Dear tinc community,
I am using tinc in switch mode. I have three nodes. Two nodes reside on
routers, vpn-eth is bridged with internal lan, each router has several
machines connected to it's internal lan. Third node is the roadwarrior -
"endpoint" linux PC.
When the roadwarrior is off - everything works perfectly, machines on both
sides can communicate without a problem in any direction. When I turn on
the roadwarrior - everything goes crazy: packet loss becomes huge (90%)
even for machines, which worked perfectly before, ping shows duplicate
packets. When I turn off the roadwarrior again - everything returns to the
working state.
Router1 and Roadwarrior3 are using tinc 1.0.23 version. Router2 uses
v1.0.19 because newer is not present in the repository :(.
Here are the configs:
hosts folders are exactly the same on all nodes:
$ cat hosts/central_router
Address = 88.77.66.55
-----BEGIN RSA PUBLIC KEY-----
...
-----END RSA PUBLIC KEY-----
$ cat hosts/karl_router
TCPonly = yes
-----BEGIN RSA PUBLIC KEY-----
...
-----END RSA PUBLIC KEY-----
cat hosts/daniel_mpc
-----BEGIN RSA PUBLIC KEY-----
...
-----END RSA PUBLIC KEY-----
Router1:
Router1: $ ifconfig
br0 inet addr:192.168.10.1 Bcast:192.168.255.255 Mask:255.255.0.0
Router1: $ brctl show
bridge name bridge id STP enabled interfaces
br0 8000.d850e6503710 no vlan1
eth1
eth2
pvpn
Router1: $ cat /opt/etc/tinc/pvpn/tinc.conf
Name = central_router
Mode = switch
Router1: $ cat /opt/etc/tinc/pvpn/tinc-up
#!/bin/sh
ifconfig $INTERFACE 0.0.0.0
brctl addif br0 $INTERFACE
ifconfig $INTERFACE up
Router 2:
Router2: $ ifconfig:
br-lan inet addr:192.168.0.1 Bcast:192.168.255.255 Mask:255.255.0.0
Router2: $ brctl show:
bridge name bridge id STP enabled interfaces
br-lan 7fff.c63dc790c598 no eth0.1
pvpn
wlan0
Router2: $ cat /etc/tinc/pvpn/tinc.conf
Name = karl_router
Mode = switch
ConnectTo = central_router
Router2: $ cat /etc/tinc/pvpn/tinc-up
#!/bin/sh
ifconfig $INTERFACE 0.0.0.0
#brctl addif br-lan $INTERFACE
ifconfig $INTERFACE up
Roadwarrior3:
Roadwarrior3: $ cat /etc/tinc/pvpn/tinc.conf
Name = daniel_mpc
Mode = switch
ConnectTo = central_router
Roadwarrior3: $ cat /etc/tinc/pvpn/tinc-up
#!/bin/sh
ifconfig $INTERFACE 192.168.3.150 netmask 255.255.0.0
ifconfig $INTERFACE up
Roadwarrior3: $ ifconfig
eth0 inet addr:192.168.1.72 Bcast:192.168.1.255 Mask:255.255.255.0
Testing:
I run ping from the machine5 (192.168.0.25/16) on the Router2's internal
network to the machine4 (192.168.10.11/16) on the net of Router1
If Roadwarrior3 is down, i observer normal behavior:
@machine5:~$ ping 192.168.10.11
Ping statistics for 192.168.10.11:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 5ms, Average = 3ms
Now I start tincd on Roadwarrior:
@machine5:~$ ping 192.168.10.11
Ping statistics for 192.168.10.11:
Packets: Sent = 4, Received = 1, Lost = 3 (75% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 2ms, Average = 2ms
running ping from Router1 (192.168.10.1), roadwarrior is running:
@Router1:~$ ping 192.168.0.25
64 bytes from 192.168.0.25: seq=0 ttl=64 time=10.270 ms
64 bytes from 192.168.0.25: seq=0 ttl=64 time=54.674 ms (DUP!)
64 bytes from 192.168.0.25: seq=1 ttl=64 time=2.380 ms
64 bytes from 192.168.0.25: seq=1 ttl=64 time=46.640 ms (DUP!)
^C
--- 192.168.0.25 ping statistics ---
2 packets transmitted, 2 packets received, 2 duplicates, 0% packet loss
round-trip min/avg/max = 2.380/28.491/54.674 ms
Ping to/from Roadwarrior also shows above 90% packet loss.
Best regrads, Mykola
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://www.tinc-vpn.org/pipermail/tinc/attachments/20140110/65241534/attachment.html>