<div dir="ltr"><div>This usualy happens if for any reason tinc releases, or loses control of, the tun/tap interface it is trying to use.</div><div>this can be caused by many many things on debian, anything from openvpn (if openvpn tries to use the same tun interface and fails, it will actually uncreate it and recreate it to try to "fix" it)</div><div>to tinc being restarted and not cleaning up entirely before coming back up again.</div><div><br></div><div>One thing that can solve this issue, is to use the "
<code>tunctl -n -t</code>" command to permanently create the interface needed, tinc can easaly attach to an existing tun interface,</div><div>ex "
<code>tunctl -n -t</code> tun0"</div><div>note the above command makes a tun interface, in tun mode, i assume this is desired based on your log snippet, as tinc is attempting to use the interface in tun mode.</div><div><br></div><div>Another thing is any scripts you have that may be restarting tinc for any reason. adjust them to instead stop tinc, wait 10 seconds, and then start tinc.</div><div>when tinc comes down the tinc-down script is not the only one proccessed on debian systems. there are many hooks in both the networking AND tun/tap stack that come to life when tinc, or any vpn using tun/tap for that matter spins down, and time needs to be given to accommodate those scripts in the event one takes longer then expected.</div><div><br></div><div>If you have no scripts restarting tinc, I RECOMEND YOU MAKE ONE...</div><div><br></div><div>Tinc is great, but not perfect, and it ocasionaly needs to refresh itself. a simple bash script to stop, wait, start, set as a daily cronjob during times when a 10second drop of one node, staggered so each node does this at a slightly different time, can help things run a lot smoother.<br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Apr 11, 2019 at 5:11 PM Daniel Lo Nigro <<a href="mailto:lists@d.sb">lists@d.sb</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div>I just encountered a weird issue on my servers - Tinc was using a constant 10-50% CPU on several servers, and these servers were also receiving a constant ~3 Mb/s of data over the Tinc interface, which is usually otherwise pretty quiet.<br></div><div><br></div><div>Example: <a href="https://d.sb/2019/04/firefox_11-15.54.22.png" target="_blank">https://d.sb/2019/04/firefox_11-15.54.22.png</a></div><div>Grafana dashboard: <a href="https://dash.d.sb/dashboard/snapshot/6nWZqagpgxzxUrybDZkNbF6JSflLlKmO?orgId=1" target="_blank">https://dash.d.sb/dashboard/snapshot/6nWZqagpgxzxUrybDZkNbF6JSflLlKmO?orgId=1</a><br></div><div><br></div><div>This seems to have all been coming from one system, as I noticed that a single system was using ~18 Mb/s outbound: <a href="https://d.sb/2019/04/firefox_11-15.55.30.png" target="_blank">https://d.sb/2019/04/firefox_11-15.55.30.png</a>. As soon as I restarted Tinc on this server, all the traffic stopped.</div><div><br></div><div>The only relevant thing I see in the logs is a lot of these messages:</div><div><br></div><div>Apr 11 15:35:20 host tinc.vpn[6223]: Can't write to Linux tun/tap device (tun mode) /dev/net/tun: Input/output error<br>Apr 11 15:35:20 host tinc.vpn[6223]: Can't write to Linux tun/tap device (tun mode) /dev/net/tun: Input/output error<br>Apr 11 15:35:20 host tinc.vpn[6223]: Can't write to Linux tun/tap device (tun mode) /dev/net/tun: Input/output error<br>Apr 11 15:35:20 host tinc.vpn[6223]: Can't write to Linux tun/tap device (tun mode) /dev/net/tun: Input/output error<br>Apr 11 15:35:20 host tinc.vpn[6223]: Can't write to Linux tun/tap device (tun mode) /dev/net/tun: Input/output error<br>Apr 11 15:35:20 host tinc.vpn[6223]: Can't write to Linux tun/tap device (tun mode) /dev/net/tun: Input/output error<br>Apr 11 15:35:20 host tinc.vpn[6223]: Can't write to Linux tun/tap device (tun mode) /dev/net/tun: Input/output error<br>Apr 11 15:35:20 host tinc.vpn[6223]: Can't write to Linux tun/tap device (tun mode) /dev/net/tun: Input/output error<br>Apr 11 15:35:20 host tinc.vpn[6223]: Can't write to Linux tun/tap device (tun mode) /dev/net/tun: Input/output error<br>Apr 11 15:35:20 host tinc.vpn[6223]: Can't write to Linux tun/tap device (tun mode) /dev/net/tun: Input/output error<br><br></div><div>Any ideas what could cause this, or how to debug what Tinc was doing?<br></div><div><br></div><div>Most systems are Debian Testing with Tinc 1.0.35, and one is Windows Server 2016 with Tinc 1.0.35.<br></div><div><br></div><div><div></div></div></div></div></div></div></div></div>
_______________________________________________<br>
tinc mailing list<br>
<a href="mailto:tinc@tinc-vpn.org" target="_blank">tinc@tinc-vpn.org</a><br>
<a href="https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" rel="noreferrer" target="_blank">https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a><br>
</blockquote></div>