Tinc team: I'm creating a vpn for my work laptop and vps and got trapped, here are my config files: on laptop: *tinc.conf Name = envy13 Device = /dev/net/tun ConnectTo = main *hosts/main Address = <my vps ext ip address> Port = 655 Subnet = 10.0.0.1/32 *hosts/envy13 Port = 655 Subnet = 10.0.0.2/32 *tinc-up #!/bin/sh ip link set myvpn up ip addr add 10.0.0.2/32 dev myvpn ip route add 10.0.0.0/24 via 10.0.0.2 *tinc-down #!/bin/sh ip route del 10.0.0.0/24 via 10.0.0.2 ip addr del 10.0.0.2/32 dev myvpn ip link set myvpn down on vps: *tinc.conf Name = main Device = /dev/net/tun *hosts/main, *hosts/envy13 same as on laptop *tinc-up #!/bin/sh ip link set myvpn up ip addr add 10.0.0.1/32 dev myvpn ip route add 10.0.0.0/24 via 10.0.0.1 *tinc-down #!/bin/sh ip route del 10.0.0.0/24 via 10.0.0.1 ip addr del 10.0.0.1/32 dev myvpn ip link set myvpn down when I ping each other: on vps ping laptop: PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data. ^C --- 10.0.0.2 ping statistics --- 5 packets transmitted, 0 received, 100% packet loss, time 4031ms on laptop ping vps: PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.>From 10.0.0.1 icmp_seq=1 Destination Net Unknown >From 10.0.0.1 icmp_seq=2 Destination Net Unknown >From 10.0.0.1 icmp_seq=3 Destination Net Unknown >From 10.0.0.1 icmp_seq=4 Destination Net Unknown^C --- 10.0.0.1 ping statistics --- 4 packets transmitted, 0 received, +4 errors, 100% packet loss, time 52ms I have ufw allowed 655. What did i miss? ------------------------------------- On both nodes I installed 1.1pre17 (laptop from aur package, vps using make install), and when I use commands like "tinc stop","tinc dump nodes", it says "Could not open pid file /usr/local/var/run/tinc.pid: No such file or directory". Does this matter? or even the previous problem is somehow due to this? I'd appreciate your help. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20190506/d8cfe478/attachment.html>
On Mon, May 6, 2019 at 2:12 AM David Penn <px920906 at gmail.com> wrote:> On both nodes I installed 1.1pre17 (laptop from aur package, vps using make install), and when I use commands like "tinc stop","tinc dump nodes", it says "Could not open pid file /usr/local/var/run/tinc.pid: No such file or directory". > Does this matter? or even the previous problem is somehow due to this?Does the directory /usr/local/var/run/ exist? If not, mkdir it. I seem to remember that, during install, 1.1pre17 does not make all the directories it needs. -Parke
Hallo David, Am Mon, 6 May 2019 16:43:28 +0800 schrieb David Penn <px920906 at gmail.com>:> *tinc.conf > Name = envy13 > Device = /dev/net/tunI think, you do not need to specify "Device". (I never did)> ConnectTo = main > > *hosts/main > Address = <my vps ext ip address> > Port = 655 > Subnet = 10.0.0.1/32 > > *hosts/envy13 > Port = 655 > Subnet = 10.0.0.2/32 > > *tinc-up > #!/bin/sh > ip link set myvpn up > ip addr add 10.0.0.2/32 dev myvpn > ip route add 10.0.0.0/24 via 10.0.0.2I understand the above as "route the subnet through myself". This is not what you want, or? I guess, the following lines would be sufficient? ip link set myvpn up ip addr add 10.0.0.2/24 dev myvpn> I have ufw allowed 655. What did i miss?You can always verify the active connections by sending USR1: tincd -n myvpn --kill=USR1 Afterwards you can take a look at your daemon log (e.g. /var/log/daemon.log). There you will find the list of currently connected peers. Cheers, Lars
Hi Parke, Thanks for replying. I mkdir it, kill tinc and restart, nothing in config changed, and it works! I don't know what's behind but I should've try system "kill" rather than tinc's stop/restart stuff... Parke <parke.nexus at gmail.com> 于2019年5月7日周二 上午5:12写道:> On Mon, May 6, 2019 at 2:12 AM David Penn <px920906 at gmail.com> wrote: > > > On both nodes I installed 1.1pre17 (laptop from aur package, vps using > make install), and when I use commands like "tinc stop","tinc dump nodes", > it says "Could not open pid file /usr/local/var/run/tinc.pid: No such file > or directory". > > Does this matter? or even the previous problem is somehow due to this? > > Does the directory /usr/local/var/run/ exist? > > If not, mkdir it. > > I seem to remember that, during install, 1.1pre17 does not make all > the directories it needs. > > -Parke > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20190507/b4873e19/attachment.html>
Hi Lars, Thanks for replying. I tried your advise but finally it works after I killed and started tinc without changing anything. It would save me several hours if I'd try "pkill -9 tincd" first... Lars Kruse <lists at sumpfralle.de> 于2019年5月7日周二 上午8:11写道:> Hallo David, > > > Am Mon, 6 May 2019 16:43:28 +0800 > schrieb David Penn <px920906 at gmail.com>: > > > *tinc.conf > > Name = envy13 > > Device = /dev/net/tun > > I think, you do not need to specify "Device". > (I never did) > > > > ConnectTo = main > > > > *hosts/main > > Address = <my vps ext ip address> > > Port = 655 > > Subnet = 10.0.0.1/32 > > > > *hosts/envy13 > > Port = 655 > > Subnet = 10.0.0.2/32 > > > > *tinc-up > > #!/bin/sh > > ip link set myvpn up > > ip addr add 10.0.0.2/32 dev myvpn > > ip route add 10.0.0.0/24 via 10.0.0.2 > > I understand the above as "route the subnet through myself". > This is not what you want, or? > I guess, the following lines would be sufficient? > > ip link set myvpn up > ip addr add 10.0.0.2/24 dev myvpn > > > > I have ufw allowed 655. What did i miss? > > You can always verify the active connections by sending USR1: > > tincd -n myvpn --kill=USR1 > > Afterwards you can take a look at your daemon log (e.g. > /var/log/daemon.log). > There you will find the list of currently connected peers. > > Cheers, > Lars > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20190507/8a61a53f/attachment.html>