialization phase? > > On 13 July 2016 at 16:17, Petr Man <petr

You might want to try with https://github.com/gsliepen/tinc/pull/120 - that said, this bug probably doesn't explain everything because tinc is supposed to log a message from setup_vpn_in_socket() anyway, but there's no such message in your log. In addition, I really don't see any way the "Received UDP packet from unknown source" message could be logged if the UDP socket

c:\APPS\TINC\tincd.exe --mlock --net=mynet --config=C:\APPS\tinc\mynet Without --mlock, the service starts OK. With --mlock, the service fails to start.

i created an ipset and added 8.8.8.8 to it and used the same iptables working all summer long but ?i can still ping 8.8.8.8 and do nslookup queries against it. ipset or iptables is broken. Anybody else rebooted since ipset-6.11-3.el6.i686 was installed and actually tested that IP addresses that are supposed to be blacklisted are actually blocked? ? Filed CentOS bug report 7977

> Currently, i have nodes with PMTUDiscovery =yes and ClampMSS = yes. Hello, these features were introduced in 1.0.13 correct ?? I also understand that the two settings are by default "yes" if not explictly set to "no" in the config file. what may happen if I have a network with mixed versions from 1.0.11 and 1.0.13, where the older daemons do not implement that feature

Hello, I have tried for days on end with no success on this, so I thought I would post it here and see if someone can help me at all. *Here's the scenario:* I have 1 PC with a Static IP/Domain (a dyndns.org account - myserver.homeip.net) connected to a router, which in turn is the gateway to the internet. It also has a static local IP (192.168.1.2). I will call this the "server"

Would it be extremely difficult to do multicast over tinc? How about reliable multicast over tinc? This would be more traffic than multicast dns, but not _necessarily_ a great deal more. It would be for syncing some information among freeipa domain controllers. Would the tinc nodes need to be in all in switch or maybe even hub mode? EthernetOverIP over tinc?

[This email is either empty or too large to be displayed at this time]

Anybody on here successfully get ipset iptables sets to work _after_ a reboot? My question on StackExchange http://unix.stackexchange.com/questions/149536/upon-bootup-all-iptables-are-lost-because-the-kernel-module-ip-set-is-not-loade Some of the things that need to be in place, otherwise iptables does not load: 1.) The kernel module ip_set needs to be loaded. 2.) The "sets" need to be

On Fedora 11 (yes, with SELINUX enabled and enforcing) setting tinc.conf's ProcessPriority=high prevents tincd from starting. Anybody have an answer? tinc was compiled by me, didn't come from Fedora's rpm repo.

How does one specify two different ports in the same host file? When lapops are hardwired versus when mobile on a totally different lan. address0 71.17.72.27 address1 192.168.2.27 port0 22755 port1 655

ping times to ConnectTo machine are often over a second or at least 300 milliseconds. Hundreds or thousands of times slower than other nodes from same physical location.

http://httpd.apache.org/security/vulnerabilities_20.html states that Apache 2.0.52 is 4 years old and the latest version is 2.0.68. i am no longer a httpd expert, but at least one of the security fixes involves XSS attacks via malformed ftp commands. I also realize that redhat / centos may patch things separately from Apache and that the sysadmin has a great deal to do with how secure things

Currently, i have nodes with PMTUDiscovery =yes and ClampMSS = yes. When the server does not receive a PMTU request back from one of the clients even when the packet size is very small (say 164), then it reverts to TCP. Should i turn off PMTUDiscovery or should it be ok to leave on? It takes a very long time to do simple pings (1 second or so), so i wonder what else i can do?

Since Fedora is pushing NSS SSL instead of OpenSSL, has someone tested tinc-vpn against NSS? As i recall, a single machine can not have OpenSSL and mod_nss installed at the same time anymore. So if you have apache running, you _may_ have problems running tinc? The nss api is supposed to mostly similar to openssl api, but there are some things openssl supports and somethings nss supports. Is

Not in my testing especially about the time of 6.4. On Apr 22, 2016 5:16 PM, "Gordon Messmer" <gordon.messmer at gmail.com> wrote: > On 04/22/2016 01:33 AM, Rob Townley wrote: > >> tune2fs against a LVM (albeit formatted with ext4) is not the same as >> tune2fs against ext4. >> > > tune2fs operates on the content of a block device. A logical volume

tune2fs against a LVM (albeit formatted with ext4) is not the same as tune2fs against ext4. Could this possibly be a machine where uptime has outlived its usefulness? On Thu, Apr 21, 2016 at 10:02 PM, Chris Murphy <lists at colorremedies.com> wrote: > On Tue, Apr 19, 2016 at 10:51 AM, Matt Garman <matthew.garman at gmail.com> > wrote: > > > ># rpm -qf `which

Hi, I upgraded some of my Tinc nodes from 1.0.8 recently and found something strange. All of a sudden, the vpn would not work as a full-mesh. Certain nodes were not contactable. I re-generated my rsa-keys, and checked my configuration. My vpn uses the following in tinc.conf, as I am routing both ipv4 and v6. === name = node1 mode = switch AddressFamily = any PMTU = 1280 PMTUDiscovery = yes

The documentation is very clear that multicast over tinc does not work in router mode. Why?