Hi Thanks removing the first line "ip tuntap add dev $INTERFACE mode tun" seems to have helped regarding the tun error, however it is not connecting. If I stop the tinc service and then run: root at web3:~# tincd -n gainplus -d -D tincd 1.0.33 starting, debug level 1 /dev/net/tun is a Linux tun/tap device (tun mode) Listening on 10.130.69.123 port 655 Ready Trying to connect to db1 (10.130.39.180 port 655) Timeout from db1 (10.130.39.180 port 655) during authentication Could not set up a meta connection to db1 Trying to re-establish outgoing connection in 5 seconds Trying to connect to db1 (10.130.39.180 port 655) ^\Got QUIT signal Statistics for Linux tun/tap device (tun mode) /dev/net/tun: total bytes in: 0 total bytes out: 0 Closing connection with db1 (10.130.39.180 port 655) Closing connection with web3 (MYSELF) db1 firewall is OK (existing tinc traffic connecting and PF rule for this server in place) and I wonder whether the message Timeout from db1 (10.130.39.180 port 655) during authentication indicates a connection failing authentication Both 18.04 servers indicating same problem thanks>>> "Robert Horgan" <robert at nsasia.co.th> 11-Jun-18 8:43 AM >>>I currently am using tinc 1.0.33 on a 4 node Ubuntu 14.04 server network at Digital Ocean connecting on the Eth1 private network interfaces. This works great. Recently I added two more Ubuntu 18.04 servers at the same location and attempted to link them to the Tinc mesh already established. The 18.04 servers do not allow me to use the net-tools ipconfig command and so I have adapted my tinc-up commands to use iproute2 commands. #!/bin/sh # tinc-up ip tuntap add dev $INTERFACE mode tun ip addr add 10.0.0.3/24 dev $INTERFACE ip link set dev $INTERFACE up However, when I run this command I get the error Error: either "name" is duplicate, or "tun" is a garbage. Command line is not complete. Try option "help" Cannot find device "up" I have tried variations of the commands in the tinc-up file, but cannot get a result without errors. my /etc/tinc/vpn/tinc.conf file: Name = web3 AddressFamily = ipv4 BindToAddress = 10.132.115.166 (changed) Interface = tun0 ConnectTo = db1 systemctl status tinc: tinc.service - Tinc VPN Loaded: loaded (/lib/systemd/system/tinc.service; enabled; vendor preset: enabled Question, when using iproute2 on ubuntu 18.04 should I use a different configuration for tinc-up? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20180612/ed0fb415/attachment.html>
it looks like the variable $INTERFACE has no value Saverio 2018-06-12 12:11 GMT+02:00 Robert Horgan <robert at nsasia.co.th>:> Hi Thanks > > removing the first line "ip tuntap add dev $INTERFACE mode tun" seems to > have helped regarding the tun error, however it is not connecting. If I > stop the tinc service and then run: > > root at web3:~# tincd -n gainplus -d -D > tincd 1.0.33 starting, debug level 1 > /dev/net/tun is a Linux tun/tap device (tun mode) > Listening on 10.130.69.123 port 655 > Ready > Trying to connect to db1 (10.130.39.180 port 655) > Timeout from db1 (10.130.39.180 port 655) during authentication > Could not set up a meta connection to db1 > Trying to re-establish outgoing connection in 5 seconds > Trying to connect to db1 (10.130.39.180 port 655) > ^\Got QUIT signal > Statistics for Linux tun/tap device (tun mode) /dev/net/tun: > total bytes in: 0 > total bytes out: 0 > Closing connection with db1 (10.130.39.180 port 655) > Closing connection with web3 (MYSELF) > > db1 firewall is OK (existing tinc traffic connecting and PF rule for this > server in place) and I wonder whether the message > Timeout from db1 (10.130.39.180 port 655) during authentication > indicates a connection failing authentication > > Both 18.04 servers indicating same problem > > thanks > > > > >>>> "Robert Horgan" <robert at nsasia.co.th> 11-Jun-18 8:43 AM >>> > I currently am using tinc 1.0.33 on a 4 node Ubuntu 14.04 server network at > Digital Ocean connecting on the Eth1 private network interfaces. This works > great. > > Recently I added two more Ubuntu 18.04 servers at the same location and > attempted to link them to the Tinc mesh already established. The 18.04 > servers do not allow me to use the net-tools ipconfig command and so I have > adapted my tinc-up commands to use iproute2 commands. > > #!/bin/sh > # tinc-up > ip tuntap add dev $INTERFACE mode tun > ip addr add 10.0.0.3/24 dev $INTERFACE > ip link set dev $INTERFACE up > > However, when I run this command I get the error > Error: either "name" is duplicate, or "tun" is a garbage. > Command line is not complete. Try option "help" > Cannot find device "up" > > I have tried variations of the commands in the tinc-up file, but cannot get > a result without errors. > > my /etc/tinc/vpn/tinc.conf file: > Name = web3 > AddressFamily = ipv4 > BindToAddress = 10.132.115.166 (changed) > Interface = tun0 > ConnectTo = db1 > > systemctl status tinc: > tinc.service - Tinc VPN > Loaded: loaded (/lib/systemd/system/tinc.service; enabled; vendor preset: > enabled > > Question, when using iproute2 on ubuntu 18.04 should I use a different > configuration for tinc-up? > > > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >
On Tue, Jun 12, 2018 at 05:11:44PM +0700, Robert Horgan wrote:> Trying to connect to db1 (10.130.39.180 port 655) > Timeout from db1 (10.130.39.180 port 655) during authentication > Could not set up a meta connection to db1That means it tried to connect to db1 but either the TCP connection itself did not work out, or there was indeed a timeout during authentication. However, the "timeout during authentication" will also appear if the initial TCP connection timed out.> db1 firewall is OK (existing tinc traffic connecting and PF rule for this server in place) and I wonder whether the messageAre you sure? What happens if you manually telnet/socket 10.130.39.180 655 from web3? -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20180612/f3282e90/attachment.sig>