Strange tinc behavior on OSX Yosemite
Etienne Dechamps
etienne at edechamps.fr
Mon Apr 6 17:52:44 CEST 2015
On 6 April 2015 at 15:56, Vladimir "Equidamoid" Shapranov
<equidamoid at gmail.com> wrote:
> Looks like some issue in tuntaposx that prevents the interface from work
> until a packet is sent to it.
Nope. The issue is that tinc is currently not smart enough to directly
read the MAC address of the TAP device for BSD-style devices (of which
tuntaposx is one). Therefore you need to send at least one packet
through it so that tinc can discover the device's own MAC address
through the source address of the packet you just sent. If you don't,
then tinc doesn't know which MAC address to use as the destination in
Ethernet headers for incoming packets, and is therefore unable to
receive them.
Specifically, you're hitting this issue because you're using tinc in
router (IP) mode but with a TAP (Ethernet) device, which is a special
configuration in which tinc has to forge Ethernet headers. If you
switch to a TUN device, the problem will go away as TUN devices are L3
(IP) and therefore don't use Ethernet headers - the only downside is
that you probably won't be able to use broadcasts (on Linux at least -
maybe Mac OS X can send/receive broadcasts on L3 devices). If you use
"switch" mode instead, that works too, but then you will have to
reconfigure your entire network.
tinc on Linux had the same issue until
https://github.com/gsliepen/tinc/commit/790b107f668a886c3b335e68b9440ef5152a2844
- however I did not write a fix for BSD devices, since I'm not sure
how to get the MAC address for these. I'm not even sure there's an
easy way to do that - tuntaposx doesn't seem to provide one.
If using TUN or "switch" mode is not possible for you, here's a
workaround: add some command to your tinc-up script that simply sends
one packet (e.g. ping) - it doesn't matter if the other side doesn't
respond - so that tinc can quickly learn the address.
More information about the tinc-devel
mailing list