using multiple physical interfaces

Brian Prodoehl bprodoehl at gmail.com
Wed Aug 10 15:30:29 CEST 2011


On Wed, Aug 10, 2011 at 9:27 AM, Brian Prodoehl <bprodoehl at gmail.com> wrote:
> On Wed, Aug 10, 2011 at 8:20 AM, Guus Sliepen <guus at tinc-vpn.org> wrote:
>> On Tue, Aug 09, 2011 at 12:46:34AM -0400, Brian Prodoehl wrote:
>>
>>> What is the suggested way of configuring tinc 1.1pre2 for multiple
>>> physical interfaces between the nodes?  In my configuration, each node
>>> has a few IPv4 addresses (a base address for the node, and an address
>>> for each physical interface).  Route to the other node's base address
>>> can jump around from one physical interface to another at runtime.
>>> I've just been using the node's base address in the Address field of
>>> the host file.  With the TCP transport, there doesn't appear to be a
>>> problem with this, but with the UDP transport, the source address of
>>> the packets are that of the outgoing interface, which doesn't match
>>> the Address field of any node, so the packets get dropped.  Hopefully
>>> what I described makes sense.
>>
>> The source address of the packets do not have to match that of an Address
>> statement. And since 1.0.10 the source address of UDP packets does not have to
>> match that of the TCP connection either. However, if there is some NAT device
>> between your nodes, you may be out of luck, I do not know how well they will
>> handle your situation.
>>
>> It would be helpful to let tinc log at debug level 5 on two nodes, and send me
>> the log messages from around the time the route changes (a minute before and
>> five minutes after the change). That should help me investigate the issue.
>
> Good to know that it should work.  There is no NAT, just direct
> connections between the nodes.  I'll capture debug output and post it
> as soon as I get a chance to.  I believe the debug message I was
> getting was coming out of this code:
>
>        n = lookup_node_udp(&from);
>
>        if(!n) {
>                n = try_harder(&from, &pkt);
>                if(n)
>                        update_node_udp(n, &from);
>                else ifdebug(PROTOCOL) {
>                        hostname = sockaddr2hostname(&from);
>                        logger(LOG_WARNING, "Received UDP packet from unknown source %s", hostname);
>                        free(hostname);
>                        return;
>                }
>                else
>                        return;
>        }
>
> Would it matter if PMTU discovery is disabled?

That code is in net_packet.c, starting at line 623.


More information about the tinc mailing list