tinc - Jun 2018 - iproute2 problems

Yes, I am sure but added another broader rule:

nsasia at db1:~$ sudo ufw allow from any port 655 proto udp

same result for debug example.





regards

Robert




>>> Rafael Wolf <rfwolf at gmail.com> 13-Jun-18 5:32 PM
>>>
 
Telnet will only do tcp not udp which tinc works on. Are you sure udp 655 is
open?










On Wed, Jun 13, 2018, 3:51 AM Robert Horgan <robert at nsasia.co.th>
wrote:





Hi, 




Are you sure? What happens if you manually telnet/socket 10.130.39.180




nsasia at web3:~$ telnet 10.130.39.180 655
Trying 10.130.39.180...
Connected to 10.130.39.180.
Escape character is '^]'.
0 db1 17
Connection closed by foreign host.




Stopping the service and running debug I get:




nsasia at web3:~$ sudo tincd -n gainplus -d5 -D
tincd 1.0.33 starting, debug level 5
/dev/net/tun is a Linux tun/tap device (tun mode)
Executing script tinc-up
Listening on 10.130.69.123 port 655
Ready
Trying to connect to db1 (10.130.39.180 port 655)
Connected to db1 (10.130.39.180 port 655)
Sending ID to db1 (10.130.39.180 port 655): 0 web3 17
Sending 10 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 10 bytes to db1 (10.130.39.180 port 655)
Got ID from db1 (10.130.39.180 port 655): 0 db1 17
Sending METAKEY to db1 (10.130.39.180 port 655): 1 429 672 0 0
32B632E5E04DD553A58206EDE3F760472B5B1FCFB69319F6E5BD1D9C6B2B3E7D95903DBF0E7EFD0A7377916B5E8381C412E0478F4CAAF61454505327BE49C4462835E6BBA849D9FA4586D8906B730F85632DBFA2B287C77259A264BB51DC57C5258CE7888C81ABBC00BDEC910194A85F7D3FB771CB73644871B0417E2406C02DF82DEC999CF51B3E86ED4C96820D191A60746EAC0D9ED94CAAB6298C746E9283ACCD144C6E4B5A2D2CE5B197CDF8708880A431C9E67DD7DC36EF0B21635F1670503D731C9D44F04CBF90AD1A281935BD5FD62D1B733286A3E6D8110FA65B918BA603C2C17650803418CA135A259EBE14B216B779B5047A8E70D7EDF4C61C4CCEE7439CCE75828973255F6A26BBC09C76FD9687DE78AB46D1634B97B043DE7AEAF97747DC5BCD9F6DBE936816E452FFAE9A746EB4BA41482C3DEA51497741E2E9AF68F964A05F93003544B66A9DA79FD98DC07F1B9797674100AFAF0428B0A9261B4E7A013B6A653783B9E03970BDA3B6A6B0DE27E985430C81097B996E7BA550BD886CDD4FE4C587A4738CC9D2743E03F78C7142E3822C382AD3577AD80C0836DEE21D4140FD5C22F060592B45973E2F6EC664A048E4C73450776E64C6B6A761CD65A68E8C9C8534F9A1F11BBA6D2784550ECE5D80A16D0011233096307EA0AFF24CDC425C10F936483A7C4CA93D901A538CD7FE4434C592C274558456DD5784
Sending 1039 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 1039 bytes to db1 (10.130.39.180 port 655)
Connection closed by db1 (10.130.39.180 port 655)
Closing connection with db1 (10.130.39.180 port 655)
Could not set up a meta connection to db1
Trying to re-establish outgoing connection in 5 seconds
Purging unreachable nodes
Trying to connect to db1 (10.130.39.180 port 655)
Connected to db1 (10.130.39.180 port 655)
Sending ID to db1 (10.130.39.180 port 655): 0 web3 17
Sending 10 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 10 bytes to db1 (10.130.39.180 port 655)
Got ID from db1 (10.130.39.180 port 655): 0 db1 17
Sending METAKEY to db1 (10.130.39.180 port 655): 1 429 672 0 0
501660105B0077E97E5645EC718096950286BF1ECD06180CCE39D8773408E00674DA7CD075102EB6C47406F7B49612BE32CE7C8D1CA7E849C670DD3905726F4DFCB00505E64551C91D1EF6544FDF470E878D915579F795A5A1A343CA370EE1F5D1CD8848630D9E7B6E8A6BDB38168034790CFDE0D3E6DBA6A67158E4548B210208F4CA02EF427585F17FC8F893C0D124E9520AE56A8ACA0EDF9E705F1804AFEF8A4D938D5BBF62DFE33D5DF0A3D9D497718892E2E9E7B1618ED3D1EFE1906732600A5906881A80A7C6C9266F17F8C7B3BD18EC225D259FC1828D96F0715CD1B076B6DBDE2D095681E214E3EAFF7F484C347BBE5BD70C021BBA74CA8EBCB29448EBCA8E4F41982509ACAE4860070CEFB72E58B4C67260EBDCCA2DE0DA2331AA747A44EE035C69090FE4E243B1F7EC03243EDC04448C82FE0D331CB09B4DD0FB35400B6FC201E82F5CAA676EB8276E0AED0BDC42660A1621FE4D6EB81C85CB720608F0C06F8401E1062E6553759BCA42E372212FE973C02D81896E3F9979EB82EAB027514446E7770446527DB7A155C9756C9E56DEDFFDDEE4778AD78E61E75D7D3863AE71488A596EE0E02850767AACD530A6CF7E98F0D8228B9EAA936DF78FC2EB4E774C96699CAF928C0CE061F06ABA8900C32300603983F85ED9ADCFA8D5DD690DDA3EAA1049AAA00D833E9CD0EF111A1906190DD5FEEB047193E04E7F3B16
Sending 1039 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 1039 bytes to db1 (10.130.39.180 port 655)
Connection closed by db1 (10.130.39.180 port 655)
Closing connection with db1 (10.130.39.180 port 655)
Could not set up a meta connection to db1
Trying to re-establish outgoing connection in 10 seconds
Purging unreachable nodes
Trying to connect to db1 (10.130.39.180 port 655)
Connected to db1 (10.130.39.180 port 655)
Sending ID to db1 (10.130.39.180 port 655): 0 web3 17
Sending 10 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 10 bytes to db1 (10.130.39.180 port 655)
Got ID from db1 (10.130.39.180 port 655): 0 db1 17
Sending METAKEY to db1 (10.130.39.180 port 655): 1 429 672 0 0
0D4F9CB202D27D2BBD0E49307D35EE3D591861C4985929EED89EB94B834B515E85914D4F2C831178541DF755AC8F75604F3E3A9DA5947E8CEEF7383DCA870FF082012237B081A44A99F0E4022A2DC1BB6ED315DCEC03101515ACE914F8A35DE3E7B254733DB4F2FE3D8AADB8B4F97C7425733C5405433483182527D41D3646A9862B61E036FF639F88E0B02696D5D04B272CEFC629C22724F30342E88E9BFAB24B115E12EB6E27B9F0566B24447E933A331FF4144BABA5EE97543775BB4C0B0DD6F85F78B3B05A68519D7899F20E2D53A0831ACFCA9D719C34D879DE4E6E035467AC90FF11179936A63AF11681E7B8301D97016EDC9377CBB7ADB2D16B0100426BFE01AAD7D7C77D8C24948ED7F3F292FEC8E437CDE42746FD8A8F9A0524C1AFC3DB2BE04F090C25E9DA3BB8411F9E70DDE9630AAE88E817BC985E72E8314481821157E5F5883A6B105A61D52A9F5BD12907E639AF88E4529A0E2CBD0AEF0163D8ADCD878EA7888BA762DA8D51DE655C9BDE9EB51D5878FD07BD57CEB1A4B96FA4A088D54E90425B3D52E2DBF8BBF91F0BCD684C2861078BFBBF3430C764F246D592486415C7ABEE0E6671CEC6A911A7B0DD97E03CFBE640D4BB3094ED2B799BD2A8B0F8D01A8BACFC103D15AD12AE9B9F45A9CF01C594E4E7428CEAA9446DEADE0933059E27E92EE02E9321C0A9D63D926A8EE29F50FD067168198128B8E82F
Sending 1039 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 1039 bytes to db1 (10.130.39.180 port 655)
Connection closed by db1 (10.130.39.180 port 655)
Closing connection with db1 (10.130.39.180 port 655)
Could not set up a meta connection to db1
Trying to re-establish outgoing connection in 15 seconds
Purging unreachable nodes
Trying to connect to db1 (10.130.39.180 port 655)
Connected to db1 (10.130.39.180 port 655)
Sending ID to db1 (10.130.39.180 port 655): 0 web3 17
Sending 10 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 10 bytes to db1 (10.130.39.180 port 655)
Got ID from db1 (10.130.39.180 port 655): 0 db1 17
Sending METAKEY to db1 (10.130.39.180 port 655): 1 429 672 0 0
7491BE09991C358FD6E09D5D9E75F36322E33D5782FC617715FC07F084E0D1A1352E1A5FAA73853B98D8EE63E85728AB543E2794ABC93A0F9B3F7B1F111825D6C6BBDAABEB4171DAC4C51E32497C346B57D1FE25B1BED877D88E64DB279645C626F7E0701FE1F62247FBA462FB42ABD00D5EC43DDE0604B02A66E5AA9DAA51849E5602892AC642593A5B4451187273DACF7299705FD724EA1A9B272EC0B80E3587E5AE6C701A585294F167B9DDDE744BDC3723840AE007545833989D4569F98BDF28727311AB751AB660BC5286334A5B9E15C971B60621036C625DA198718862C730AF8C32E31FDBB547B2AD92DA24E126507C03F01B862BDEEF48EC9049898855F9450BD7FC68E30615F280F1215442E3B4F49F2FAD6D08BD1D2D0351CBB4C0FAA440FFE3564F96D522198CB50830F9EDF0C38C5BE9888EB5889BFB16818B551DAD8FB7D289369E5539BAD9B1EC4900F389CAB87D51532518FEC2433462B1F6E493BCB2239A4280ADC0DEE4629CF04D083924AE531A3A30EA8236682905597CF20049551F475FB97E09A6240249BA4447316A558B9470F38159143BE2676B3F311FEC216DA9CFEC54660E3E8ED4CB59CC02CF797A97862C5A63E88AC92C75D4EB150A97A72A3C6A2FDD6BDEE10DE652D9A9B18DF7A74B29263CA85977CD7042A7B8E528D813B8A2A10F21BA9E860105931D3863EDED8E255387D7751AAD38E0
Sending 1039 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 1039 bytes to db1 (10.130.39.180 port 655)
Connection closed by db1 (10.130.39.180 port 655)
Closing connection with db1 (10.130.39.180 port 655)
Could not set up a meta connection to db1
Trying to re-establish outgoing connection in 20 seconds
Purging unreachable nodes
Trying to connect to db1 (10.130.39.180 port 655)
Connected to db1 (10.130.39.180 port 655)
Sending ID to db1 (10.130.39.180 port 655): 0 web3 17
Sending 10 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 10 bytes to db1 (10.130.39.180 port 655)
Got ID from db1 (10.130.39.180 port 655): 0 db1 17
Sending METAKEY to db1 (10.130.39.180 port 655): 1 429 672 0 0
AFCDF6958008BD1AB579526A1D7567EADD54EFECA85FB8F9A2F74917A8837D57867DF9DD4FF7B29CAE96C07E50FE8EFBA332FF86777212155558521FE97D4C5DD034AA3546CA73FB22654E4A62D03B68980CA0CC162B5FCD008CBF923C850F40C8A1ACCD56765519744CBF6D767754B2BF5B9216E511C4B78B2DA582847976F406E0A5B0FD764290D11F4D3CEB865DDDE2F379AB8FF37171D8B237CC321C0D5C5F995B2C3B7BF1E3D8846463325A697722C99DB34AD537302D7B6E9F7D0EC37EC0165A726596E83A46731ABAEA18F9A25D72B5D5182B7369BBA904729E2AAE1511FDC0EA2A94CF7738C2FF1A070516681B81E010F0BE546DAFC7C4F218D6D5B5E068B06E67CAD023EFD7AE801FAC7826B4882561B5685114738A4876AD4AD330D452B78188F32D5FFE53621DA70B79CD5822C7BF4BAA87C6E88E05293E1A4DDE6ACB955494C247C34CDB7F875852AFD5DD85BBFD0A48F6A54ED4E863D2297D834B280BE1BD19B3305C50633EB3E2B058CCDF23F17D19C0FCCB882246763DE6A7E77BEE9AF62B0D23CC9E5BC95B5535F6286F4FEBD2FE2F6F88AD647F3BFE5BE45FAEB440FE4B2DA0D5C3CC22D0EFF68CD9AD492844EE67A927F57A5E5284BE2AE2387F5A2E78D3C25A63E0EC3CD064AC2DA6894E657B31CA6F1EFCD0FF41CEFAB1030D0C85A801608A036165659B327AB33003AE7F89DE7DEED2ACC45DDD4293
Sending 1039 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 1039 bytes to db1 (10.130.39.180 port 655)
Connection closed by db1 (10.130.39.180 port 655)
Closing connection with db1 (10.130.39.180 port 655)
Could not set up a meta connection to db1
Trying to re-establish outgoing connection in 25 seconds
Purging unreachable nodes
Trying to connect to db1 (10.130.39.180 port 655)
Connected to db1 (10.130.39.180 port 655)
Sending ID to db1 (10.130.39.180 port 655): 0 web3 17
Sending 10 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 10 bytes to db1 (10.130.39.180 port 655)
Got ID from db1 (10.130.39.180 port 655): 0 db1 17
Sending METAKEY to db1 (10.130.39.180 port 655): 1 429 672 0 0
C4CF012BD6F40D3646144E138D1D7EB274CFB44A3EBE5691FA8817AC056638D6FE7CC31AED57263F11A75A419B5285BCD89A0FA7D3FD4C9BFF74A46615DB64695F9A67FF9A8424B0703CEBA94B9671F0E5DFB5AEE41FE73E9104A573417F99025AAA61F5A1B02F0EE51A8A9EE7B21FEACBF94D631A6033E665972301821EFFE175B114D439B0498D8B400C8FD6141D690BC75DFA94E2DEE6B4AB109C67125616E9FCEEC2AD8156D37321460BB9F5BA29FDAA3446DA37F56516259B42E0F660E9F1186CEC47EE88BD2128F12701C658D93D6A329EC171DE249DE5DDBFF40625A9AC8473B3E187A8EE642CA8A8FF820E1F0704243147A3093EE4D88F374FD864C2E738ECC2DAEA80884573B8BD6C24FF882C3E524F2B459FC4442D072A5E302CCEDF66AA6C5727DF65D8813E3F872DAD70CCFB735B3A0A322D51EACE24C674DCA3B63ABC4F97EB30A1A6988C1D2BF8CB935A64E1E5CD677178C160DF87AF5794F5C003BCFD035D5721BB6CD61A9174018D5FA616DB378301193AF88B5D80E914141D19B6583F36816419917BEA9896A03E7D9FA47D469225170E9D2A4045D46C24658AC341EA9A08DA7A29A4EC22CE3E74D127FE25F0655CC6881F94CB96E9B2C769A6532263E9BAE6EA5C404CE4B1F93755C29DFF7F6CED1187F89C892BC694A0A23E697FC5B8D78568FD8DE081DFF529596B755E7D9A0C674D0959D2D8789D74
Sending 1039 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 1039 bytes to db1 (10.130.39.180 port 655)
Connection closed by db1 (10.130.39.180 port 655)
Closing connection with db1 (10.130.39.180 port 655)
Could not set up a meta connection to db1
Trying to re-establish outgoing connection in 30 seconds
Purging unreachable nodes






regards

Robert




>>> Guus Sliepen <guus at tinc-vpn.org> 12-Jun-18 10:10 PM
>>>

On Tue, Jun 12, 2018 at 05:11:44PM +0700, Robert Horgan wrote:



> Trying to connect to db1 (10.130.39.180 port 655)
> Timeout from db1 (10.130.39.180 port 655) during authentication
> Could not set up a meta connection to db1



That means it tried to connect to db1 but either the TCP connection

itself did not work out, or there was indeed a timeout during

authentication. However, the "timeout during authentication" will also

appear if the initial TCP connection timed out.



> db1 firewall is OK (existing tinc traffic connecting and PF rule for this
server in place) and I wonder whether the message



Are you sure? What happens if you manually telnet/socket 10.130.39.180

655 from web3?




-- 

Met vriendelijke groet / with kind regards,

Guus Sliepen <guus at tinc-vpn.org>
_______________________________________________
 tinc mailing list
tinc at tinc-vpn.org
https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://www.tinc-vpn.org/pipermail/tinc/attachments/20180613/3853068a/attachment-0001.html>

You know I think I've seen this once before.

Got ID from db1 (10.130.39.180 port 655): 0 db1 17
Sending METAKEY to db1


It looks like it's communicating properly but there is a problem with your
keys.

Can you rename and regenerate your keys?

On a project I'm working on when we transferred our keys to another client
it put Carriage returns so there was a key mismatch.

Try that and see what happens!

Make sure your keys match exactly.






On Wed, Jun 13, 2018, 6:48 AM Robert Horgan <robert at nsasia.co.th>
wrote:
> Yes, I am sure but added another broader rule:
> nsasia at db1:~$ sudo ufw allow from any port 655 proto udp
> same result for debug example.
>
> regards
> Robert
>
>
> >>> Rafael Wolf <rfwolf at gmail.com> 13-Jun-18 5:32 PM
>>>
> Telnet will only do tcp not udp which tinc works on. Are you sure udp 655
> is open?
>
>
>
> On Wed, Jun 13, 2018, 3:51 AM Robert Horgan <robert at nsasia.co.th>
wrote:
>
>> Hi,
>>
>> *Are you sure? What happens if you manually telnet/socket
10.130.39.180*
>>
>> nsasia at web3:~$ telnet 10.130.39.180 655
>> Trying 10.130.39.180...
>> Connected to 10.130.39.180.
>> Escape character is '^]'.
>> 0 db1 17
>> Connection closed by foreign host.
>>
>> Stopping the service and running debug I get:
>>
>> nsasia at web3:~$ sudo tincd -n gainplus -d5 -D
>> tincd 1.0.33 starting, debug level 5
>> /dev/net/tun is a Linux tun/tap device (tun mode)
>> Executing script tinc-up
>> Listening on 10.130.69.123 port 655
>> Ready
>> Trying to connect to db1 (10.130.39.180 port 655)
>> Connected to db1 (10.130.39.180 port 655)
>> Sending ID to db1 (10.130.39.180 port 655): 0 web3 17
>> Sending 10 bytes of metadata to db1 (10.130.39.180 port 655)
>> Flushing 10 bytes to db1 (10.130.39.180 port 655)
>> Got ID from db1 (10.130.39.180 port 655): 0 db1 17
>> Sending METAKEY to db1 (10.130.39.180 port 655): 1 429 672 0 0
>>
32B632E5E04DD553A58206EDE3F760472B5B1FCFB69319F6E5BD1D9C6B2B3E7D95903DBF0E7EFD0A7377916B5E8381C412E0478F4CAAF61454505327BE49C4462835E6BBA849D9FA4586D8906B730F85632DBFA2B287C77259A264BB51DC57C5258CE7888C81ABBC00BDEC910194A85F7D3FB771CB73644871B0417E2406C02DF82DEC999CF51B3E86ED4C96820D191A60746EAC0D9ED94CAAB6298C746E9283ACCD144C6E4B5A2D2CE5B197CDF8708880A431C9E67DD7DC36EF0B21635F1670503D731C9D44F04CBF90AD1A281935BD5FD62D1B733286A3E6D8110FA65B918BA603C2C17650803418CA135A259EBE14B216B779B5047A8E70D7EDF4C61C4CCEE7439CCE75828973255F6A26BBC09C76FD9687DE78AB46D1634B97B043DE7AEAF97747DC5BCD9F6DBE936816E452FFAE9A746EB4BA41482C3DEA51497741E2E9AF68F964A05F93003544B66A9DA79FD98DC07F1B9797674100AFAF0428B0A9261B4E7A013B6A653783B9E03970BDA3B6A6B0DE27E985430C81097B996E7BA550BD886CDD4FE4C587A4738CC9D2743E03F78C7142E3822C382AD3577AD80C0836DEE21D4140FD5C22F060592B45973E2F6EC664A048E4C73450776E64C6B6A761CD65A68E8C9C8534F9A1F11BBA6D2784550ECE5D80A16D0011233096307EA0AFF24CDC425C10F936483A7C4CA93D901A538CD7FE4434C592C274558456DD5784
>> Sending 1039 bytes of metadata to db1 (10.130.39.180 port 655)
>> Flushing 1039 bytes to db1 (10.130.39.180 port 655)
>> Connection closed by db1 (10.130.39.180 port 655)
>> Closing connection with db1 (10.130.39.180 port 655)
>> Could not set up a meta connection to db1
>> Trying to re-establish outgoing connection in 5 seconds
>> Purging unreachable nodes
>> Trying to connect to db1 (10.130.39.180 port 655)
>> Connected to db1 (10.130.39.180 port 655)
>> Sending ID to db1 (10.130.39.180 port 655): 0 web3 17
>> Sending 10 bytes of metadata to db1 (10.130.39.180 port 655)
>> Flushing 10 bytes to db1 (10.130.39.180 port 655)
>> Got ID from db1 (10.130.39.180 port 655): 0 db1 17
>> Sending METAKEY to db1 (10.130.39.180 port 655): 1 429 672 0 0
>>
501660105B0077E97E5645EC718096950286BF1ECD06180CCE39D8773408E00674DA7CD075102EB6C47406F7B49612BE32CE7C8D1CA7E849C670DD3905726F4DFCB00505E64551C91D1EF6544FDF470E878D915579F795A5A1A343CA370EE1F5D1CD8848630D9E7B6E8A6BDB38168034790CFDE0D3E6DBA6A67158E4548B210208F4CA02EF427585F17FC8F893C0D124E9520AE56A8ACA0EDF9E705F1804AFEF8A4D938D5BBF62DFE33D5DF0A3D9D497718892E2E9E7B1618ED3D1EFE1906732600A5906881A80A7C6C9266F17F8C7B3BD18EC225D259FC1828D96F0715CD1B076B6DBDE2D095681E214E3EAFF7F484C347BBE5BD70C021BBA74CA8EBCB29448EBCA8E4F41982509ACAE4860070CEFB72E58B4C67260EBDCCA2DE0DA2331AA747A44EE035C69090FE4E243B1F7EC03243EDC04448C82FE0D331CB09B4DD0FB35400B6FC201E82F5CAA676EB8276E0AED0BDC42660A1621FE4D6EB81C85CB720608F0C06F8401E1062E6553759BCA42E372212FE973C02D81896E3F9979EB82EAB027514446E7770446527DB7A155C9756C9E56DEDFFDDEE4778AD78E61E75D7D3863AE71488A596EE0E02850767AACD530A6CF7E98F0D8228B9EAA936DF78FC2EB4E774C96699CAF928C0CE061F06ABA8900C32300603983F85ED9ADCFA8D5DD690DDA3EAA1049AAA00D833E9CD0EF111A1906190DD5FEEB047193E04E7F3B16
>> Sending 1039 bytes of metadata to db1 (10.130.39.180 port 655)
>> Flushing 1039 bytes to db1 (10.130.39.180 port 655)
>> Connection closed by db1 (10.130.39.180 port 655)
>> Closing connection with db1 (10.130.39.180 port 655)
>> Could not set up a meta connection to db1
>> Trying to re-establish outgoing connection in 10 seconds
>> Purging unreachable nodes
>> Trying to connect to db1 (10.130.39.180 port 655)
>> Connected to db1 (10.130.39.180 port 655)
>> Sending ID to db1 (10.130.39.180 port 655): 0 web3 17
>> Sending 10 bytes of metadata to db1 (10.130.39.180 port 655)
>> Flushing 10 bytes to db1 (10.130.39.180 port 655)
>> Got ID from db1 (10.130.39.180 port 655): 0 db1 17
>> Sending METAKEY to db1 (10.130.39.180 port 655): 1 429 672 0 0
>>
0D4F9CB202D27D2BBD0E49307D35EE3D591861C4985929EED89EB94B834B515E85914D4F2C831178541DF755AC8F75604F3E3A9DA5947E8CEEF7383DCA870FF082012237B081A44A99F0E4022A2DC1BB6ED315DCEC03101515ACE914F8A35DE3E7B254733DB4F2FE3D8AADB8B4F97C7425733C5405433483182527D41D3646A9862B61E036FF639F88E0B02696D5D04B272CEFC629C22724F30342E88E9BFAB24B115E12EB6E27B9F0566B24447E933A331FF4144BABA5EE97543775BB4C0B0DD6F85F78B3B05A68519D7899F20E2D53A0831ACFCA9D719C34D879DE4E6E035467AC90FF11179936A63AF11681E7B8301D97016EDC9377CBB7ADB2D16B0100426BFE01AAD7D7C77D8C24948ED7F3F292FEC8E437CDE42746FD8A8F9A0524C1AFC3DB2BE04F090C25E9DA3BB8411F9E70DDE9630AAE88E817BC985E72E8314481821157E5F5883A6B105A61D52A9F5BD12907E639AF88E4529A0E2CBD0AEF0163D8ADCD878EA7888BA762DA8D51DE655C9BDE9EB51D5878FD07BD57CEB1A4B96FA4A088D54E90425B3D52E2DBF8BBF91F0BCD684C2861078BFBBF3430C764F246D592486415C7ABEE0E6671CEC6A911A7B0DD97E03CFBE640D4BB3094ED2B799BD2A8B0F8D01A8BACFC103D15AD12AE9B9F45A9CF01C594E4E7428CEAA9446DEADE0933059E27E92EE02E9321C0A9D63D926A8EE29F50FD067168198128B8E82F
>> Sending 1039 bytes of metadata to db1 (10.130.39.180 port 655)
>> Flushing 1039 bytes to db1 (10.130.39.180 port 655)
>> Connection closed by db1 (10.130.39.180 port 655)
>> Closing connection with db1 (10.130.39.180 port 655)
>> Could not set up a meta connection to db1
>> Trying to re-establish outgoing connection in 15 seconds
>> Purging unreachable nodes
>> Trying to connect to db1 (10.130.39.180 port 655)
>> Connected to db1 (10.130.39.180 port 655)
>> Sending ID to db1 (10.130.39.180 port 655): 0 web3 17
>> Sending 10 bytes of metadata to db1 (10.130.39.180 port 655)
>> Flushing 10 bytes to db1 (10.130.39.180 port 655)
>> Got ID from db1 (10.130.39.180 port 655): 0 db1 17
>> Sending METAKEY to db1 (10.130.39.180 port 655): 1 429 672 0 0
>>
7491BE09991C358FD6E09D5D9E75F36322E33D5782FC617715FC07F084E0D1A1352E1A5FAA73853B98D8EE63E85728AB543E2794ABC93A0F9B3F7B1F111825D6C6BBDAABEB4171DAC4C51E32497C346B57D1FE25B1BED877D88E64DB279645C626F7E0701FE1F62247FBA462FB42ABD00D5EC43DDE0604B02A66E5AA9DAA51849E5602892AC642593A5B4451187273DACF7299705FD724EA1A9B272EC0B80E3587E5AE6C701A585294F167B9DDDE744BDC3723840AE007545833989D4569F98BDF28727311AB751AB660BC5286334A5B9E15C971B60621036C625DA198718862C730AF8C32E31FDBB547B2AD92DA24E126507C03F01B862BDEEF48EC9049898855F9450BD7FC68E30615F280F1215442E3B4F49F2FAD6D08BD1D2D0351CBB4C0FAA440FFE3564F96D522198CB50830F9EDF0C38C5BE9888EB5889BFB16818B551DAD8FB7D289369E5539BAD9B1EC4900F389CAB87D51532518FEC2433462B1F6E493BCB2239A4280ADC0DEE4629CF04D083924AE531A3A30EA8236682905597CF20049551F475FB97E09A6240249BA4447316A558B9470F38159143BE2676B3F311FEC216DA9CFEC54660E3E8ED4CB59CC02CF797A97862C5A63E88AC92C75D4EB150A97A72A3C6A2FDD6BDEE10DE652D9A9B18DF7A74B29263CA85977CD7042A7B8E528D813B8A2A10F21BA9E860105931D3863EDED8E255387D7751AAD38E0
>> Sending 1039 bytes of metadata to db1 (10.130.39.180 port 655)
>> Flushing 1039 bytes to db1 (10.130.39.180 port 655)
>> Connection closed by db1 (10.130.39.180 port 655)
>> Closing connection with db1 (10.130.39.180 port 655)
>> Could not set up a meta connection to db1
>> Trying to re-establish outgoing connection in 20 seconds
>> Purging unreachable nodes
>> Trying to connect to db1 (10.130.39.180 port 655)
>> Connected to db1 (10.130.39.180 port 655)
>> Sending ID to db1 (10.130.39.180 port 655): 0 web3 17
>> Sending 10 bytes of metadata to db1 (10.130.39.180 port 655)
>> Flushing 10 bytes to db1 (10.130.39.180 port 655)
>> Got ID from db1 (10.130.39.180 port 655): 0 db1 17
>> Sending METAKEY to db1 (10.130.39.180 port 655): 1 429 672 0 0
>>
AFCDF6958008BD1AB579526A1D7567EADD54EFECA85FB8F9A2F74917A8837D57867DF9DD4FF7B29CAE96C07E50FE8EFBA332FF86777212155558521FE97D4C5DD034AA3546CA73FB22654E4A62D03B68980CA0CC162B5FCD008CBF923C850F40C8A1ACCD56765519744CBF6D767754B2BF5B9216E511C4B78B2DA582847976F406E0A5B0FD764290D11F4D3CEB865DDDE2F379AB8FF37171D8B237CC321C0D5C5F995B2C3B7BF1E3D8846463325A697722C99DB34AD537302D7B6E9F7D0EC37EC0165A726596E83A46731ABAEA18F9A25D72B5D5182B7369BBA904729E2AAE1511FDC0EA2A94CF7738C2FF1A070516681B81E010F0BE546DAFC7C4F218D6D5B5E068B06E67CAD023EFD7AE801FAC7826B4882561B5685114738A4876AD4AD330D452B78188F32D5FFE53621DA70B79CD5822C7BF4BAA87C6E88E05293E1A4DDE6ACB955494C247C34CDB7F875852AFD5DD85BBFD0A48F6A54ED4E863D2297D834B280BE1BD19B3305C50633EB3E2B058CCDF23F17D19C0FCCB882246763DE6A7E77BEE9AF62B0D23CC9E5BC95B5535F6286F4FEBD2FE2F6F88AD647F3BFE5BE45FAEB440FE4B2DA0D5C3CC22D0EFF68CD9AD492844EE67A927F57A5E5284BE2AE2387F5A2E78D3C25A63E0EC3CD064AC2DA6894E657B31CA6F1EFCD0FF41CEFAB1030D0C85A801608A036165659B327AB33003AE7F89DE7DEED2ACC45DDD4293
>> Sending 1039 bytes of metadata to db1 (10.130.39.180 port 655)
>> Flushing 1039 bytes to db1 (10.130.39.180 port 655)
>> Connection closed by db1 (10.130.39.180 port 655)
>> Closing connection with db1 (10.130.39.180 port 655)
>> Could not set up a meta connection to db1
>> Trying to re-establish outgoing connection in 25 seconds
>> Purging unreachable nodes
>> Trying to connect to db1 (10.130.39.180 port 655)
>> Connected to db1 (10.130.39.180 port 655)
>> Sending ID to db1 (10.130.39.180 port 655): 0 web3 17
>> Sending 10 bytes of metadata to db1 (10.130.39.180 port 655)
>> Flushing 10 bytes to db1 (10.130.39.180 port 655)
>> Got ID from db1 (10.130.39.180 port 655): 0 db1 17
>> Sending METAKEY to db1 (10.130.39.180 port 655): 1 429 672 0 0
>>
C4CF012BD6F40D3646144E138D1D7EB274CFB44A3EBE5691FA8817AC056638D6FE7CC31AED57263F11A75A419B5285BCD89A0FA7D3FD4C9BFF74A46615DB64695F9A67FF9A8424B0703CEBA94B9671F0E5DFB5AEE41FE73E9104A573417F99025AAA61F5A1B02F0EE51A8A9EE7B21FEACBF94D631A6033E665972301821EFFE175B114D439B0498D8B400C8FD6141D690BC75DFA94E2DEE6B4AB109C67125616E9FCEEC2AD8156D37321460BB9F5BA29FDAA3446DA37F56516259B42E0F660E9F1186CEC47EE88BD2128F12701C658D93D6A329EC171DE249DE5DDBFF40625A9AC8473B3E187A8EE642CA8A8FF820E1F0704243147A3093EE4D88F374FD864C2E738ECC2DAEA80884573B8BD6C24FF882C3E524F2B459FC4442D072A5E302CCEDF66AA6C5727DF65D8813E3F872DAD70CCFB735B3A0A322D51EACE24C674DCA3B63ABC4F97EB30A1A6988C1D2BF8CB935A64E1E5CD677178C160DF87AF5794F5C003BCFD035D5721BB6CD61A9174018D5FA616DB378301193AF88B5D80E914141D19B6583F36816419917BEA9896A03E7D9FA47D469225170E9D2A4045D46C24658AC341EA9A08DA7A29A4EC22CE3E74D127FE25F0655CC6881F94CB96E9B2C769A6532263E9BAE6EA5C404CE4B1F93755C29DFF7F6CED1187F89C892BC694A0A23E697FC5B8D78568FD8DE081DFF529596B755E7D9A0C674D0959D2D8789D74
>> Sending 1039 bytes of metadata to db1 (10.130.39.180 port 655)
>> Flushing 1039 bytes to db1 (10.130.39.180 port 655)
>> Connection closed by db1 (10.130.39.180 port 655)
>> Closing connection with db1 (10.130.39.180 port 655)
>> Could not set up a meta connection to db1
>> Trying to re-establish outgoing connection in 30 seconds
>> Purging unreachable nodes
>>
>>
>> regards
>> Robert
>>
>>
>> >>> Guus Sliepen <guus at tinc-vpn.org> 12-Jun-18 10:10
PM >>>
>> On Tue, Jun 12, 2018 at 05:11:44PM +0700, Robert Horgan wrote:
>>
>> > Trying to connect to db1 (10.130.39.180 port 655)
>> > Timeout from db1 (10.130.39.180 port 655) during authentication
>> > Could not set up a meta connection to db1
>>
>> That means it tried to connect to db1 but either the TCP connection
>> itself did not work out, or there was indeed a timeout during
>> authentication. However, the "timeout during authentication"
will also
>> appear if the initial TCP connection timed out.
>>
>> > db1 firewall is OK (existing tinc traffic connecting and PF rule
for
>> this server in place) and I wonder whether the message
>>
>> Are you sure? What happens if you manually telnet/socket 10.130.39.180
>> 655 from web3?
>>
>> --
>> Met vriendelijke groet / with kind regards,
>> Guus Sliepen <guus at tinc-vpn.org>
>> _______________________________________________
>> tinc mailing list
>> tinc at tinc-vpn.org
>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://www.tinc-vpn.org/pipermail/tinc/attachments/20180613/2e8178c0/attachment-0001.html>

Thanks everyone for your help.  The VPN is now up and running and whilst I
understand the change that enabled it, I do not understand the logic of why.




On my primary server (#db1) that other connections were set to first connect I
had the following filters:




1    Anywhere on eth1        ALLOW       10.130.55.248    655/udp           
#web2
2    Anywhere on eth1        ALLOW       10.130.17.192    655/udp           
#web3
3    Anywhere on eth1        ALLOW       10.130.36.58     655/udp           
#web1


4    Anywhere on eth1        ALLOW       10.130.69.123    655/udp           
#db2

5    Anywhere                ALLOW       10.0.0.0/24





(eth1 is the interface to the private network at DigitalOcean having a /16
network)




Three servers could establish a Tinc VPN without issue.  No problems with
certificates of connections.




After adding a new rule:

6    Anywhere                ALLOW    10.130.17.192                             
(ie a more open rule than Rule 2 above), I was able to immediately connect
between the last server on the 10.0.0.0/24 network.




I don't suggest this problem ended up having anything to do with Tinc, and
so really appreciate the time and effort of the responses received.  If anyone
could explain the why of the above I would appreciate adding to my learning.





regards

Robert




>>> Rafael Wolf <rfwolf at gmail.com> 13-Jun-18 11:01 PM
>>>
 

You know I think I've seen this once before.



Got ID from db1 (10.130.39.180 port 655): 0 db1 17
Sending METAKEY to db1 








It looks like it's communicating properly but there is a problem with your
keys.




Can you rename and regenerate your keys?




On a project I'm working on when we transferred our keys to another client
it put Carriage returns so there was a key mismatch.




Try that and see what happens!




Make sure your keys match exactly.
















On Wed, Jun 13, 2018, 6:48 AM Robert Horgan <robert at nsasia.co.th>
wrote:





Yes, I am sure but added another broader rule:

nsasia at db1:~$ sudo ufw allow from any port 655 proto udp

same result for debug example.





regards

Robert




>>> Rafael Wolf <rfwolf at gmail.com> 13-Jun-18 5:32 PM
>>>
 
Telnet will only do tcp not udp which tinc works on. Are you sure udp 655 is
open?










On Wed, Jun 13, 2018, 3:51 AM Robert Horgan <robert at nsasia.co.th>
wrote:





Hi, 




Are you sure? What happens if you manually telnet/socket 10.130.39.180




nsasia at web3:~$ telnet 10.130.39.180 655
Trying 10.130.39.180...
Connected to 10.130.39.180.
Escape character is '^]'.
0 db1 17
Connection closed by foreign host.




Stopping the service and running debug I get:




nsasia at web3:~$ sudo tincd -n gainplus -d5 -D
tincd 1.0.33 starting, debug level 5
/dev/net/tun is a Linux tun/tap device (tun mode)
Executing script tinc-up
Listening on 10.130.69.123 port 655
Ready
Trying to connect to db1 (10.130.39.180 port 655)
Connected to db1 (10.130.39.180 port 655)
Sending ID to db1 (10.130.39.180 port 655): 0 web3 17
Sending 10 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 10 bytes to db1 (10.130.39.180 port 655)
Got ID from db1 (10.130.39.180 port 655): 0 db1 17
Sending METAKEY to db1 (10.130.39.180 port 655): 1 429 672 0 0
32B632E5E04DD553A58206EDE3F760472B5B1FCFB69319F6E5BD1D9C6B2B3E7D95903DBF0E7EFD0A7377916B5E8381C412E0478F4CAAF61454505327BE49C4462835E6BBA849D9FA4586D8906B730F85632DBFA2B287C77259A264BB51DC57C5258CE7888C81ABBC00BDEC910194A85F7D3FB771CB73644871B0417E2406C02DF82DEC999CF51B3E86ED4C96820D191A60746EAC0D9ED94CAAB6298C746E9283ACCD144C6E4B5A2D2CE5B197CDF8708880A431C9E67DD7DC36EF0B21635F1670503D731C9D44F04CBF90AD1A281935BD5FD62D1B733286A3E6D8110FA65B918BA603C2C17650803418CA135A259EBE14B216B779B5047A8E70D7EDF4C61C4CCEE7439CCE75828973255F6A26BBC09C76FD9687DE78AB46D1634B97B043DE7AEAF97747DC5BCD9F6DBE936816E452FFAE9A746EB4BA41482C3DEA51497741E2E9AF68F964A05F93003544B66A9DA79FD98DC07F1B9797674100AFAF0428B0A9261B4E7A013B6A653783B9E03970BDA3B6A6B0DE27E985430C81097B996E7BA550BD886CDD4FE4C587A4738CC9D2743E03F78C7142E3822C382AD3577AD80C0836DEE21D4140FD5C22F060592B45973E2F6EC664A048E4C73450776E64C6B6A761CD65A68E8C9C8534F9A1F11BBA6D2784550ECE5D80A16D0011233096307EA0AFF24CDC425C10F936483A7C4CA93D901A538CD7FE4434C592C274558456DD5784
Sending 1039 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 1039 bytes to db1 (10.130.39.180 port 655)
Connection closed by db1 (10.130.39.180 port 655)
Closing connection with db1 (10.130.39.180 port 655)
Could not set up a meta connection to db1
Trying to re-establish outgoing connection in 5 seconds
Purging unreachable nodes
Trying to connect to db1 (10.130.39.180 port 655)
Connected to db1 (10.130.39.180 port 655)
Sending ID to db1 (10.130.39.180 port 655): 0 web3 17
Sending 10 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 10 bytes to db1 (10.130.39.180 port 655)
Got ID from db1 (10.130.39.180 port 655): 0 db1 17
Sending METAKEY to db1 (10.130.39.180 port 655): 1 429 672 0 0
501660105B0077E97E5645EC718096950286BF1ECD06180CCE39D8773408E00674DA7CD075102EB6C47406F7B49612BE32CE7C8D1CA7E849C670DD3905726F4DFCB00505E64551C91D1EF6544FDF470E878D915579F795A5A1A343CA370EE1F5D1CD8848630D9E7B6E8A6BDB38168034790CFDE0D3E6DBA6A67158E4548B210208F4CA02EF427585F17FC8F893C0D124E9520AE56A8ACA0EDF9E705F1804AFEF8A4D938D5BBF62DFE33D5DF0A3D9D497718892E2E9E7B1618ED3D1EFE1906732600A5906881A80A7C6C9266F17F8C7B3BD18EC225D259FC1828D96F0715CD1B076B6DBDE2D095681E214E3EAFF7F484C347BBE5BD70C021BBA74CA8EBCB29448EBCA8E4F41982509ACAE4860070CEFB72E58B4C67260EBDCCA2DE0DA2331AA747A44EE035C69090FE4E243B1F7EC03243EDC04448C82FE0D331CB09B4DD0FB35400B6FC201E82F5CAA676EB8276E0AED0BDC42660A1621FE4D6EB81C85CB720608F0C06F8401E1062E6553759BCA42E372212FE973C02D81896E3F9979EB82EAB027514446E7770446527DB7A155C9756C9E56DEDFFDDEE4778AD78E61E75D7D3863AE71488A596EE0E02850767AACD530A6CF7E98F0D8228B9EAA936DF78FC2EB4E774C96699CAF928C0CE061F06ABA8900C32300603983F85ED9ADCFA8D5DD690DDA3EAA1049AAA00D833E9CD0EF111A1906190DD5FEEB047193E04E7F3B16
Sending 1039 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 1039 bytes to db1 (10.130.39.180 port 655)
Connection closed by db1 (10.130.39.180 port 655)
Closing connection with db1 (10.130.39.180 port 655)
Could not set up a meta connection to db1
Trying to re-establish outgoing connection in 10 seconds
Purging unreachable nodes
Trying to connect to db1 (10.130.39.180 port 655)
Connected to db1 (10.130.39.180 port 655)
Sending ID to db1 (10.130.39.180 port 655): 0 web3 17
Sending 10 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 10 bytes to db1 (10.130.39.180 port 655)
Got ID from db1 (10.130.39.180 port 655): 0 db1 17
Sending METAKEY to db1 (10.130.39.180 port 655): 1 429 672 0 0
0D4F9CB202D27D2BBD0E49307D35EE3D591861C4985929EED89EB94B834B515E85914D4F2C831178541DF755AC8F75604F3E3A9DA5947E8CEEF7383DCA870FF082012237B081A44A99F0E4022A2DC1BB6ED315DCEC03101515ACE914F8A35DE3E7B254733DB4F2FE3D8AADB8B4F97C7425733C5405433483182527D41D3646A9862B61E036FF639F88E0B02696D5D04B272CEFC629C22724F30342E88E9BFAB24B115E12EB6E27B9F0566B24447E933A331FF4144BABA5EE97543775BB4C0B0DD6F85F78B3B05A68519D7899F20E2D53A0831ACFCA9D719C34D879DE4E6E035467AC90FF11179936A63AF11681E7B8301D97016EDC9377CBB7ADB2D16B0100426BFE01AAD7D7C77D8C24948ED7F3F292FEC8E437CDE42746FD8A8F9A0524C1AFC3DB2BE04F090C25E9DA3BB8411F9E70DDE9630AAE88E817BC985E72E8314481821157E5F5883A6B105A61D52A9F5BD12907E639AF88E4529A0E2CBD0AEF0163D8ADCD878EA7888BA762DA8D51DE655C9BDE9EB51D5878FD07BD57CEB1A4B96FA4A088D54E90425B3D52E2DBF8BBF91F0BCD684C2861078BFBBF3430C764F246D592486415C7ABEE0E6671CEC6A911A7B0DD97E03CFBE640D4BB3094ED2B799BD2A8B0F8D01A8BACFC103D15AD12AE9B9F45A9CF01C594E4E7428CEAA9446DEADE0933059E27E92EE02E9321C0A9D63D926A8EE29F50FD067168198128B8E82F
Sending 1039 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 1039 bytes to db1 (10.130.39.180 port 655)
Connection closed by db1 (10.130.39.180 port 655)
Closing connection with db1 (10.130.39.180 port 655)
Could not set up a meta connection to db1
Trying to re-establish outgoing connection in 15 seconds
Purging unreachable nodes
Trying to connect to db1 (10.130.39.180 port 655)
Connected to db1 (10.130.39.180 port 655)
Sending ID to db1 (10.130.39.180 port 655): 0 web3 17
Sending 10 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 10 bytes to db1 (10.130.39.180 port 655)
Got ID from db1 (10.130.39.180 port 655): 0 db1 17
Sending METAKEY to db1 (10.130.39.180 port 655): 1 429 672 0 0
7491BE09991C358FD6E09D5D9E75F36322E33D5782FC617715FC07F084E0D1A1352E1A5FAA73853B98D8EE63E85728AB543E2794ABC93A0F9B3F7B1F111825D6C6BBDAABEB4171DAC4C51E32497C346B57D1FE25B1BED877D88E64DB279645C626F7E0701FE1F62247FBA462FB42ABD00D5EC43DDE0604B02A66E5AA9DAA51849E5602892AC642593A5B4451187273DACF7299705FD724EA1A9B272EC0B80E3587E5AE6C701A585294F167B9DDDE744BDC3723840AE007545833989D4569F98BDF28727311AB751AB660BC5286334A5B9E15C971B60621036C625DA198718862C730AF8C32E31FDBB547B2AD92DA24E126507C03F01B862BDEEF48EC9049898855F9450BD7FC68E30615F280F1215442E3B4F49F2FAD6D08BD1D2D0351CBB4C0FAA440FFE3564F96D522198CB50830F9EDF0C38C5BE9888EB5889BFB16818B551DAD8FB7D289369E5539BAD9B1EC4900F389CAB87D51532518FEC2433462B1F6E493BCB2239A4280ADC0DEE4629CF04D083924AE531A3A30EA8236682905597CF20049551F475FB97E09A6240249BA4447316A558B9470F38159143BE2676B3F311FEC216DA9CFEC54660E3E8ED4CB59CC02CF797A97862C5A63E88AC92C75D4EB150A97A72A3C6A2FDD6BDEE10DE652D9A9B18DF7A74B29263CA85977CD7042A7B8E528D813B8A2A10F21BA9E860105931D3863EDED8E255387D7751AAD38E0
Sending 1039 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 1039 bytes to db1 (10.130.39.180 port 655)
Connection closed by db1 (10.130.39.180 port 655)
Closing connection with db1 (10.130.39.180 port 655)
Could not set up a meta connection to db1
Trying to re-establish outgoing connection in 20 seconds
Purging unreachable nodes
Trying to connect to db1 (10.130.39.180 port 655)
Connected to db1 (10.130.39.180 port 655)
Sending ID to db1 (10.130.39.180 port 655): 0 web3 17
Sending 10 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 10 bytes to db1 (10.130.39.180 port 655)
Got ID from db1 (10.130.39.180 port 655): 0 db1 17
Sending METAKEY to db1 (10.130.39.180 port 655): 1 429 672 0 0
AFCDF6958008BD1AB579526A1D7567EADD54EFECA85FB8F9A2F74917A8837D57867DF9DD4FF7B29CAE96C07E50FE8EFBA332FF86777212155558521FE97D4C5DD034AA3546CA73FB22654E4A62D03B68980CA0CC162B5FCD008CBF923C850F40C8A1ACCD56765519744CBF6D767754B2BF5B9216E511C4B78B2DA582847976F406E0A5B0FD764290D11F4D3CEB865DDDE2F379AB8FF37171D8B237CC321C0D5C5F995B2C3B7BF1E3D8846463325A697722C99DB34AD537302D7B6E9F7D0EC37EC0165A726596E83A46731ABAEA18F9A25D72B5D5182B7369BBA904729E2AAE1511FDC0EA2A94CF7738C2FF1A070516681B81E010F0BE546DAFC7C4F218D6D5B5E068B06E67CAD023EFD7AE801FAC7826B4882561B5685114738A4876AD4AD330D452B78188F32D5FFE53621DA70B79CD5822C7BF4BAA87C6E88E05293E1A4DDE6ACB955494C247C34CDB7F875852AFD5DD85BBFD0A48F6A54ED4E863D2297D834B280BE1BD19B3305C50633EB3E2B058CCDF23F17D19C0FCCB882246763DE6A7E77BEE9AF62B0D23CC9E5BC95B5535F6286F4FEBD2FE2F6F88AD647F3BFE5BE45FAEB440FE4B2DA0D5C3CC22D0EFF68CD9AD492844EE67A927F57A5E5284BE2AE2387F5A2E78D3C25A63E0EC3CD064AC2DA6894E657B31CA6F1EFCD0FF41CEFAB1030D0C85A801608A036165659B327AB33003AE7F89DE7DEED2ACC45DDD4293
Sending 1039 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 1039 bytes to db1 (10.130.39.180 port 655)
Connection closed by db1 (10.130.39.180 port 655)
Closing connection with db1 (10.130.39.180 port 655)
Could not set up a meta connection to db1
Trying to re-establish outgoing connection in 25 seconds
Purging unreachable nodes
Trying to connect to db1 (10.130.39.180 port 655)
Connected to db1 (10.130.39.180 port 655)
Sending ID to db1 (10.130.39.180 port 655): 0 web3 17
Sending 10 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 10 bytes to db1 (10.130.39.180 port 655)
Got ID from db1 (10.130.39.180 port 655): 0 db1 17
Sending METAKEY to db1 (10.130.39.180 port 655): 1 429 672 0 0
C4CF012BD6F40D3646144E138D1D7EB274CFB44A3EBE5691FA8817AC056638D6FE7CC31AED57263F11A75A419B5285BCD89A0FA7D3FD4C9BFF74A46615DB64695F9A67FF9A8424B0703CEBA94B9671F0E5DFB5AEE41FE73E9104A573417F99025AAA61F5A1B02F0EE51A8A9EE7B21FEACBF94D631A6033E665972301821EFFE175B114D439B0498D8B400C8FD6141D690BC75DFA94E2DEE6B4AB109C67125616E9FCEEC2AD8156D37321460BB9F5BA29FDAA3446DA37F56516259B42E0F660E9F1186CEC47EE88BD2128F12701C658D93D6A329EC171DE249DE5DDBFF40625A9AC8473B3E187A8EE642CA8A8FF820E1F0704243147A3093EE4D88F374FD864C2E738ECC2DAEA80884573B8BD6C24FF882C3E524F2B459FC4442D072A5E302CCEDF66AA6C5727DF65D8813E3F872DAD70CCFB735B3A0A322D51EACE24C674DCA3B63ABC4F97EB30A1A6988C1D2BF8CB935A64E1E5CD677178C160DF87AF5794F5C003BCFD035D5721BB6CD61A9174018D5FA616DB378301193AF88B5D80E914141D19B6583F36816419917BEA9896A03E7D9FA47D469225170E9D2A4045D46C24658AC341EA9A08DA7A29A4EC22CE3E74D127FE25F0655CC6881F94CB96E9B2C769A6532263E9BAE6EA5C404CE4B1F93755C29DFF7F6CED1187F89C892BC694A0A23E697FC5B8D78568FD8DE081DFF529596B755E7D9A0C674D0959D2D8789D74
Sending 1039 bytes of metadata to db1 (10.130.39.180 port 655)
Flushing 1039 bytes to db1 (10.130.39.180 port 655)
Connection closed by db1 (10.130.39.180 port 655)
Closing connection with db1 (10.130.39.180 port 655)
Could not set up a meta connection to db1
Trying to re-establish outgoing connection in 30 seconds
Purging unreachable nodes






regards

Robert




>>> Guus Sliepen <guus at tinc-vpn.org> 12-Jun-18 10:10 PM
>>>

On Tue, Jun 12, 2018 at 05:11:44PM +0700, Robert Horgan wrote:



> Trying to connect to db1 (10.130.39.180 port 655)
> Timeout from db1 (10.130.39.180 port 655) during authentication
> Could not set up a meta connection to db1



That means it tried to connect to db1 but either the TCP connection

itself did not work out, or there was indeed a timeout during

authentication. However, the "timeout during authentication" will also

appear if the initial TCP connection timed out.



> db1 firewall is OK (existing tinc traffic connecting and PF rule for this
server in place) and I wonder whether the message



Are you sure? What happens if you manually telnet/socket 10.130.39.180

655 from web3?




-- 

Met vriendelijke groet / with kind regards,

Guus Sliepen <guus at tinc-vpn.org>
_______________________________________________
 tinc mailing list
tinc at tinc-vpn.org
https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://www.tinc-vpn.org/pipermail/tinc/attachments/20180614/105e1403/attachment-0001.html>