Displaying 20 results from an estimated 600 matches similar to: "Performance issue with TunnelServer mode"
2005 Apr 13
3
Patch for tunnelserver mode in protocol_subnet.c
Hello,
Here is a patch for protocol_subnet.c with two modifications :
- in tunnelserver mode, tinc must check subnets in the ".../hosts/owner"
config file, not in "c->config_tree" (which is the configuration
of the meta-connection from which we receive the ADD_SUBNET message).
- this checking can be made before the check of the owner, especially
before any
2015 Aug 27
2
"Switch Mode" with "TunnelServer" and No Communication
Let me start with what I'm trying to accomplish. I use tinc mainly to get
to subnets behind the daemons and I don't control those subnets and can't
guarantee overlap. I was using routing mode and reconfiguring tinc every
time i needed to get to a subnet behind a specific daemon. Then I came
across switch mode that allowed me to simply add routes based on the IP
address of the tinc
2010 Apr 06
1
"Mode Switch" and "Tunnelserver Yes" cause unnecessary traffic to clients (proposed patch)
The following is maybe a bug report, and a proposed patch.
Using latest stable tinc 1.0.12.
I have a central server and a few clients connecting to this server.
I don't want clients to speak directly, but I want all the
communications to pass by the server.
My configuration is:
Mode = switch
TunnelServer = Yes
I need layer2 because of some ethernet stuff on the clients.
When you have
2013 Jan 24
3
Conflicting Default Values. A trusts B. B trusts EvilNode. Does that mean A trusts EvilNode?
*You should repeat this for all nodes you ConnectTo, or which ConnectTo
you. However, remember that you do not need to ConnectTo all nodes in the
VPN; it is only necessary to create one or a few meta-connections, after
the connections are made tinc will learn about all the other nodes in the
VPN, and will automatically make other connections as necessary. *
The above is from the docs. Assuming
2016 Jun 21
2
Metadata flooding
Hi,
we use a tinc network of about 400 nodes, all of them linux servers, partly
in different datacenters (but generally low latency). Usually this is
working very well (for weeks without a problem).
>From time to time the whole network goes down though. This happened when we
restarted a larger number of servers or when there was a connectivity issue
between datacenters or some (short)
2016 Jun 22
1
Metadata flooding
Thank you for the helpful advice. We will try to group the servers with
different ConnectTo servers first. If this does not help we will look at
the TunnelServer solution. Just to make sure we understand TunnelServer
correctly: do you need to specify every host as ConnectTo that the host
should be able to communicate with or is it sufficient to just provide the
hosts files?
Thanks, Hendrik
2020 Jul 27
3
SegFault when using TunnelServer=yes
Hi, thank for getting back.
I'll answer the questions, but I've already gave up on tinc and switch
to zerotier-one.
On 2020-07-27 5:10 p.m., borg at uu3.net wrote:
> Hi. I have few questions out of curiosity.. Cant help for now with
> your problem...
>
> What version is crashing? 1.1 or 1.0 ?
1.1 is crashing
>
> How your network is segmented..?
> I use tinc myself
2011 Oct 26
1
Tinc CPU usage
Hi, I'm using Tinc v1.0.11 on Ubuntu 10.04 and seeing high CPU usage (up
to 30%) on what I wouldn't consider high traffic levels.
The traffic is application server to database server connections and
multicast communication for session-replication on the application server.
I'm running the tinc daemons in switch mode, to support the multicast. I
have tried settings:
TunnelServer =
2013 Nov 07
2
Segfaults on connection loss
Hi there,
I'm seeing quite frequent segfaults around check_dead_connections() and
terminate_connection() when the tcp meta connection to a node times out
(or is e.g. firewalled), usually it happens when there's heavy packet loss:
Program terminated with signal 11, Segmentation fault.
#0 edge_del (e=0x1b71ba0) at edge.c:96
96 avl_delete(e->from->edge_tree, e);
(gdb)
2020 Jun 19
2
SegFault when using TunnelServer=yes
Hi all,
I have a network with about ~800. The network is a mix of tinc 1.0 and
1.1 nodes. It is gradually expanding for several years now.
The problem is that at some point it seams the daemon can not handle the
processing of the new connection and the edges.
There are 3 major nodes in the system and every other node initially
makes connection to one of them.
Now after a lot of debugging
2020 Jul 28
0
SegFault when using TunnelServer=yes
Thanks for answers.
I think its now flaw.. but design.. Tinc auto-mesh is very very handy.
You just need to avoid flat networks.
There is also IndirectMode w/ forces nodes to be switched by
intermediate node... but I would be cautionus how its used.
I use it myself for certain nodes behind NATs where they
cannot be connected to, so always connect node handles switching for them.
You noticed it
2015 Sep 07
0
"Switch Mode" with "TunnelServer" and No Communication
> I'm mostly looking for guidance on whether it is possible for daemons to
> only accept traffic from specific daemons in switch mode. If so, what am I
> doing wrong with my subnet configurations that won't let me even ping from
> one daemon to the server when TunnelMode is yes?
check if this patch still applies:
2020 Jul 27
0
SegFault when using TunnelServer=yes
Hi. I have few questions out of curiosity.. Cant help for now with
your problem...
What version is crashing? 1.1 or 1.0 ?
How your network is segmented..?
I use tinc myself here a lot too (1.0) but my network is very segmented.
I use switch mode and handle routing myself, so mesh links arent large..
I would NOT go beyond 30 nodes for full auto-mesh.. its already like 435
edges...
Regards,
2017 Aug 29
1
Behavior like -R and -L SSH
Hi All,
I've been playing around with TINC and like what I've seen so far.
I wanted a TINC tunnel like this, where I have a server on the Internet
with a public IPv4 address as my TINC server. Then I can have clients
connect to it and see each other except that the client at a customer
site would allow me to route behind it so I could see hosts on site beyond
my device on premise. I do
2010 Sep 17
1
friend of a friend type darknets
Hi!
here a little patch for darknet functionality, i hope it does what its
intended for sufficiently ... but it seems to work :).
what should it do?
imagine your friend-network. A trusts B and C. B trusts D and E, D trust
F, C trusts G. All trust relationships are mutal
A <---> C <---> G
^
\
\-----> B <---> D <---> F
^
\
\---> E
2009 Sep 14
3
Problem making connection can anyone help me?
Well i currently try to set up tinc between two hosts, one with normal dsl connection one behind some kind of unknown firewall (Note since OpenVp is able to connect when the normal one is the Server I guess tinc should be able, too)
start.bat-------------------------------tincd -n Empire-Network -D -d4 --bypass-security (Bypass is only currently because tis not working yet)
2017 Jan 16
1
Firewall rules for TINC server
On Mon, Jan 16, 2017 at 12:29:59PM +0000, Guillermo Bisheimer wrote:
> One more thing. I can run two tinc daemons one for each group, but I sill
> need to communicate clients from one group to the other.
>
> Clients from group 2 (admin group) need to reach clients from group 1
> (remote server group), but clients from group 1 must not be able to reach
> each other nor the
2016 Jun 21
0
Metadata flooding
On Tue, Jun 21, 2016 at 01:04:31PM +0200, Hendrik Schumacher wrote:
> From time to time the whole network goes down though. This happened when we
> restarted a larger number of servers or when there was a connectivity issue
> between datacenters or some (short) maintenance on the network
> infrastructure. The problem was already described in the mailing list (for
> example here:
2018 Oct 10
1
Tinc invite options
Dear All,
We are trying the Tinc invites to let nodes join the network.
This is working as described but we want to push some configuration for
some nodes but this seemed not to be working.
What is working is the following invite:
Name = test_invite
NetName = test_VPN
ConnectTo = test_hub01
Ifconfig = 172.16.1.4/24
Subnet = 172.16.1.4
2017 Jan 15
3
Firewall rules for TINC server
thanks, but i was able to make it work based on some suggestion on tomato
shibby forums.
Regards
Ramesh
On Sun, Jan 15, 2017 at 9:02 AM, Guus Sliepen <guus at tinc-vpn.org> wrote:
> On Fri, Jan 13, 2017 at 06:53:07PM +0000, Guillermo Bisheimer wrote:
>
> > I've setup a Tinc VPN for a bunch of nodes divided in two groups:
> >
> > Group 1:
> > IP Range