ifconfig hw ether and -arp
Robie Basak
robie at principle.co.uk
Fri Aug 22 17:17:16 CEST 2003
I'm on tinc version 1.0pre7, you can stop reading if that's where the
issue is.
On Fri, 2003-08-22 at 15:49, Guus Sliepen wrote:
> It could be because of a firewall.
I've just retested everything; with the firewall rules emptied (and
default policies set to ACCEPT), it still gives me that behaviour if I
remove the hwaddr/-arp line.
> With tinc 1.0 and later, you don't need that first ifconfig line
> anymore. For the reason why you should've used it with older versions,
> see http://mail.nl.linux.org/tinc/2003-06/msg00027.html.
From that page:
---
The only drawback is that if you receive a packet from another tinc
daemon before sending something yourself, tinc doesn't yet know which
MAC address its own virtual interface has. So to be on the safe side,
you should either set the MAC address to fe:fd:0:0:0:0 anyway, or make
sure a packet is sent out (for example, by adding a ping command to
tinc-up).
---
This sounds similar to what was happening. I ran tcpdump on the vpn
interface, which reported incoming ICMP packets but no replies. Running
it on "any" interface said the same, so it looked like the kernel simply
wasn't replying. Routing seems correct, especially as it all starts
working when I ping back, so that's when I suspected arp and dug through
to find the hwaddr/-arp line.
> If it really doesn't work without that first ifconfig line, please tell
> me which version of tinc you are running and on which operating system.
# tincd --version
tinc version 1.0pre7 (built Apr 11 2002 09:29:16, protocol 14)
Is this too far back from the changes to version 1? That might well
explain the whole thing, in which case I'll upgrade (currently it's just
the Debian stable version).
# uname -a
Linux howard 2.4.18 #1 Wed Apr 17 16:09:55 BST 2002 i686 unknown
This isn't really on a Debian system though, just that I've pulled the
binaries from a running Debian system.
Robie.
--
Robie Basak <robie at principle.co.uk>
Northern Principle Limited
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20030822/ffeafa44/attachment.pgp
More information about the Tinc
mailing list