Configuration working with 2 hosts but not with 3
Marius Fröhlich
marius at froehlich.pro
Sat Sep 30 15:29:41 CEST 2017
Hi there,
I would need some help with my configuration. I have tried a long time,
but did not find my error. Thus I would really appreciate your help.
There are three hosts:
1. h181
2. h182: Should ConnectTo h181
3. h183: Should ConnectTo h181
*Files under /etc/tinc/vpn0/hosts*
[h181:]
Address = 94.130.108.xxx
Subnet = 172.16.1.1/32
-----BEGIN RSA PUBLIC KEY-----
***
-----END RSA PUBLIC KEY-----
[h182:]
Subnet = 172.16.1.2/32
-----BEGIN RSA PUBLIC KEY-----
***
-----END RSA PUBLIC KEY-----
[h183:]
Subnet = 172.16.1.3/32
-----BEGIN RSA PUBLIC KEY-----
***
-----END RSA PUBLIC KEY-----
*tinc.conf files:*
[tinc.conf h181:]
Name = h181
Device = /dev/net/tun
BindToAddress = 0.0.0.0
AddressFamily = ipv4
[tinc.conf h182:]
Name = h182
Device = /dev/net/tun
ConnectTo = h181
BindToAddress = 0.0.0.0
AddressFamily = ipv4
[tinc.conf h183:]
Name = h183
Device = /dev/net/tun
ConnectTo = h181
BindToAddress = 0.0.0.0
AddressFamily = ipv4
*tinc-up Files:*
[tinc-up h181:]
#!/bin/sh
#
# Must use IP 172.16.1.1
#
/sbin/ifconfig $INTERFACE 172.16.1.1 netmask 255.255.255.0
[tinc-up h182:]
#!/bin/sh
#
# Must use IP 172.16.1.2
#
/sbin/ifconfig $INTERFACE 172.16.1.2 netmask 255.255.255.0
[tinc-up h182:]
#!/bin/sh
#
# Must use IP 172.16.1.3
#
/sbin/ifconfig $INTERFACE 172.16.1.3 netmask 255.255.255.0
The occuring errors are:
* Ping from h182 (172.16.1.2) and h183 (172.16.1.3) to h181
(172.16.1.1) is not possible
* Ping from h181 to h182 and h183 and between h182 and h183 are
possible, but extremely slow (some about 1000ms; ping to public IP
is about 10ms)
When I start tinc with tincd -n netname -d5 -D everything seems normal,
many PINGs and PONGs are displayed.
In route -n it is displayed on all hosts:
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 vpn0
When stopping tincd on h182 or h183 pings between the two remaining
hosts are possible and fast.
I am using tinc 1.0.24-2.1 (Debian).
Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20170930/26017f61/attachment.html>
More information about the tinc
mailing list