similar to: config help & pid file not existing issue

Hallo David, Am Mon, 6 May 2019 16:43:28 +0800 schrieb David Penn <px920906 at gmail.com>: > *tinc.conf > Name = envy13 > Device = /dev/net/tun I think, you do not need to specify "Device". (I never did) > ConnectTo = main > > *hosts/main > Address = <my vps ext ip address> > Port = 655 > Subnet = 10.0.0.1/32 > > *hosts/envy13 >

Hi Parke, Thanks for replying. I mkdir it, kill tinc and restart, nothing in config changed, and it works! I don't know what's behind but I should've try system "kill" rather than tinc's stop/restart stuff... Parke <parke.nexus at gmail.com> 于2019年5月7日周二 上午5:12写道： > On Mon, May 6, 2019 at 2:12 AM David Penn <px920906 at gmail.com> wrote: > > > On

Hi, Guus Thanks a lot for your suggestion, actually I did something else as below. But one question here is if I don’t add "/sbin/ifconfig myvpn 10.0.0.1 netmask 255.255.255.0”, it seems the crontab wouldn’t trigger tinc-up, and then the ip addr of myvpn wouldn’t be configured, then it will prompt the error of "Can't write to Linux tun/tap device (tun mode) /dev/net/tun:

Hi, All Due to some routing rotation purpose, I use crontab to add below info: 0 * * * * echo Subnet = 54.169.128.0/17 >> /etc/tinc/myvpn/hosts/aws_sgp 0 * * * * echo Subnet = 54.169.0.0/17 >> /etc/tinc/myvpn/hosts/aws_sgp 1 * * * * /usr/sbin/tincd -n myvpn -k 1 * * * * /usr/sbin/tincd -n myvpn --debug=3 30 * * * * sed -i '/54.169.128.0\/17/d' /etc/tinc/myvpn/hosts/aws_sgp

Hello, this morning I apparently had tinc crash on me. In 2 independent tinc clusters of 3 nodes each (but located in the same datacenter), one tinc process crashed in each of the clusters. One process apparently with `status=6/ABRT`, the other with `status=11/SEGV`. Interestingly, they crashed with only 5 minutes difference. The only thing I can come up with that might explain this correlation

Hi, experts for example, the below case: You can see a lot of back and forth MTU probe packets been exchanged between tinc nodes, but it’s weird that, from the debug log, one line shows "No response to MTU probes from node1”, but it indeed received a lot of MTU probe response, and finally it get the conclusion of "Packet for node1 (1.1.1.1 port 443) larger than minimum MTU”.

Hi Tinc Groups again, Now i can set syslog. But my problem still the same. When i check Tap0 configure. I know idea what's wrong that i set. I set up tap follow these. ifconfig tap0 hw ether fe:fd:00:00:00:00 ifconfig tap0 192.168.1.1 netmask 255.255.255.0 ifconfig tap0 -arp But i notice in my routing table have 2 myvpn. Like these, myvpn * 255.0.0.0

Hello, Since the present tinc documentation is not very clear about this, please explain the following: is it mandatory to include the local IP address classes in the global VPN address class? Namely, please consider the following setup (which works great in practice): 1. A tinc VPN, full mesh, with n nodes (n > 3) 2. tinc runs on the firewall, which is also the default gateway for each

On Mon, May 6, 2019 at 2:12 AM David Penn <px920906 at gmail.com> wrote: > On both nodes I installed 1.1pre17 (laptop from aur package, vps using make install), and when I use commands like "tinc stop","tinc dump nodes", it says "Could not open pid file /usr/local/var/run/tinc.pid: No such file or directory". > Does this matter? or even the previous

1. Is there any tools/command, we can show the subnet where a certain tinc nodes learnt? So that I can know the weight for certain subnet(in real time), instead of go back to the node’s (who advertise the subnet) configuration file to check. 2. So far in order to change the weight of a subnet, or something else, I have to reset the tinc daemon( tincd -k -n myvpn and then tincd -n myvpn) in

Hi, Tinc experts Diagram as below, A is trying to access host X behind C: A >> B >> C — “host X" B is the tinc server for A, but also B is the tinc client to connect to C. My question is, if I only use one VPN (/etc/tinc/myvpn), then the host configuration for B will be tricky. As the tinc server to A, B’s host config (/etc/tinc/myvpn/hosts/B) needs have the Subnet = X/32,

There is no concept of "client" or "server" in tinc. tinc is purely peer-to-peer. "ConnectTo" statements only indicate which node will attempt to establish the initial connection, but once the connection is established, direction does not matter. It is unclear from your message which node is responsible for which subnet. If X/32 truly belongs to C, then simply set

Hi, Etienne In addition, is there any option or switch can turn of the automatic direct connection? For the example below, even A has the route to C and can establish UDP connection directly, but I need the traffic to go through B, how can I achieve that easily? (instead of remove something from A’s routing table, or manually block the connection between A and C) > On 1 May 2017, at 6:28 PM,

I found the server(1.1.1.1) didn’t receive the MTU probe from client, so I add iptables -A INPUT -p udp —port 443 -j ACCEPT. After this, I see one packet matching on the server side, and the MTU negotiation works, but when I tear down the tinc, and re-establish the tinc connection, the counter of below UDP/443 never increase, and also my other tinc nodes never add this statement on iptables, but

Folk, My network is described and illustrated here. http://carnot.yi.org/NetworksPage.html To allow Cantor and Dalton, in the vpn zone connected to Joule through tun0, to SMTP to my ISP, I tried this in /etc/shorewall/masq. #INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC MARK eth0 tun0 Shorewall complains. 07:21:58 Setting up Masquerading/SNAT... 07:21:58 To 0.0.0.0/0

Hi, Can you help me explain some behaviour please? I've 2 tinc clients that happen to be on the same network and behind the same NAT gateway. They've been working for ages. Without anything changing, they've stopped. They both died, in sequence while I was actively connected to them and using an SSH session. When I check the logs of another tinc node they connect to I see

Hi, Can you help me explain some behaviour please? I've 2 tinc clients that happen to be on the same network and behind the same NAT gateway. They've been working for ages. Without anything changing, they've stopped. They both died, in sequence while I was actively connected to them and using an SSH session. When I check the logs of another tinc node they connect to I see

On Fri, May 26, 2017 at 09:30:44AM +0800, Bright Zhao wrote: > Due to some routing rotation purpose, I use crontab to add below info: > > 0 * * * * echo Subnet = 54.169.128.0/17 >> /etc/tinc/myvpn/hosts/aws_sgp > 0 * * * * echo Subnet = 54.169.0.0/17 >> /etc/tinc/myvpn/hosts/aws_sgp > 1 * * * * /usr/sbin/tincd -n myvpn -k > 1 * * * * /usr/sbin/tincd -n myvpn

Hi Lars, I have no experience to use tcpdump, here is the output from TCPdump for your reference. Any idea? Use my home PC to ping company PC 01:00:25.154706 ethertype IPv4, IP 192.168.1.2 > 10.0.0.2: ICMP echo request, id 1, seq 17, length 40 01:00:25.154706 IP 192.168.1.2 > 10.0.0.2: ICMP echo request, id 1, seq 17, length 40 01:00:25.154706 IP 192.168.1.2 > 10.0.0.2: ICMP echo

Hi, Etienne I took a look for the below host configuration parameter (IndirectData), the default is no. For the below example: A ConnectTo B, B ConnectTo C: If IndirectData = no (default), then A wouldn’t establish direct connection with C, but will be forwarded by B. If IndirectData = yes, then A will try to establish direct connection with C, even though A don’t have the statement of