<div dir="ltr"><br><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span class="">
</span>The goal is to create a working setup as easily as possible.<span class=""><br></span></blockquote><div> </div><div>This is going fairly well with 1.1 ;-) thank you. <br><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span class="">
> - if people are able to read it, you can just as well leave it to a warning<br>
> and suggest running again with a --autoport flag to enable automatic port<br>
> generation<br>
<br>
</span>I'm sure I will get some emails from people complaining that if tinc<br>
complains that you should rerun it with --autoport, why doesn't it do it<br>
itself the first time?<br></blockquote><br></div><div class="gmail_quote">Yeah, true.. <br></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<span class=""><br>
> - if you cannot read it (e.g. you use configuration management tools to<br>
> setup tinc and distribute keys), you're in trouble. it will silently do<br>
> things different from what you want.<br>
<br>
</span>That's true. I could make it skip the automatic port selection step if<br>
it's not running in an interactive TTY.<br></blockquote><div><br>Yes, that would be an improvement IMO. I must say that <i>I</i> do not really like such differences in behavior much, though. I would personally opt for making the choice interactive, then ("do you want to (F)orce the generation of port=655 or (R)andomly pick another available port? F/R: "). Then it is still super easy to use and very obvious that this qbehavior will not work in non-interactive scripts. But this is a bit subjective, now I may be conceived as pedantic :-) <br> <br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<span class=""><br>
> - it is too clever to be expected. You might not have tested this scenario,<br>
> especially since it will work as expected if you run the configuration an<br>
> even number of times (!)<br>
<br>
</span>I don't understand this? (..)<br></blockquote><div><br></div><div>I'll clarify this below. <br> <br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<span class=""><br>
> You can prevent this by calling "tinc -n mynet set Port 655" explicitly of<br>
> course. But then you must first run into this issue to note it.<br>
<br>
</span>Can you tell me more about how you are generating tinc configuration?<br>
Because normally I would expect that if port 655 is taken when you run<br>
"tinc init", you really don't want the new tinc network to try to run on<br>
port 655 as well. So I assume it is an issue if you are on one computer,<br>
and trying to generate a configuration for another computer, instead of<br>
running "tinc init" directly on that other computer. It would of course<br>
be nice if tinc could deduce the intended behavior automatically.<br></blockquote><div><br></div><div>What I do is generate a tinc config with ansible. If I have to generate a new one, I delete the configuration directory and run the ansible script again. I do not kill tincd. So when ansible then runs the tinc1.1 configuration commands, the configuration process is so clever to note the port is not available and generates a new port. Then ansible restarts tincd. Then tincd is on the random port. If I then again run ansible, this time it succeeds binding to 655, as it became free when ansible restarted tinc. Hence it will work if you run it a even number of times. <br><br></div><div>You can of course stop tinc before running ansible, but the point is simply that nobody expects a running tincd to influence the behavior of the configuration generating tinc. <br><br></div><div>I'm not sure if other people feel the same way, but I think it is a problem and that would be solved by making the clever feature only work by default if it is an interactive tty. <br><br></div><div>Cheers<br>Eric<br></div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<span class=""><font color="#888888"><br>
--<br>
Met vriendelijke groet / with kind regards,<br>
Guus Sliepen <<a href="mailto:guus@tinc-vpn.org">guus@tinc-vpn.org</a>><br>
</font></span><br>_______________________________________________<br>
tinc mailing list<br>
<a href="mailto:tinc@tinc-vpn.org">tinc@tinc-vpn.org</a><br>
<a href="http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" target="_blank">http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a><br>
<br></blockquote></div><br></div></div>