very high traffic without any load

Absolute Truth requiredtruth at gmail.com
Thu May 2 21:50:41 CEST 2019


You could always run a wireshark on the line and watch the traffic directly.

On Thu, May 2, 2019, 3:48 PM Christopher Klinge <Christ.Klinge at web.de>
wrote:

> I will test this ASAP, but can you elaborate as to why this would happen?
> If there is no payload traffic in the VPN, there should be no reason to
> query for IP addresses. And if tinc switches do query for addresses without
> cause, why would they query for each possible address individually? When an
> entire subnet is assigned to one node, shouldn't that suffice? Even if two
> nodes had the same subnet assigned to them, a switch should simply
> multicast to both peers to find the target of a connection. Am I missing
> something important?
>
> *Gesendet:* Donnerstag, 02. Mai 2019 um 20:38 Uhr
> *Von:* "Absolute Truth" <requiredtruth at gmail.com>
> *An:* tinc at tinc-vpn.org
> *Betreff:* Re: Re: very high traffic without any load
> I suspect your /64.. try giving a single address to two seperate machine
> so one single addresses for each. /32 . Then check your traffic. Tinc is a
> mesh network. If you give it millions of addresses. Then its probably
> checking each one.
>
> On Thu, May 2, 2019, 2:06 PM Christopher Klinge <Christ.Klinge at web.de>
> wrote:
>
>> Good evening,
>>
>> all of my servers where set up fresh with no other applications running
>> besides tinc and my ssh sessions. I just double checked and those are the
>> two only processes on my machines that have active sockets. Additionally,
>> the SSH sessions do not go through the VPN, but are set up directly to the
>> machines. Does tinc provide a way for differentiating between between meta
>> and payload traffic?
>>
>> Kind regards and thanks for your time,
>> Christopher
>>
>> *Gesendet:* Mittwoch, 01. Mai 2019 um 23:29 Uhr
>> *Von:* "Lars Kruse" <lists at sumpfralle.de>
>> *An:* tinc at tinc-vpn.org
>> *Betreff:* Re: very high traffic without any load
>> Hello Christopher,
>>
>>
>> Am Wed, 1 May 2019 12:37:33 +0200
>> schrieb "Christopher Klinge" <Christ.Klinge at web.de>:
>>
>> > There is however a large amount of management traffic which I assume
>> should
>> > not be the case.
>>
>> indeed - I never noticed an unreasonable amount of tinc management traffic
>> with any of my setups.
>>
>> How exactly did you verify, that tinc meta traffic is really the culprit?
>> Did you compare the traffic over your uplink interface with the traffic
>> over the tinc interface?
>> Maybe there is just a huge amount of payload traffic exchanged between the
>> nodes over the tinc VPN?
>> Since you are using "switch" mode, this could even be broadcast traffic.
>>
>> Cheers,
>> Lars
>> _______________________________________________
>> tinc mailing list
>> tinc at tinc-vpn.org
>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>> _______________________________________________
>> tinc mailing list
>> tinc at tinc-vpn.org
>> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>
> _______________________________________________ tinc mailing list
> tinc at tinc-vpn.org https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20190502/206a29cb/attachment-0001.html>


More information about the tinc mailing list