similar to: Tinc Clients Disconnecting

Hi, Can you help me explain some behaviour please? I've 2 tinc clients that happen to be on the same network and behind the same NAT gateway. They've been working for ages. Without anything changing, they've stopped. They both died, in sequence while I was actively connected to them and using an SSH session. When I check the logs of another tinc node they connect to I see

I found the server(1.1.1.1) didn’t receive the MTU probe from client, so I add iptables -A INPUT -p udp —port 443 -j ACCEPT. After this, I see one packet matching on the server side, and the MTU negotiation works, but when I tear down the tinc, and re-establish the tinc connection, the counter of below UDP/443 never increase, and also my other tinc nodes never add this statement on iptables, but

Hi, experts for example, the below case: You can see a lot of back and forth MTU probe packets been exchanged between tinc nodes, but it’s weird that, from the debug log, one line shows "No response to MTU probes from node1”, but it indeed received a lot of MTU probe response, and finally it get the conclusion of "Packet for node1 (1.1.1.1 port 443) larger than minimum MTU”.

Hi, Guus Thanks a lot for your suggestion, actually I did something else as below. But one question here is if I don’t add "/sbin/ifconfig myvpn 10.0.0.1 netmask 255.255.255.0”, it seems the crontab wouldn’t trigger tinc-up, and then the ip addr of myvpn wouldn’t be configured, then it will prompt the error of "Can't write to Linux tun/tap device (tun mode) /dev/net/tun:

Hi, All Due to some routing rotation purpose, I use crontab to add below info: 0 * * * * echo Subnet = 54.169.128.0/17 >> /etc/tinc/myvpn/hosts/aws_sgp 0 * * * * echo Subnet = 54.169.0.0/17 >> /etc/tinc/myvpn/hosts/aws_sgp 1 * * * * /usr/sbin/tincd -n myvpn -k 1 * * * * /usr/sbin/tincd -n myvpn --debug=3 30 * * * * sed -i '/54.169.128.0\/17/d' /etc/tinc/myvpn/hosts/aws_sgp

On Fri, May 26, 2017 at 09:30:44AM +0800, Bright Zhao wrote: > Due to some routing rotation purpose, I use crontab to add below info: > > 0 * * * * echo Subnet = 54.169.128.0/17 >> /etc/tinc/myvpn/hosts/aws_sgp > 0 * * * * echo Subnet = 54.169.0.0/17 >> /etc/tinc/myvpn/hosts/aws_sgp > 1 * * * * /usr/sbin/tincd -n myvpn -k > 1 * * * * /usr/sbin/tincd -n myvpn

Tinc team: I'm creating a vpn for my work laptop and vps and got trapped, here are my config files: on laptop: *tinc.conf Name = envy13 Device = /dev/net/tun ConnectTo = main *hosts/main Address = <my vps ext ip address> Port = 655 Subnet = 10.0.0.1/32 *hosts/envy13 Port = 655 Subnet = 10.0.0.2/32 *tinc-up #!/bin/sh ip link set myvpn up ip addr add 10.0.0.2/32 dev myvpn ip route add

Hello, Since the present tinc documentation is not very clear about this, please explain the following: is it mandatory to include the local IP address classes in the global VPN address class? Namely, please consider the following setup (which works great in practice): 1. A tinc VPN, full mesh, with n nodes (n > 3) 2. tinc runs on the firewall, which is also the default gateway for each

You know I think I've seen this once before. Got ID from db1 (10.130.39.180 port 655): 0 db1 17 Sending METAKEY to db1 It looks like it's communicating properly but there is a problem with your keys. Can you rename and regenerate your keys? On a project I'm working on when we transferred our keys to another client it put Carriage returns so there was a key mismatch. Try that and

Hi Guus, The first example was a manual connect, the second example was debug regards Robert >>> "Robert Horgan" <robert at nsasia.co.th> 13-Jun-18 10:21 AM >>> Hi, Are you sure? What happens if you manually telnet/socket 10.130.39.180 nsasia at web3:~$ telnet 10.130.39.180 655 Trying 10.130.39.180... Connected to 10.130.39.180. Escape

Hallo David, Am Mon, 6 May 2019 16:43:28 +0800 schrieb David Penn <px920906 at gmail.com>: > *tinc.conf > Name = envy13 > Device = /dev/net/tun I think, you do not need to specify "Device". (I never did) > ConnectTo = main > > *hosts/main > Address = <my vps ext ip address> > Port = 655 > Subnet = 10.0.0.1/32 > > *hosts/envy13 >

Hi, Are you sure? What happens if you manually telnet/socket 10.130.39.180 nsasia at web3:~$ telnet 10.130.39.180 655 Trying 10.130.39.180... Connected to 10.130.39.180. Escape character is '^]'. 0 db1 17 Connection closed by foreign host. Stopping the service and running debug I get: nsasia at web3:~$ sudo tincd -n gainplus -d5 -D tincd 1.0.33 starting, debug level 5

Hi, I've got a relatively simple tinc setup. I've got two "servers" that are on the public internet that act as routers for three "clients" that are behind NATs. Those servers are called aaaaa and bbbbb the clients are xxxxx, yyyyy and zzzzz Unfortunatly the servers have problems accepting a connection from the clients syslog on aaaaa: Sep 29 18:28:58 schuerrer

Hi Tinc Groups again, Now i can set syslog. But my problem still the same. When i check Tap0 configure. I know idea what's wrong that i set. I set up tap follow these. ifconfig tap0 hw ether fe:fd:00:00:00:00 ifconfig tap0 192.168.1.1 netmask 255.255.255.0 ifconfig tap0 -arp But i notice in my routing table have 2 myvpn. Like these, myvpn * 255.0.0.0

Hello, this morning I apparently had tinc crash on me. In 2 independent tinc clusters of 3 nodes each (but located in the same datacenter), one tinc process crashed in each of the clusters. One process apparently with `status=6/ABRT`, the other with `status=11/SEGV`. Interestingly, they crashed with only 5 minutes difference. The only thing I can come up with that might explain this correlation

Yes, I am sure but added another broader rule: nsasia at db1:~$ sudo ufw allow from any port 655 proto udp same result for debug example. regards Robert >>> Rafael Wolf <rfwolf at gmail.com> 13-Jun-18 5:32 PM >>> Telnet will only do tcp not udp which tinc works on. Are you sure udp 655 is open? On Wed, Jun 13, 2018, 3:51 AM Robert Horgan <robert

Hello everybody, Here are some thoughts about the authentication scheme to be used in tinc. The current scheme (see CVS version, revision CABAL) does this: Client Server --------------------------------------- send_id(u) send_challenge(R) send_chal_reply(H) send_id(u) send_challenge(R)

Hi, experts I found the tun0 is 10Mb/s and I installed vnstat to monitor the tinc vpn traffic statistic, but due to 10Mb/s, the vnstat couldn’t update it’s database due to low speed rate, so anyway to change the tun from10Mb/s to higher? [root at box1 ~]# vnstat -u Info: Traffic rate for "myvpn" higher than set maximum 10 Mbit (248->341, r735 t38), syncing. [root at box1 ~]#

Hello This link didn't work for me. As I am getting error whose meaning is - there are no options as -arch i386 -arch x86_64. How should I remove this error? On Wed, Mar 22, 2017 at 6:11 PM, 陳韋任 <chenwj.cs97g at g2.nctu.edu.tw> wrote: > Hi Aayushi, > > Seems the link [1] answers your question. > > [1] http://stackoverflow.com/questions/28640585/build- >

Hello, we currently set up a large tinc network with 2 central Nodes (these nodes connecting to each other). All satellites (ca 40) connect to these both machines. All containing two ConntectTo fields (for backup) e.g. (satellite) Name = nfp_hy Device = /dev/tun PrivateKeyFile = /etc/tinc/nfp_hy/rsa_key.priv ConnectTo = nfp_f_vpn ConnectTo = nfp_c_vpn If the count of satellites reaches