similar to: Two nodes with same key?

On 11/05/15 18:59, Guus Sliepen wrote: > Tinc does break if you have two nodes that have the same Name > online at the same time, since those are used to uniquely identify > nodes in the VPN. Ah. I had assumed that some sort of internal UID was used to identify nodes. Does tinc break if the two ends of the connection disagree about the name? For example if my old hub was called

Hi, Reason behind that is we have some use cases wouldn’t like to make some nodes to become the transit node, but there’re some other nodes in the topology act as the transit nodes. So if the tinc node forward subnet update it learning from one side to the other side, then it possible to become transit node if one side only have route to go through it. That node I would call it “spoke-only”

On Mon, May 11, 2015 at 06:43:22PM +0100, Graham Cobb wrote: > I am wondering if tinc breaks if two hosts have the same key? I am > guessing it probably does! [...] (and the same name, but I assume > tinc host names are only meaningful locally) It does not break if two nodes have the same key, although it is unrecommended and there might be security issues with that scenario. Tinc

Hello, We're suffering from sporadic network blockage(read: unable to ping other nodes) with 1.1-pre17. Before upgrading to the 1.1-pre release, the same network blockage also manifested itself in a pure 1.0.33 network. The log shows that there are a lot of "Got ADD_EDGE from nodeX (192.168.0.1 port 655) which does not match existing entry" and it turns out that the mismatches

Hi I have a simple hub and spoke topology where all my nodes connect to a central node. Below is tinc.conf for main node *tinc.conf* Name = main Interface = tun0 Forwarding = kernel and the remote nodes have same with ConnectTo = main. I have tried to apply a basic iptable policy on the main node but the traffic still seems to passthough and the nodes can communicate with each other. How do I

Hi, I am looking networking together about 1000-2000 sites across the country. I've been looking through these mailing lists. Saw the thread from the person who had 1000+ running on Amazon, and how they essentially stripped all security out of it. Also know that the ChaosVPN uses tinc, for at least 130+ sites although I'm a bit fuzzy on the details for it. Are there any other cases of

Thank you Guillermo. I will give it a go and revert back with my results. Regards Yazeed Fataar <yazeedfataar at hotmail.com> On Mon, Feb 13, 2017 at 2:26 PM, Guillermo Bisheimer < gbisheimer at bys-control.com.ar> wrote: > Hi Yazeed, > > You have to add this to tinc.conf > > TunnelServer = yes > > Otherwise tinc will manage package routing internally. Then you

Hi everybody. Just wanted to mention that I've published a docker image of tinc 1.1pre15 for the raspberry pi 2/3. It was compiled from source on a raspberry 3 and published as byscontrol/tinc-rpi <https://hub.docker.com/r/byscontrol/tinc-rpi/> along witht the configuration instructions. The latest tag refers to 1.1pre15 only, but I can publish other versions as well if needed. Hope

Hi, has anybody a running setup with 2 or more tinc daemons in switch mode which transport 8021q tagged traffic? I am trying to connect two segments with about 4 x 1000 mac addresses (distributed on different vlans). I am always running out of memory on one side. This happens only on the side where the arp requests come from. Currently there is no unicast traffic between the sides; only

Hallo, A question about the tinc Cipher= and Digest= values: Do these values absolutely need to be identical on both "sides" for the connection to work? Or does it only affect the outgoing side of the packets but not the receive? For example three nodes, two with ConnectTo= to Hub H, and on host A I have a hosts/H and hosts/B entry with: Cipher=blowfish Digest=sha1 But on host B

Hi all, I am new to Tinc VPN and really would like to make full benefit of this implementation if possible. I would like to know whether I will be able to use Tinc to its full potential. My current setup is as follows, IPfire router/firewall(openvpn client) --->ISP(Internet)--->Amazon VPS(openvpn server). The ipfire router is behind a CARRIER-GRADE NAT, I am able to reach the network

Am 13.01.2015 um 15:58 schrieb Guus Sliepen: > Make sure you have a very good power supply for your Raspberry Pi (get > one that can deliver at least 1.5 A, better get one that can do 2 A). > Even then, it's recommended to run the wireless network dongle from a > separate, powered USB hub. If the power usage is too high, even for a > short amount of time, the voltage can drop

Hi, Just for your information I had the tinc daemon dying on the main machine I use as a hub, so I looked for a script to restart the daemon it if dies. Here is tinc.sh: ========================================================== #!/bin/bash # Tinc Process Monitor # Restart Tinc daemon When It Goes Down # Source: http://bash.cyberciti.biz/web-server/restart-apache2-httpd-shell-script/

Hi, Exactly I don?t know if this is a bug or not. I have a LAN with one switch and one hub. Yesterday I was in vpn with a customer (vpn tunnel 1.2.3.0 subnet 255.255.0.0) when a colleague has attached his notebook that was set with the network 1.2.4.0. I suppose that his notebook has sent a lot of broadcast messages on the network, infact my vpn connection was broken quite immediately! When he

Hi I have been testing the "import" function in tinc. It works great however there is one thing I need help doing. When I import the RSA keypairs from multiple devices into a tinc node using the import , the last RSA key pair data is not saved. I only get a blank host file. For example *Hub* :~#Tinc -n <netname> import name = site 1 --- <begin rsa pub key --- --- <end rsa

Would it be extremely difficult to do multicast over tinc? How about reliable multicast over tinc? This would be more traffic than multicast dns, but not _necessarily_ a great deal more. It would be for syncing some information among freeipa domain controllers. Would the tinc nodes need to be in all in switch or maybe even hub mode? EthernetOverIP over tinc?

Hello, I am running the staticly linked version, tinc version 1.0pre7 (built Apr 9 2002 14:00:34, protocol 14) on four Debian potato systems. The kernels are all 2.2.19. The vpn is set up as a star with one hub and three spokes. The hub and one of the legs share the same ISP and are on the same subnet. Both the other two legs are on different ISP's. All the systems are running masquerading

Hello to everybody, Sorry if my english isn?t very good. I need pass 802.1q through a VPN between two offices. I have mounted a WRT54GL, with OpenWRT firmware, conected to a switch trunk port in both offices. In the switch of the first office I have created five tagged VLANs and I need pass these VLAN to the second offices where it has created it too. Can I do this with Tinc in HUB/Switch

Hello, I successfully built a vpn between two hosts ("main" and "iquique") (and its SubNets), but I have problems when I want to add another host ("valparaiso"): I get a lot of Duplicates packets everywhere and a very slow vpn. I guess that is a routing problem, but I have try with a lot of alternatives without result. I have try with "switch",

We are testing tinc inside Google Compute within a single region and an external region. Two boxes are created as follows: /etc/tinc/test/tinc_test_1 Subnet = 10.240.0.0/16 Subnet = 10.240.0.4/32 Address = 104.154.59.151 /etc/tinc/test/tinc_test_2 Subnet = 10.240.0.0/16 Subnet = 10.240.0.5/32 Address = 104.197.132.141 /etc/tinc/test/tinc.conf Name = $HOST AddressFamily = ipv4 Interface = tun0