tinc connections fallout
Bart Friederichs
plant at chello.nl
Fri Feb 16 10:11:36 CET 2001
> Hmm... strange that the connection between 2.2.16 and 2.2.18 hosts does
> work... Maybe there is something wrong with firewall rules? Device settings?
They are all the same, so it doesn't looks like thats the problem
I restarted the tincd between the 2.2.16 hosts, and nothing happened first.
After a while I got this at the listening tincd:
Feb 16 10:04:31 ophar dhcpd: fallback_discard: Connection refused
Feb 16 10:05:53 ophar tinc.pirnet[21675]: 212.187.121.188 port 655: Connection timed out
Feb 16 10:05:53 ophar tinc.pirnet[21675]: Could not set up a meta connection to 212.187.121.188
Feb 16 10:05:54 ophar tinc.pirnet[21675]: Bogus data received from unknown (212.187.121.188)
Feb 16 10:05:54 ophar last message repeated 2 times
Feb 16 10:06:08 ophar tinc.pirnet[21675]: Writing packet of 74 bytes to tap device
Feb 16 10:06:11 ophar tinc.pirnet[21675]: Sending packet of 76 bytes to athos_pir (212.187.121.188)
Feb 16 10:06:11 ophar tinc.pirnet[21675]: Writing packet of 66 bytes to tap device
Feb 16 10:06:11 ophar tinc.pirnet[21675]: Sending packet of 117 bytes to athos_pir (212.187.121.188)
[... this continues even when there is no network activity ... ]
So, it times out, received Bogus data and after that, the link works. There are
more strange things happening, when the link between Ophar and Vloch falls out,
netstat tells me the Ophar -> Athos link is still there, but I can't send any
data to it. Seems like all Ophar -> Athos data is routed over Vloch (Ophar,
Athos and Vloch are the three hosts that are connected to eachother, as you
might already guessed ;))
Is it possible that the circular way in which the VPN is set up (ophar connects
to athos, athos connects to vloch and vloch connects to ophar) might cause
this? Also, there is one tincd running that both listens and connects, over one
tap device.
> Only if your network is really slow should you be meddling with PingTimeouts,
> but do try.
Is 15kByte slow? Both ophar and athos are on chello.nl links, which have 15kB
max. upstream.
>
> > PS
> > Do all errors from the syslog (see previous mails) seem to have to do something
> > with this one error? The bogus_data coming from 10.1.2.1 (this is the 2.2.18
> >> host) doesn't seem to have anything to do with it.
>
> Hmm... could you send me a copy of the syslog starting from the point where
> you are first starting the daemon? Preferrably when tincd was started with the
> -ddddd option (yes, 5 d's).
See above. Nothing happens when I kill the tincd and restart it. It just waits
some time and starts connecting.
Regards
Bart
-----------------------------------------------------------------------
The internet is a too slow way of doing things you'd never do without it.
Bart Friederichs, 1998
-------------------------------------------------------------------------
-
Tinc: Discussion list about the tinc VPN daemon
Archive: http://mail.nl.linux.org/lists/
Tinc site: http://ftp.nl.linux.org/pub/linux/tinc/
More information about the Tinc
mailing list