-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Analyzing a routing problem in a tinc net I found, that a declaration of a class-A subnet (x.0.0.0/8) in a host configuration file is ignored, e.g. Subnet = x.0.0.0/8 Looking at the subnet lists produced with kill -USR2 does not show this subnet in the log (but all others, that are configured in the same file). Splitting the subnet in two /9 subnets helps: Subnet = x.0.0.0/9 Subnet = x.128.0.0/9 Now all works fine. All tests are done with tinc version 1.0.13. Is there a lower bound for the prefixlength of a subnet declaration in the host file? If it is true, it should be mentioned in the documentation and a warning in the log should mention something like an "ignored subnet". Cheers Flynn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlTVHY0ACgkQCU362QD15RKvawCgj6ghICh5RtcdCNIWAmlPP3fF AMUAoI9DcRDY+dK28okntt3pK7yojof4 =L8ie -----END PGP SIGNATURE-----
On Fri, Feb 06, 2015 at 09:01:21PM +0100, Flynn Marquardt wrote:> Analyzing a routing problem in a tinc net I found, that a declaration of > a class-A subnet (x.0.0.0/8) in a host configuration file is ignored, e.g. > > Subnet = x.0.0.0/8[...]> Splitting the subnet in two /9 subnets helps: > > Subnet = x.0.0.0/9 > Subnet = x.128.0.0/9 > > All tests are done with tinc version 1.0.13.Could it be that the Subnet declaration was on the last line of the file? There is a bug in 1.0.13 (fixed in 1.0.14) that causes it to ignore the last line of a config file if it doesn't end with a newline character. You might have fixed it when you replaced it with two /9 Subnets. If so, try changing it back to one /8 again. Otherwise, there is no lower limit. You can in fact add Subnet 0.0.0.0/0, which is used for example in this example: http://tinc-vpn.org/examples/redirect-gateway/ -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20150206/5d9cca03/attachment.sig>
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Am 06.02.2015 um 21:36 schrieb Guus Sliepen:> On Fri, Feb 06, 2015 at 09:01:21PM +0100, Flynn Marquardt wrote: > >> Analyzing a routing problem in a tinc net I found, that a declaration of >> a class-A subnet (x.0.0.0/8) in a host configuration file is ignored,e.g.>> >> Subnet = x.0.0.0/8 > [...] >> Splitting the subnet in two /9 subnets helps: >> >> Subnet = x.0.0.0/9 >> Subnet = x.128.0.0/9 >> >> All tests are done with tinc version 1.0.13. > > Could it be that the Subnet declaration was on the last line of the > file? There is a bug in 1.0.13 (fixed in 1.0.14) that causes it to > ignore the last line of a config file if it doesn't end with a newline > character. You might have fixed it when you replaced it with two /9 > Subnets. If so, try changing it back to one /8 again.I also thought on this potential source of problem (other daemons do often have this problem too) and already moved the line up - it did not help ... Flynn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlTVKc4ACgkQCU362QD15RLOrgCeP6cLmf+o2ijRmbyV+ArG8nkQ g8IAnR3EZHHRgqLTEWZf+eFd97gcTI1N =NpJW -----END PGP SIGNATURE-----