similar to: How does tinc handle "unknown cipher"?

Hello everybody, Thank you Fufu Fang for your quick reply: With tinc version 1.0.35 and the bellow options at 100% CPu load i get about 10 MB/s... PMTU = 1400 PMTUDiscovery = yes #Cipher = none Cipher = chacha20-poly1305 Digest = blake2b512 Tried Cipher = none as well and also got 10MB/s with 100% CPU on one thread the other three available threads are idle. With inc_1.1~pre17-1.1_amd64.deb

Hello everybody, First a big thanks for tinc-vpn I am still using it next to wireguard and openvpn. I am having a setup where the tinc debian appliance is at 100% cpu load doing about 7.5MB/s. Compression = 9 PMTU = 1400 PMTUDiscovery = yes Cipher = aes-128-cbc How can I pick a cipher that is the fasted for my CPU and don't create a CPU bottleneck at 100%. Kind regards, Jelle de Jong

I believe the reason why you're experiencing this problem is because tinc does not use the connection TCP port to determine which port to send UDP packets to. Instead, it uses the port that is *advertised* by the other node. https://github.com/gsliepen/tinc/blob/06b820133285f83f7e1a839cccbed13358b84081/src/protocol_auth.c#L886 That means that if node A is configured with UDP port 655,

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 hello! i would like to use tinc with public keys which are extracted from x509 certificates. the only public key format i was able to extract from certificates with openssl commands looked like this: - -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwXDZs8EBb/JyZ9daB3Zk9WHxD

Hi, We are trying to set up a Dovecot Docker image with dynamic database configuration based on environment variables, however the variables do not appear to be expanded in the "connect=" string of the SQL config. The documentation states that environment variables, being listed under global variables, work "everywhere":

Hello. I found that anonymous structures does not work on gcc-2.95. If you guys want to support a bit older platforms I suggest fixing it. You can check out patch I created to fix this issue. I just added 2 extra structures to remove anonymous structs inside connection_status_t and node_status_t. Patch is here: ftp://borg.uu3.net/pub/unix/tinc/tinc.patch Attaching it as well. Regards, Borg

Hello, should the cvs trunk compile? a configure first gave me errors. I had to replace any appearance of "[config.h]" to config.h in the Makefile. Then a make did not finish: make[2]: Entering directory `/usr/src/tinc/lib' make[2]: Nothing to be done for `all'. make[2]: Leaving directory `/usr/src/tinc/lib' Making all in src make[2]: Entering directory

Dear developers, I am interested in understanding in more details how tinc's metaprotocol works. I apologize in advance if this was already described somewhere, I could not find it in the mailing list archive. So let's say machine A has a Address= ip.b.example and manages to contact server B via the meta connection. 1) Then B's tinc daemon will send to A edge and subnet

Hi, I've got the following error when tried to compile tinc-1.0.24: gcc -g -O2 -pie -L/opt/local/lib -o tincd avl_tree.o conf.o connection.o dropin.o dummy_device.o edge.o event.o fake-getaddrinfo.o fake-getnameinfo.o getopt.o getopt1.o graph.o list.o logger.o meta.o multicast_device.o net.o net_packet.o net_setup.o net_socket.o netutl.o node.o pidfile.o process.o protocol.o

On Mar 13, 2015, at 8:21 AM, Philip Taylor <philip at kelsotowers.co.uk> wrote: > I?m a new user of NUT and the OpenUPS - in the past I?ve used APC hardware and apcupsd on Centos 6. > > I?ve built NUT 2.7.2 from source but used the OpenUPS HID driver v0.4 that?s in github. I?m using firmware version 1.5 on the openups which is the latest published version; I?ve also tried 1.7

Hello! First, nice peace of work, thx ;->> After some production server crashes with a far too early version of FreeSWAN (abaout 3 years ago) and the unwillingness to get an OpenSSL expert just to build a VPN, I was happy to read about the rather simple configuration of tinc ("Linux Magazin", a monthly Linux paper published in Germany, gave an overview of free VPN solutions in

Hi Etienne, Am 20.05.2018 um 10:58 schrieb Etienne Dechamps: > Hi Marc, > > A number of bugs have been found and fixed in the code that deals with > Windows devices in tinc 1.1: > > https://github.com/gsliepen/tinc/pull/169 > https://github.com/gsliepen/tinc/pull/173 > https://github.com/gsliepen/tinc/pull/174 > https://github.com/gsliepen/tinc/pull/181 >

Hi Marc, A number of bugs have been found and fixed in the code that deals with Windows devices in tinc 1.1: https://github.com/gsliepen/tinc/pull/169 https://github.com/gsliepen/tinc/pull/173 https://github.com/gsliepen/tinc/pull/174 https://github.com/gsliepen/tinc/pull/181 https://github.com/gsliepen/tinc/pull/182 Unfortunately, these fixes have not made it in a tinc 1.1 release yet, but

Hi, It seems that some versions of ssh-agent get confused by ECDSA-SK keys. >From my OpenBSD-current laptop, I'm trying to do remote system adminstration on a machine running Debian 8 with the stock ssh package (OpenSSH_6.7p1 Debian-5+deb8u8, OpenSSL 1.0.2l 25 May 2017). I need access to a remote gitlab server to fetch files with git, using an ED25519 key in my ssh-agent. Once connected

I got the file that was sent to me the other day. Unfortunitly it did not solve my problems. After a lot of hacking I have been able to get release 1.0 to almost compile. I have finally gotten all of the dependancies worked out under OpenBSD 3.2. This next error has me stumped. I can tell that it is looking for a file but have no idea how to create the file. This is the output of the the

On 17/05/17 21:50, Jared Ledvina wrote: > Were you ever able to make any further > progress on adjusting Tinc based on the investigation in > https://github.com/gsliepen/tinc/issues/110 ? Hi Jared, No, not yet. I list a few ways for potential improvements in the ticket, but the one that I suspect would do most on the type of virtualisation that DigitalOcean does is to add a feature to

Hi Todd, I did some tests with NDIS 6 TAP-Windows about three years ago. The outcome of that was https://github.com/gsliepen/tinc/pull/73/commits/ 0c010ff9fe50b4046b5c7977bafac3e74037f075 It was a long time ago and I don't remember the details, but I remember I was quite confused because I couldn't explain why OpenVPN did not seem to exhibit any performance issues on the same driver,

I'm using Tinc 1.1pre14 and I'm trying to connect a node that is behind a firewall that blocks all non-standard ports. I set up a rule in the server to redirect port 25 (that is not used in the server right now) to port 655, both in tcp and udp protocols, and set up the port 25 in the server host configuration file. The client can reach the server, but after the initial sync and key

I've just done a little "study" (well, nothing quite that pretentious) of the traffic hitting my router, that gets DROPped the router's firewall. there is a surprisingly (to me, at least) enormous amount of it. over about the last 3 weeks, it has dropped over 65,000 connection attempts. I finally got around to figuring out how to have the router's logging mechanism connect

-------- Original Message -------- Subject: Re: [CentOS] Virtualization Networking From: John R Pierce <pierce at hogranch.com> Date: Wed, September 28, 2016 12:54 pm To: CentOS mailing list <centos at centos.org> On 9/28/2016 8:43 AM, tdukes at palmettoshopper.com wrote: > I'm a little confused on which networking option I need to choose when > setting up a VM. the host