Dear all,
I have been successfully running for quite some time a tinc 1.1 network in
switch mode. I recently added a new node, that refuses to communicate over
UDP.
Running "tinc info mynode" from a different box returns:
Reachability: directly with TCP
It appears that tincd is not listening on UDP port 655 on "mynode".
Running
"ss -nlptu | grep tincd":
tcp LISTEN 0 3 *:655 *:*
users:(("tincd",pid=10097,fd=6))
In the log there is a large number of these messages:
Received UDP packet from unknown source 123.321.123.321 port 655
I am puzzled how is tincd getting the packets if it is not listening on
655/UDP.
When I start netcat on the node on port 655/UDP I can see garbage coming in
from the other nodes trying to initiate an UDP connection.
Would you have any hints where to start debugging this? All machines are
configured the same way and work fine (various linux versions, windows).
This particular box is on Ubuntu Xenial kernel 4.3.5.
Best,
Petr
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://www.tinc-vpn.org/pipermail/tinc/attachments/20160713/50c91c73/attachment.html>
That's strange. Can you post a detailed log from the affected node (run tincd -d5 -D), especially the initialization phase? On 13 July 2016 at 16:17, Petr Man <petr at madnetwork.org> wrote:> Dear all, > > I have been successfully running for quite some time a tinc 1.1 network in > switch mode. I recently added a new node, that refuses to communicate over > UDP. > Running "tinc info mynode" from a different box returns: > Reachability: directly with TCP > > It appears that tincd is not listening on UDP port 655 on "mynode". > Running "ss -nlptu | grep tincd": > tcp LISTEN 0 3 *:655 *:* > users:(("tincd",pid=10097,fd=6)) > > In the log there is a large number of these messages: > Received UDP packet from unknown source 123.321.123.321 port 655 > > I am puzzled how is tincd getting the packets if it is not listening on > 655/UDP. > > When I start netcat on the node on port 655/UDP I can see garbage coming > in from the other nodes trying to initiate an UDP connection. > > Would you have any hints where to start debugging this? All machines are > configured the same way and work fine (various linux versions, windows). > This particular box is on Ubuntu Xenial kernel 4.3.5. > > Best, > Petr > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160713/f7b4fccb/attachment.html>
Have anything to do with firewall locations, meaning home vs work vs public vs lockdown. Probably not it at all. On Jul 13, 2016 3:22 PM, "Etienne Dechamps" <etienne at edechamps.fr> wrote:> That's strange. Can you post a detailed log from the affected node (run > tincd -d5 -D), especially the initialization phase? > > On 13 July 2016 at 16:17, Petr Man <petr at madnetwork.org> wrote: > >> Dear all, >> >> I have been successfully running for quite some time a tinc 1.1 network >> in switch mode. I recently added a new node, that refuses to communicate >> over UDP. >> Running "tinc info mynode" from a different box returns: >> Reachability: directly with TCP >> >> It appears that tincd is not listening on UDP port 655 on "mynode". >> Running "ss -nlptu | grep tincd": >> tcp LISTEN 0 3 *:655 *:* >> users:(("tincd",pid=10097,fd=6)) >> >> In the log there is a large number of these messages: >> Received UDP packet from unknown source 123.321.123.321 port 655 >> >> I am puzzled how is tincd getting the packets if it is not listening on >> 655/UDP. >> >> When I start netcat on the node on port 655/UDP I can see garbage coming >> in from the other nodes trying to initiate an UDP connection. >> >> Would you have any hints where to start debugging this? All machines are >> configured the same way and work fine (various linux versions, windows). >> This particular box is on Ubuntu Xenial kernel 4.3.5. >> >> Best, >> Petr >> >> _______________________________________________ >> tinc mailing list >> tinc at tinc-vpn.org >> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >> >> > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160713/6f754acd/attachment.html>