tinc 1.1 never seems to accept UDP packets from 1.0.24 hosts

Sven-Haegar Koch haegar at sdinet.de
Wed May 13 23:28:23 CEST 2015 

Hallo,

I have a couple of tinc hosts in the same network, some using the latest 
tinc 1.1 git and some using 1.0.24.

It seems like traffic between 1.1 and 1.0 nodes is always transfered 
using TCP (and an intermediate node, if not directly connected), never 
with UDP.


Viewed from host W (tinc 1.1):

(All after successfully pinging an IP behind the remote side to trigger 
UDP path probing, and no blocking firewall on the way)

# tinc info T:
(tinc 1.0.24, directly connected)
Node:         T
Node ID:      97e7a2ff259b
Address:      1.2.3.4 port 4200
Online since: 2015-05-13 22:38:45
Status:       validkey visited reachable
Options:      pmtu_discovery clamp_mss
Protocol:     17.0
Reachability: directly with TCP

# tinc info V:
(tinc 1.0.24, no direct connect)
Node:         V
Node ID:      80a618663578
Address:      2.3.4.5 port 20316
Online since: 2015-05-13 22:38:45
Status:       validkey visited reachable
Options:      pmtu_discovery clamp_mss
Protocol:     17.0
Reachability: none, forwarded via H

# tinc info H
(tinc 1.1 git, direct connect)
Node:         H
Node ID:      68050b57da8f
Address:      3.4.5.6 port 443
Online since: 2015-05-13 22:40:07
Status:       validkey visited reachable sptps udp_confirmed
Options:      pmtu_discovery clamp_mss
Protocol:     17.7
Reachability: directly with UDP
PMTU:         1439

# tinc info O
(tinc 1.1, no direct connect)
Node:         O
Node ID:      613b32c62e2a
Address:      4.5.6.7 port 29115
Online since: 2015-05-13 23:16:08
Status:       validkey visited reachable sptps udp_confirmed
Options:      pmtu_discovery clamp_mss
Protocol:     17.7
Reachability: directly with UDP
PMTU:         1439


Debug output of communication W (1.1) trying to talk to V (1.0):

It seems that it does not understand the UDP probe answer:

# tinc log 5 | grep 2.3.4.5
Sending UDP probe length 18 to V (2.3.4.5 port 20316)
Received UDP packet from unknown source 2.3.4.5 port 20316

So real data is sent over TCP:

Sending packet of 168 bytes to V (2.3.4.5 port 20316)
Packet for V (2.3.4.5 port 20316) larger than minimum MTU, forwarding via H
Sending packet of 308 bytes to V (2.3.4.5. port 20316)
Packet for V (2.3.4.5 port 20316) larger than minimum MTU, forwarding via H


c'ya
sven-haegar

-- 
Three may keep a secret, if two of them are dead.
- Ben F.

More information about the tinc-devel mailing list