similar to: Missing information on Website: 'Example: IPv6 Networking'

I have 2 nodes nodeA and nodeB I'm using tinc 1.1pre11 -- nodeA(fd80:2015:2105:abcd::1) : $ ip -6 route fd80:2015:2105:abcd::1 dev tun0 proto kernel metric 256 fd80:2015:2105:adcd::/64 dev tun0 metric 1024 fe80::/64 dev eth0 proto kernel metric 256 $ ping6 fd80:2015:2105:abcd::1 PING fd80:2015:2105:abcd::1(fd80:2015:2105:abcd::1) 56 data bytes 64 bytes from fd80:2015:2105:abcd::1:

Hi Im using tinc to bridge networks together. And im using ebtables to block dhcp traffic for ipv4 on each node in tinc. One of my nodes have recently began using ipv6. The isp is using auto configuration to give out ipv6 addresses. The problem is that every computer in my bridged network is getting ipv6 addresses from that node. The other computers behind the other nodes have no use for ipv6

I have been gradually moving more tinc servers over to ipv6 addresses on the tinc 1.1 branch. Tinc is inserting a default route for ipv6 for some reason... default via 2600:3c01:e030:f2::1 dev tinc6 proto static metric 950 pref medium In my case the default route supplied by ra is still the correct thing, but I don't see where in the code tinc is inserting this route from.... which, as

Hi thank you for looking in to this. I haven't tried it before now. I cant get it to work. after running the commands you suggest I get this when I run ip6tables --list-rules root at JOTVPN:~# ip6tables --list-rules -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -A FORWARD -i vpn -p ipv6-icmp -m icmp6 --icmpv6-type 133 -j DROP -A FORWARD -o vpn -p ipv6-icmp -m icmp6 --icmpv6-type 134 -j

I've been trying out IPv6 networking with tinc and noticed that it will not route smaller segments than /48 If I try to run ip -6 route add aaaa:bbbb:cccc:dddd::/64 dev tun0 I get network unreachable However if I run ip -6 route add aaaa:bbbb:cccc::/48 dev tun0 it works fine Is this is a limitation in tinc or the kernel network stack itself? -------------- next part -------------- An HTML

On Fri, Mar 04, 2016 at 09:43:44PM +0100, Guus Sliepen wrote: > - On Linux, add "echo 0 >/proc/sys/net/ipv6/conf/$INTERFACE/accept_ra" > to tinc-up before any ifconfig or ip commands. Ah, if it's only the default route you don't want, then it's: echo 0 >/proc/sys/net/ipv6/conf/$INTERFACE/accept_ra_defrtr -- Met vriendelijke groet / with kind regards,

hi It was not working when i applied the rules on the vpn card. But I wondered if maybe bridging of vpn and eth0 was messing this up. I thought it was enough to only apply it to the vpn card root at JOTVPN:~# brctl show bridge name bridge id STP enabled    interfaces bridge 8000.000c29638a7e no           eth0                                                                   vpn so I tried the

Guus Sliepen [2016-05-24 11:26 +0200] : > On Tue, May 24, 2016 at 08:17:07AM +0200, Niklaas Baudet von Gersdorff wrote: [...] > > A $ cat /usr/local/etc/tinc/klaas/tinc-up > > ifconfig $INTERFACE inet6 fd16:dcc0:f4cc:0:0:1:0:1 prefixlen 80 > > route -6 add -host fd16:dcc0:f4cc:0:0:2:0:1 fd16:dcc0:f4cc:0:0:1:0:1 > > route -6 add -net

On Fri, Dec 12, 2014 at 02:21:08AM -0500, md at rpzdesign.com wrote: > Oops, I got it to work only after putting the WAN on port 656 so it > did not interfere with port 655 for the LAN. You should not need to have two tinc daemons just because you have a WAN and a LAN interface. By default (ie, if you don't specify BindToAddress and/or BindToInterface), tinc listens on all interfaces,

Hello, The tinc website, which previously was hand-crafted HTML, has now been replaced by a Wiki, powered by Ikiwiki (http://ikiwiki.info). The contents are still very similar to those before the switch, but already some new features are available: the site now uses CSS for the layout, and RSS and Atom feeds are available from the news and RecentChanges pages. If you have something to contribute

Hello, The tinc website, which previously was hand-crafted HTML, has now been replaced by a Wiki, powered by Ikiwiki (http://ikiwiki.info). The contents are still very similar to those before the switch, but already some new features are available: the site now uses CSS for the layout, and RSS and Atom feeds are available from the news and RecentChanges pages. If you have something to contribute

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I'm using tinc to connect a couple of ipv6 capable machines using a mix of upd6, udp4, tcp6 and tcp4. Now I wanted to add an linux embedded device, which has no ipv6 support at all. Tinc did compile and configuration is fine (tested on other machine), but after connecting the embedded device to other hosts tinc instances, it suddenly crashes.

Hi, thanks. Sorry for the mess with my gmail account... This made the route go away. But is this the right way to configure tinc? To give the tinc interface an IP (with 255.255.255.255 subnetmask) from the local (green) network it does route the traffic to? Does it make sense to give the tinc interface an 192.168.0.253 IP, when the net here is 192.168.0.0/24 on eth1 I can not find such a

Hi Michael, when I was looking for information on tinc in combination with IPv6, I also found your new tutorial at that time (earlier this month). Somehow a couple of things are less clear to me in the newer tutorial (maybe the nice network topology image is missing). OK, you added the unique local addresses to the setup. But I dont't get it how the routing is done in your setup. You

Here is some examples of using templates for TINC configurations and settings: In your startup script, BEFORE starting TINC VPN, put a number of entries to configure your VPN: sh ./templatewriter.sh LAN LOSI101 8540 255.255.255.0 0.0.0.0 10.99.0.11 10.98.0.11 ConnectTo=LOSI102 ConnectTo= ConnectTo= **PUT MORE ENTRIES HERE FOR MORE COMPLEX VPN setups ######Templatewriter.sh #!/bin/bash

Hello folks, we're planning an IPv6-Deployment using tinc. A routed tinc-network should connect a couple of wireless access points. In order to avoiding scaling issues, the network should not be run in switched mode. Our site uses 2001:470:780f::/56 - Each ap gets a single /64 network, to be distributed to its wireless clients. Example: ap 1: 2001:470:780f:1::/64 ap 2:

I have been using tinc for an IP V4 VPN for many years. I am about to start looking at IP V6. All the examples I have found use switch mode. I really don't want to use switch mode -- this is a wide-area network, plus it will include several different networks and I want to be able to put in place firewall rules between some of them. I plan a star topology, with a central routing (and

Hi all, hi Guus, in july 2004 i received an e-mail from you concerning the way a packet takes across a (tinc)vpn: > They are forwarded from eth0 to tap0, but the kernel doesn't know that > tinc is forwarding them from tap0 to ippp0. So, the UDP and TCP > packets that tinc sends will be seen by the OUTPUT chain instead of > the FORWARD chain. At the other end, the received UDP

Although we (the authors of tinc) have done our best to make tinc as secure as possible, an unfortunate combination of encryption and key exchange techniques has created a hole in at least all versions of tinc >= 0.3, including the current CVS version. Exploit: If somebody can intercept the meta protocol to a host that is running a tinc daemon, it is possible to decrypt the passphrase, which

Although we (the authors of tinc) have done our best to make tinc as secure as possible, an unfortunate combination of encryption and key exchange techniques has created a hole in at least all versions of tinc >= 0.3, including the current CVS version. Exploit: If somebody can intercept the meta protocol to a host that is running a tinc daemon, it is possible to decrypt the passphrase, which