From: Guus Sliepen Date: Tue, 25 Sep 2012 13:35:16 +0000 (+0200) Subject: Update FAQ, Platforms, add a Contribute page. X-Git-Url: https://tinc-vpn.org/git/browse?a=commitdiff_plain;h=bd0e2a61687a09aea5464ebe00dbee3ca7d3ddc0;p=wiki Update FAQ, Platforms, add a Contribute page. --- diff --git a/contribute.mdwn b/contribute.mdwn new file mode 100644 index 0000000..cd139df --- /dev/null +++ b/contribute.mdwn @@ -0,0 +1,46 @@ +## Contribute to tinc + +Have you used tinc? Do you like it? Is there something missing? There are +various ways you can help to make tinc even better: + +* **Report bugs.** + Don't hesitate to [[send|contact]] in a bug report. + If we don't know about a bug, we cannot fix it. + It is also fine to report a bug that has already been reported, + that way we can determine how many people are affected by it. + +* **Improve and/or translate the documentation.** + Is there anything missing in the documentation? + Do you think some parts are hard to understand and could be written better? + Feel free to send improvements for the documentation. + The documentation comes in several forms: + * Manpages, these are reference manuals for the binaries and configuration files. + * The [[docs|manual]], which contains also contains introductions and explainations about how tinc works and how you can set it up. + * The [[examples]] on the wiki, which describe how to set up tinc in various scenatios. + +* **Test development versions of tinc.** + Tinc is continuously being improved. + There are two branches of development; the stable branch (version 1.0.x), and the 1.1 branch. + The code for these versions can be found in the [[repository]]. + +* **Port and maintain tinc on your favorite OS/device.** + There are many software and hardware [[platforms]] that tinc will run on. + However, the main developers cannot test tinc on all of them. + We can use people who test new versions of tinc on their favorite operating system, distribution or hardware device, + and report or fix any problems they encounter. + Furthermore, if your OS distribution does not come with a native package for tinc, + you are welcome to create and maintain such a package. + In particular, we are looking for maintainers for: + * Windows + * OpenBSD + * Apple iOS + +* **Help writing code.** + If you know C and would like to help improve tinc, [[let us know|contact]]. + There will always be something to work on. + +* **Donate.** + Monetary contributions are also welcome. + Use the Paypal link in the sidebar to donate. + Your contribution will be used to cover the costs of the domain names, + backup infrastructure, and possibly to buy hardware to port tinc to. diff --git a/faq.mdwn b/faq.mdwn index 3c415dd..17b7143 100644 --- a/faq.mdwn +++ b/faq.mdwn @@ -6,38 +6,44 @@ If you have a common problem or question, you will probably be able to find an a ##Error messages -### Tinc doesn't start, but doesn't show an error message +### Bogus data received -If you're are using tinc 1.0.2, chances are tinc cannot write the pidfile. Normally tinc would tell you this, but in this particular version that error message is missing. When starting tinc, add --pidfile=/tmp/tinc.pid or run mkdir -p /usr/local/var/run to solve this problem. + Jan 1 12:00:00 host tinc.net[1234]: Bogus data received from node (192.0.43.10) -This bug is fixed in 1.0.3. +Tinc tries to connect to another node but reports that bogus data has been received. +This problem is almost always caused by a problem with the RSA keys from one of the nodes. +Check that there is only one key in each rsa_key.priv and in each host config file. +Also make sure that the host config files with the same name contain the same key on both nodes. +When in doubt, remove the rsa_key.priv files, remove the public keys from the host config files, generate new keys and distribute them again. -### File descriptor in bad state - - Jan 1 12:00:00 host tinc.net[1234]: Error while reading from ethertap device: File descriptor in bad state +### Cannot ping the other node(s) -Due to some changes in the header files in recent Linux 2.4 kernels, a tinc daemon that is not recompiled against your kernel headers will fail to work. You must recompile tinc and make sure it uses the header files from the kernel source tree. Some distributions ship with their own copy of these files in /usr/include/linux, you can explicitly override this by running ./configure --with-kernel=[path to kernel source]. + PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data. + From 192.168.1.1 icmp_seq=1 Destination Net Unknown -### Tinc stops functioning after a few hours +Or when logging with debug level 5: -There is a small bug in the tinc 1.0pre4 tarball which prevents tinc from notifying the other daemons that its key has expired. One workaround is to edit tinc.conf and add KeyExpire = 30000000, which will set the lifetime of a key to roughly one year. + Jan 1 12:00:00 host tinc.net[1234]: Cannot route packet from node (MYSELF): unknown IPv4 destination address 192.168.1.1 -The bug is fixed in 1.0pre5 and later versions. +When trying to ping another node, it can happen that there is no response. +First, check that the other node is really online, and that tinc has made a connection with it. +When running tinc in router mode (which is the default), +check that the node you are trying to reach has a Subnet statement in its host config file that contains the IP address you are trying to reach. -### Packets looping back to us - Jan 1 12:00:00 host tinc.net[1234]: Packet with destination 192.168.1.1 is looping back to us! +### File descriptor in bad state -A packet is received from the tapdevice, and tinc tries to send it to the right destination, but finds out that this packet should be send to itself. Chances are that a "Subnet = ..." line in the host configuration file of this tinc daemon is wrong. Change it to a subnet that is accepted locally by another interface, or if that is not the case, try changing the prefix length into /32. + Jan 1 12:00:00 host tinc.net[1234]: Error while reading from ethertap device: File descriptor in bad state -### Address family not supported by protocol +There is a problem reading packet from the virtual network device. +Check that the tun module is loaded, and that tinc tries to open the right device file. +If you have added Device and/or Interface statements to tinc.conf, try removing them, tinc's defaults usually work fine. - Jan 1 12:00:00 host tinc.net[1234]: Creating metasocket failed: Address family not supported by protocol - Jan 1 12:00:00 host tinc.net[1234]: Ready +### Packets looping back to us -This is not an error, but a warning. Tinc 1.0 and later try to create IPv6 sockets by default. If your kernel has no support for IPv6, this message is logged. However, if tinc logs "Ready", an IPv4 socket was created without problems, and that one will be used. You can ignore this message, or prevent it from appearing in your logs by adding the following to tinc.conf: + Jan 1 12:00:00 host tinc.net[1234]: Packet with destination 192.168.1.1 is looping back to us! - AddressFamily = ipv4 +A packet is received from the tapdevice, and tinc tries to send it to the right destination, but finds out that this packet should be send to itself. Chances are that a "Subnet = ..." line in the host configuration file of this tinc daemon is wrong. Change it to a subnet that is accepted locally by another interface, or if that is not the case, try changing the prefix length into /32. ## Platform specific questions @@ -50,10 +56,13 @@ Try assigning a static ip address, while tinc is running: If you are still having trouble, check that you have the tun/tap devices installed and configured for your kernel. +### Is there an app for tinc? -### No TAP-Win32 interface under Windows XP SP2 - -Because of changes in Windows XP since SP2, the TAP-Win32 driver distributed with the tinc-1.0.2 installer doesn't work correctly. Remove all tap devices (use deltapall.bat) and install tinc 1.0.4. +Tinc itself supports many platforms. +Code was merged in version 1.0.10 that in principle allows tinc to run on iPhone and iPod devices. +However, as far as we know, no one has created an iOS app for tinc. +The latest version in the git [[repository]] allows tinc to be compiled for Android. +There is an unofficial Android app for tinc that can be found on [Google Play](https://play.google.com/store/apps/details?id=org.poirsouille.tinc_gui). ## Generic questions @@ -72,10 +81,4 @@ Here's what we think of that: Other reasons to use tinc instead of other solutions: * Although tinc uses a non-standard protocol, it does not suffer from the inefficiencies of most of the standard protocols. -* The executable is very small, less than 100 kilobytes, the virtual memory footprint is about 4 megabytes (this includes the libraries it uses). - -### Is there a MS Windows client for tinc? - -> Question: We are about to use a Linux machine as a firewall to protect our office setup. We are interested in using tinc to allow us to VPN through the firewall from home however home machines have a tendency to be running "that" operating system, the one from Redmond. Is there a tinc compatible VPN client for machines running Microsoft operating systems? - -As of tinc 1.0, Windows 2000 and XP are supported. It uses the TAP-Win32 driver as a virtual network device. There are two ways of compiling tinc: in a Cygwin environment or in a MinGW environment. The former provides a complete UNIX environment with all facilities common to UNIX. When compiled with Cygwin, tinc must be run in the Cygwin environment, but native Windows programs will also be able to use the VPN. When compiled with MinGW, tinc will be a native Windows program. When started, it will register itself as a service, which will run in the background and will be restarted after reboots. +* The executable is very small, less than 150 kilobytes, the real memory usage is usually about 2 megabytes. diff --git a/platforms.mdwn b/platforms.mdwn index 624e432..ba13942 100644 --- a/platforms.mdwn +++ b/platforms.mdwn @@ -24,6 +24,7 @@ in which stage we are in the table. | OS | Architecture | Compiles | Runs | Really works | Remarks | | -- | ------------ | -------- | ---- | ------------ | ------- | | iPhone, iPod touch | arm | yes | yes | yes | Experimental support for these devices is in the [[repository]]. | +| Android | arm | yes | yes | yes | Support for these devices is in the [[repository]]. An unofficial installer and GUI for Android is on [Google Play](https://play.google.com/store/apps/details?id=org.poirsouille.tinc_gui) | On other platform tinc will likely not compile at all. If you do want to report a successful compile or if you have succeeded in diff --git a/sidebar.mdwn b/sidebar.mdwn index bd1dcf9..de94f82 100644 --- a/sidebar.mdwn +++ b/sidebar.mdwn @@ -6,6 +6,7 @@

- [[Activities]] - [[Contact]] +- [[Contribute]] - [[Documentation|docs]] - [[Download]] - [[Examples]] @@ -13,9 +14,9 @@ - [[Goals]] - [[Mailing lists|mail]] - [[News]] +- [[Repository]] - [[Search]] - [[Security issues|security]] -- [[Repository]] - [[Supported platforms|platforms]] - [[VPN links|vpnlinks]]