tinc - Jun 2001 - Error: cannot route packet - please help

Hi,

I?m fighting with a silly problem: my syslog tells me tinc cannot route
a packet. I can use a telnet or the good ol ping, it is the same effect.

When I?m pinging from the laptop (172.16.11.2) the network address
(172.16.11.0) or any address numerically lower than the laptops address,
the packet gets routed, otherwise not. And when I ping the network
address, I get the reply twice, as to be expected. When I ping from the
server (172.16.11.254) the return packet from 172.16.11.2 to
172.16.11.254 doesn?t get routed.

My first setup is quite simple:
one host at home, with dynDNS and a laptop using a dial up connection

the host at home:

tinc-up (works fine):
#!/bin/sh
ifconfig tap0 down
ifconfig tap0 hw ether fe:fd:00:00:00:00
ifconfig tap0 172.16.11.254 broadcast 172.16.11.255 netmask
255.255.255.0
ifconfig tap0 -arp

tinc.conf:
Name = janus
Hostnames = no
KeyExpire = 3600
PingTimeout = 60
PrivateKeyFile = /etc/tinc/p21.net/rsa_key.priv
TapDevice = /dev/tap0

/sbin/ifconfig tap0
tap0      Link encap:Ethernet  HWaddr FE:FD:00:00:00:00
          inet addr:172.16.11.254  Bcast:172.16.11.255
Mask:255.255.255.0
          UP BROADCAST RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:33 errors:0 dropped:0 overruns:0 frame:0
          TX packets:46 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          Interrupt:5


the laptop
tinc-up:
#!/bin/sh
ifconfig tap0 down
ifconfig tap0 hw ether fe:fd:00:00:00:00
ifconfig tap0 172.16.11.2 broadcast 172.16.11.255 netmask 255.255.255.0
ifconfig tap0 -arp

tinc.conf:
Name = ghost
ConnectTo = janus
Hostnames = no
KeyExpire = 3600
PingTimeout = 60
PrivateKeyFile = /etc/tinc/p21.net/rsa_key.priv
TapDevice = /dev/tap0

/sbin/ifconfig tap0
tap0      Link encap:Ethernet  HWaddr FE:FD:00:00:00:00
          inet addr:172.16.11.2  Bcast:172.16.11.255  Mask:255.255.255.0

          UP BROADCAST RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:1152 (1.1 Kb)
          Interrupt:5


the syslog of the laptop:
Jun  1 01:12:05 ghost tinc.p21.net[1377]: Read packet of length 98 from
tap device
Jun  1 01:12:05 ghost tinc.p21.net[1377]: Cannot route packet: unknown
destination address 172.16.11.254
Jun  1 01:19:23 ghost tinc.p21.net[1377]: Subnet list:
Jun  1 01:19:23 ghost tinc.p21.net[1377]:  1,ac100b00/ffffff00 owner
janus
Jun  1 01:19:23 ghost tinc.p21.net[1377]:  1,ac100b02/ffffffff owner
ghost
Jun  1 01:19:23 ghost tinc.p21.net[1377]: End of subnet list.

on both hosts:
hosts/janus:
Address = janus.xxx.yyy.org
Port = 655
Subnet = 172.16.11.0/24
-----BEGIN RSA PUBLIC KEY-----
xxx
-----END RSA PUBLIC KEY-----

hosts/ghost:
Port = 655
Subnet = 172.16.11.2/32
-----BEGIN RSA PUBLIC KEY-----
xxx
-----END RSA PUBLIC KEY-----

thank?s for help

Johnny


-
Tinc:         Discussion list about the tinc VPN daemon
Archive:      http://mail.nl.linux.org/lists/
Tinc site:    http://tinc.nl.linux.org/

On Fri, Jun 01, 2001 at 01:41:20AM +0200, Johannes Lode wrote:
> I?m fighting with a silly problem: my syslog tells me tinc cannot route
> a packet. I can use a telnet or the good ol ping, it is the same effect.
I duplicated your setup, and I could reproduce your problem. I'm afraid it
is a
bug in tinc. I will fix it ASAP and let you know. In the meantime, see if you
can avoid using overlapping subnets. Thanks for the report!

-- 
Met vriendelijke groet / with kind regards,
  Guus Sliepen <guus@sliepen.warande.net>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url :
http://brouwer.uvt.nl/pipermail/tinc/attachments/20010601/e596765b/attachment.pgp

On Fri, Jun 01, 2001 at 01:41:20AM +0200, Johannes Lode wrote:
> I?m fighting with a silly problem: my syslog tells me tinc cannot route
> a packet. I can use a telnet or the good ol ping, it is the same effect.
It is fixed in the CVS version. Let us know if you have any further problems!

-- 
Met vriendelijke groet / with kind regards,
  Guus Sliepen <guus@sliepen.warande.net>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url :
http://brouwer.uvt.nl/pipermail/tinc/attachments/20010601/2b65dd75/attachment.pgp