routing trouble (was: crashing on receiving connection)

Eduard Bloch edi at gmx.de
Fri Mar 9 11:37:40 CET 2001


#include <hallo.h>
Guus Sliepen wrote on Thu Mar 08, 2001 um 11:26:47PM:

> Think of it like this:
>      _____________________________________________________________
>     |                       Entire VPN                            |
>     |                     192.168.0.0/16                          |
>      ________________    ________________    _____.. .   . 
>     |     tincd A    |  |     tincd B    |  |
>     | 192.168.1.0/24 |  | 192.168.2.0/24 |  |

I still have problems to imagine your scheme working. What are
192.168.1/2.0/24 in your example? Local networks, which are connected
via tinc-tunnel?  Is the following correct:

  INTERNET............tinc-tunnel....INTERNET
/---|----------------------\     /-----|------------------\
| A |................      |    |  B   |...........       |
|router with        .      |    |router with      .       |
|inet uplink,      tincd   |    |inet uplink,    tincd    |
|= gateway for      .      |    |= gateway for    .       |
|local clients      .      |    |local clients    .       |
|                   .      |    |                 .       |
|eth0        | tap0        |    |eth0        | tap0       |
|netmask /24 | netmask /16 |    |netmask /24 | netmask /16
|192.168.1.1 | 192.168.1.0 |    |192.168.2.1 | 192.168.2.0
     |                                |
    LAN                              LAN
     |                                |
 192.168.1.2                      192.168.2.*
     |
 192.168.1.3
     |
    ...

I assume (looking at your picture) we have two local networks with,
192.168.1.0/24 and 192.168.2.0/24 with (let's say) 20 machines in each
network. Each network has a machine working as getway to connect to
internet, doing some services etc. For example: 192.168.1.1 and
192.168.2.1 are our routers. To connect the both networks transparently, we do now
setup ethertap devices with netmask /16, so packet for 192.168.X.X are
sent trough our tap-devices. (except 192.168.1.X on A and 192.168.2.X on B).

hosts/zomb (here b):
Subnet = 192.168.2.0/24
Address = 192.168.0.2

hosts/home (here a):
Subnet = 192.168.1.0/24
Address = 192.168.0.4

So I do on A:

ifconfig eth0:0 192.168.1.2 netmask 255.255.255.0 up # our testing device
ifconfig tap0 192.168.0.0 netmask 255.255.0.0 up
route add -net 192.168.0.0 dev tap0 netmask 255.255.0.0

eth0      Link encap:Ethernet  HWaddr 00:00:B4:43:A5:85
          inet addr:192.168.0.4  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:188735 errors:0 dropped:1016 overruns:0 frame:318
          TX packets:218995 errors:0 dropped:0 overruns:0 carrier:0
          collisions:80 txqueuelen:100
          Interrupt:10 Base address:0x300

eth0:0    Link encap:Ethernet  HWaddr 00:00:B4:43:A5:85
          inet addr:192.168.1.2  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:10 Base address:0x300

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:3924  Metric:1
          RX packets:286 errors:0 dropped:0 overruns:0 frame:0
          TX packets:286 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0

tap0      Link encap:Ethernet  HWaddr 00:FF:BE:4B:05:01
          inet addr:192.168.0.0  Bcast:192.168.1.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.0.0     0.0.0.0         255.255.0.0     U     0      0        0 tap0

On B:
ifconfig eth0:0 192.168.2.3
ifconfig vpn 192.168.0.0 netmask 255.255.0.0 up
(kernel 2.4 sets the route automaticaly)

eth0      Link encap:Ethernet  HWaddr 00:00:48:DB:AD:07
          inet addr:192.168.0.2  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5377 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5763 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:768660 (750.6 Kb)  TX bytes:395915 (386.6 Kb)
          Interrupt:11 Base address:0x8000

eth0:0    Link encap:Ethernet  HWaddr 00:00:48:DB:AD:07
          inet addr:192.168.2.3  Bcast:192.168.2.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:11 Base address:0x8000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16192  Metric:1
          RX packets:4930 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4930 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1536087 (1.4 Mb)  TX bytes:1536087 (1.4 Mb)

vpn       Link encap:Ethernet  HWaddr 00:FF:BA:D2:8F:0D
          inet addr:192.168.2.0  Bcast:192.168.2.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 b)  TX bytes:504 (504.0 b)

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.0.0     0.0.0.0         255.255.0.0     U     0      0        0 vpn
0.0.0.0         192.168.0.4     0.0.0.0         UG    0      0        0 eth0

So, IMHO this should work. But I get on A following while pinging 192.168.2.3:

Mar  9 11:36:02 isdn tinc.vpn[1572]: Read packet of length 40 from tap device
Mar  9 11:36:02 isdn tinc.vpn[1572]: Trying to look up 0.0.0.0 in connection list failed!
Mar  9 11:36:03 isdn tinc.vpn[1572]: Read packet of length 40 from tap device
Mar  9 11:36:03 isdn tinc.vpn[1572]: Trying to look up 0.0.0.0 in connection list failed!

Similar on B pinging 192.168.1.2:

Mar  9 11:36:38 localhost tinc.vpn[1804]: Read packet of length 46 from tap device
Mar  9 11:36:38 localhost tinc.vpn[1804]: Trying to look up 143.13.192.168 in connection list failed!
Mar  9 11:36:39 localhost tinc.vpn[1804]: Read packet of length 46 from tap device
Mar  9 11:36:39 localhost tinc.vpn[1804]: Trying to look up 143.13.192.168 in connection list failed!

And what is wrong here?

MfG,
Eduard.
-- 
====================================================================
Eduard Bloch <blade at debian.org>; HP: http://eduard.bloch.com/edecosi
0xEDF008C5(GnuPG): E6EB 98E2 B885 8FF0 6C04 5C1D E106 481E EDF0 08C5
**
Hi! I'm Norton Antivirus. Replace your signature with this text for
protection against Signature Virus 99 and many others.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20010309/29759dc8/attachment.pgp


More information about the Tinc mailing list