similar to: Port used for meta-connection and data transfer

Hi there, I would need some help with my configuration. I have tried a long time, but did not find my error. Thus I would really appreciate your help. There are three hosts: 1. h181 2. h182: Should ConnectTo h181 3. h183: Should ConnectTo h181 *Files under /etc/tinc/vpn0/hosts* [h181:] Address = 94.130.108.xxx Subnet = 172.16.1.1/32 -----BEGIN RSA PUBLIC KEY----- *** -----END RSA PUBLIC

Hi - Thanks to Sven-Haegar and Donald, but still having issues setting up with Windows. Machine1 can't ping the VPN address of machine2. Regular IPv4 address for both machines in 192.168.1.xxx range. Router: Forwarding port 655 to 101.102.103.1, UDP and TCP Forwarding port 656 to 101.102.103.2, UDP and TCP Tinc.conf on machine user1 just three lines: Name = vpnuser1 ConnectTo =

Hi, Thanks to John Wice for helping me with an earlier question. My two PCs behind the same router are still having problems connecting. Would appreciate thoughts on what I?m doing wrong? Router: Port 655 forwarded to 192.168.1.45, both TCP and UDP Port 656 forwarded to 192.168.1.51, both TCP and UDP Machine #1. ========== Local IP address on LAN = 192.168.1.45 Windows Firewall

Thanks. I played with it some more, and finally got it working. I am willing to write up a detailed how-to, including screen shots, if you guys are interested. Just tell me in what format you want the write-up. Cheers, From: Daniel J. Grinkevich Sent: Wednesday, July 22, 2015 7:26 AM To: tinc at tinc-vpn.org Subject: RE: Please help debug Windows setup Your port forward needs to

Hello Lars, Thanks for your feedback. Unfortunately I made an error in writing the network I expected to connect to. I meant 10.3.0.0/24 The one I wrote in fact was one network of the already established VPN. I have included full details of my relevant files below. Background: I am trying to set up a second VPN between two servers: gtdb and db2. Both servers are already part of separate

Hello, First of all thank you very much for Tinc. I have been using 1.0.24 under Debian & Alpine Linux 32 bit using 'BindToAddress' in tinc.conf without any issues to bind to an IPv6 ULA Address. With 1.1pre10 'BindToAddress' in tinc.conf on the client machines fails with: ============================================================================== tincd 1.1pre10 (Jun

Make sure your router supports nat reflection and has it enabled. On Mon, Jul 13, 2015 at 5:44 PM, Adam Macielinski <adam at macielinski.net> wrote: > Hi, > > > > Thanks to John Wice for helping me with an earlier question. My two PCs > behind the same router are still having problems connecting. Would > appreciate thoughts on what I?m doing wrong? > > > >

Hi, Lars Thanks for your suggestion, will give it a try later to see how it performs. But, yesterday, I did a below test: A ConnectTo B and C, B ConnectTo D, C ConnectTo D; All nodes turned "IndirectData" on in its host configuration, so the tunnel only follow metacomnection instead of direct connect. D announced default route by having the Subnet = 0.0.0.0/0 statement in its host

Hi Lars, Appreciate all your help, unfortunately the problem remains. I've marked up below: >>> Lars Kruse <lists at sumpfralle.de> 22-May-19 4:02 PM >>> Hello Robert, Am Mon, 20 May 2019 11:11:39 +0700 schrieb "Robert Horgan" <Robert at gainplus.asia>: > These are my files: > > On server 1: db2 > > /etc/tinc/nets.boot > # >

Hi, Tinc expert If there’re multiple tinc nodes announce default route in their host configuration of Subnet = 0.0.0.0/0, how for the remaining nodes to select which is the best route to get out? All of them participant in the same tinc net. I did some test, like A as the branch, B,C,D as the nodes to announce default route; when all up , A select B, but if B down, A will go C, C down, A will

On Tue, May 24, 2016 at 08:17:07AM +0200, Niklaas Baudet von Gersdorff wrote: > I want to serve IPv4 subnets 10.1.0.0/16 (machine A) and 10.2.0.0/16 > (machine B), and IPv6 subnets fd16:dcc0:f4cc:0:0:1::/96 (machine A) and > fd16:dcc0:f4cc:0:0:2::/96 (machine B) respectively. The jails are > connected on lo1. [...] > A $ cat /usr/local/etc/tinc/klaas/tinc-up > ifconfig

Folks, We have a setup where each mobile node connects with 1 or more tinc instances (over different links) to a central node. tinc is running in switch mode. The link is chosen by setting the IP address on the active link's interface, and the central node sees this after the first packet on the link, and moves the MAC address to a different 'ethernet port' (link). This works really

Hi, we use a tinc network of about 400 nodes, all of them linux servers, partly in different datacenters (but generally low latency). Usually this is working very well (for weeks without a problem). >From time to time the whole network goes down though. This happened when we restarted a larger number of servers or when there was a connectivity issue between datacenters or some (short)

Hi, Etienne I took a look for the below host configuration parameter (IndirectData), the default is no. For the below example: A ConnectTo B, B ConnectTo C: If IndirectData = no (default), then A wouldn’t establish direct connection with C, but will be forwarded by B. If IndirectData = yes, then A will try to establish direct connection with C, even though A don’t have the statement of

H, Narcissus Quick one for the below case, if node A have a direct connection to node B, and node B have a connection to node X, then I found node A will be able to talk to node X, but the communication path is go through node B, instead of build direct connection between A and X, is that right? I tested this in my environment. A >> B >> X > On 1 May 2017, at 3:07 PM, Narcissus

Hi, Etienne Thanks for your clarification, and this helped a lot. And in order to get a better understanding for the mechanism of Tinc and the purpose of ConnectTo statement, can I think the ConnectTo is the way to get the node into the Tinc VPN domain, instead of establish VPN connection between nodes. Once any node ConnectTo the Tinc VPN domain, it learns all other nodes, subnets, and

Oh, thanks, in my current case, I haven’t config “Address” parameter in A’s host config, is this will make A prohibited it listen on the tinc ports? Question: 1. if I config “Address” in A’s config, and even though A is in a private subnet, it might still possible for A to establish connection with X(X is public IP address)? 2. If there any parameter to disable the direct connection discovery,

The server has a 1G symmetrical fibre line. It has been speedtested to various local servers to be close to 800-900M. When there is only a single client, there isn't much problem and as soon as the connection is made, the ping time through to tunnel is a respectable 30ms. As soon as a few more clients are connected, ping time degrades to hundreds and sometimes seconds and with dropped packets.

I don't really think Address config in node description will decide it will listening for the public connection or not. From my own case, even if a real private node(pppoe dynamic address, tcp port listening not allowed, but Udp allowed) can have a p2p direct connection, I think it based on udp NAT traverse, but if you use TCPonly for this node, and also forbidden the incoming traffic to this

Hi, Tinc Expert in my tinc.conf, the ConnectTo to host X is commented, like below: #ConnectTo = X and there is a script: /etc/tinc/netname/hosts/X-up, I thought commented the ConnectTo X wouldn’t trigger the X-up, but it did. Why? What’s the logic behind to trigger host-up? How can I avoid this except remove the host-up file? Bright Zhao