Hi,
I have some questions about running multiple tinc deamons. The docs
say you can do it to support separate VPNs, but I don't see any
examples.
I have been running a single tinc vpn for months with no problems, now
I'm trying to add a second separate vpn. I'm running the static tinc
version 1.0pre7 (built Apr 9 2002 14:00:34, protocol 14) on Debian
potato. I did not want to go through fixing up all the dependencies
for compiling the dynamically linked version on potato.
I've had to cobble up a /etc/init.d/tinc so that it I can use the
normal /etc/tinc/ tree for the setup files.
/etc/tinc/nets.boot contains:
itfvpn
microvpn
/etc/tinc/itfvpn/tinc-up contains:
#!/bin/sh
ifconfig tap0 hw ether fe:fd:0:0:0:0
ifconfig tap0 192.168.1.250 netmask 255.255.0.0
ifconfig tap0 mtu 1400
ifconfig tap0 -arp
and cat /etc/tinc/microvpn/tinc-up contains:
#!/bin/sh
ifconfig tap1 hw ether fe:fd:0:0:0:0
ifconfig tap1 172.16.1.1 netmask 255.255.0.0
ifconfig tap1 mtu 1400
ifconfig tap1 -arp
I'm using tap0 for the first tinc vpn and tap1 for the second tinc
vpn.
Is it proper to use hw ether fe:fd:0:0:0:0 for both of them?
The docs say that you must use this MAC address for the routing mode.
Also, if you run multiple tinc daemons, do you have to use different
ports?
When I run /etc/init.d/tinc start I get the following in
/var/log/daemon.log:
Dec 26 16:00:24 server2 tinc[1877]: tincd 1.0pre7 (Apr 9 2002
14:00:32) starting, debug level 2
Dec 26 16:00:24 server2 tinc[1877]: /dev/tap0 is a Linux ethertap
device
Dec 26 16:00:24 server2 tinc[1877]: Executing script tinc-up
Dec 26 16:00:24 server2 tinc[1879]: tincd 1.0pre7 (Apr 9 2002
14:00:32) starting, debug level 2
Dec 26 16:00:24 server2 tinc[1879]: /dev/tap1 is a Linux ethertap
device
Dec 26 16:00:24 server2 tinc[1879]: Executing script tinc-up
Dec 26 16:00:24 server2 tinc[1877]: Listening on 0.0.0.0 port 655
Dec 26 16:00:24 server2 tinc[1877]: Ready
Dec 26 16:00:24 server2 tinc[1877]: Trying to connect to earth
(65.113.222.15 port 655)
Dec 26 16:00:24 server2 tinc[1877]: Connected to earth (65.113.222.15
port 655)
Dec 26 16:00:24 server2 tinc[1877]: Connection with earth
(65.113.222.15 port 655) activated
Dec 26 16:00:25 server2 tinc[1879]: Can't bind to 0.0.0.0 port
655/tcp: Address already in use
Dec 26 16:00:25 server2 tinc[1879]: Unable to create any listening
socket!
Dec 26 16:00:25 server2 tinc[1879]: Unrecoverable error
Dec 26 16:00:25 server2 tinc[1879]: Restarting in 900 seconds!
The second tinc with PID[1879] can't bind to port 655.
Another question is, how does it handle the pid files for multiple
tinc daemons? The static version writes to
/usr/local/var/run/tinc.pid. If I cat this file, it only has the PID
for the second instance:
1879
So, when I run /etc/init.d/tinc stop, it only stops the second
instance.
Any help will be greatly appreciated.
Thanks,
Denny Fox
Tinc: Discussion list about the tinc VPN daemon
Archive: http://mail.nl.linux.org/lists/
Tinc site: http://tinc.nl.linux.org/