Can't Route LAN Traffic Behind Tinc Network

Keith keith at rhizomatica.org
Thu Oct 6 14:34:52 CEST 2016


On 05/10/2016 16:13, Kismet Agbasi wrote:
> I have a 4 Node Tinc VPN setup with 2 nodes on my LAN and the other 2
> outside the LAN in the cloud.  Everything has been working great for about 5
> years now, until today when I decided to move one of the nodes to another
> box. 
Hi Kismet, Just thought I'd jump in here as I do a lot of this kind of
thing, and in case you haven't got a solution yet, I'd like to verify a
couple of simple things before you go down any of the wrong
rabbit-holes. :)

>  I basically, copied over the /etc/tinc folder to the new server and
> also moved the /etc/network/interfaces file, so that the new server was an
> exact mirror (more or less).

Fine, but yes, there are a number of things missing to qualify for exact
mirror.

>  
>
> But I think I may have forgotten something because while all my nodes can
> ping each other using the VPN IPs (i.e., 10.9.0.x), I can't seem to ping my
> LAN (i.e., 172.23.6.x) from any of the external nodes.
> At this point I'm unsure of which information to provide in order to elicit
> some assistance, 

The two other keys pieces of information that were missing about your
new server are the firewall rules and kernel forwarding.

Did you remember to activate kernel ip forwarding?
i.e. echo 1 > /proc/sys/net/ipv4/ip_forward ?

Now, I note that in a later post you have said:
>  I was able to confirm that the packets are indeed reaching the INSIDE node 
and when I saw that I was about to cancel my reply, but.. maybe I can
get you to confirm what you mean by INSIDE node?
Do you mean the node on the LAN that runs tinc, or a node that does not
run tinc?

k/







More information about the tinc mailing list