Strange Traffic Problem
shikkc
shikkc at kirktis.net
Sun Apr 26 17:11:27 CEST 2015
On 2015-04-24 22:02, Guus Sliepen wrote:
> On Fri, Apr 24, 2015 at 03:08:54AM +0800, shikkc wrote:
>
>> There is a single box on our tinc mesh which can be pinged from all hosts,
>> but cannot ping any.
> [...]
>> TCPdump on other machines shows no incoming traffic from this box, but
>> TCPdump on this box shows traffic 'exiting' via the tinc tun device. Having
>> tried everything I could conceive of, for some reason I decided to start
>> mucking with packet sizes. pinging with a data size of 26 bytes (total size
>> 34) works perfectly. Any larger size fails.
>
> Have you tried much larger packet sizes, like 1400? It could be that
> this node's ISP blocks UDP packets with sizes that are commonly used by
> VoIP. Tinc only checks if large UDP packets can be sent, and if so it
> will not detect it when small packets get dropped.
Yes, I have tried this, all larger packet sizes are dropped, including
jumbos.
>
> You can also try adding the following to the problematic node's
> tinc.conf:
>
> TCPOnly = yes
>
Yes, I've tried this already and removed it because it did not help at all. I
should have included that doing an 'info' on the node shows that it is
reachable directly via TCP, so it seems to be doing this regardless of having
the flag or not.
Some more testing reveals even odder behavior - when the router is set to use
tinc as it's 'default gateway', Traffic is sent from it to the central node,
and the central node and also farther servers reply. However, the problematic
node never sees these replies. If you'd like example tinc pcap-format dumps I
can provide those though for obvious reasons I don't want to send them to the
entire list.
--
-shikkc
More information about the tinc
mailing list