lose connection with traffic from connector to connectee

ebina1 ebina1 at insightbb.com
Tue Feb 19 22:31:10 CET 2002 

using 1.0pre5

A: tinc.conf
------------
Name = A
PrivateKeyFile = /usr/local/etc/tinc/vpn/rsa_key.priv
Device = /dev/tap0
ConnectTo = B

A: tinc-up
---------
#!/bin/sh
modprobe ethertap
ifconfig tap0 hw ether fe:fd:00:00:00:00
ifconfig tap0 192.168.0.3 netmask 255.255.0.0
ifconfig tap0 -arp


B: tinc.conf
------------
Name = B
PrivateKeyFile = /usr/local/etc/tinc/vpn/rsa_key.priv
Device = /dev/tun

B: tinc-up
---------
#!/bin/sh
ifconfig vpn hw ether fe:fd:00:00:00:00
ifconfig vpn 192.168.1.253 netmask 255.255.0.0
ifconfig vpn -arp mtu 1400


tincd on B is running.
tincd on A starts and connects to B.
Now, if the first network data is from B to A such as "ping 192.168.0.3" 
from B
then the connection works well in both directions for quite a while.  If 
the connection
is idle for a long time, and then the first data is from A to B the data 
transfer
stops (see below).

If the first network data is from A to B such as "ping 192.168.1.253 from A
then no data gets through and the connection doesn't work right.
 From the syslog on A it appears data is being sent to B, and nothing is 
returning.
We do still get the periodic PING/PONG from A to B but no other data 
gets through.
 From the syslog on B we see:

Feb 19 15:13:11 linux tinc.vpn[2414]: Node A (12.221.73.89) became reachable
Feb 19 15:13:11 linux tinc.vpn[2414]: Got ADD_SUBNET from A 
(12.221.73.89): 10 A 192.168.0.0/24
Feb 19 15:13:22 linux tinc.vpn[2414]: Got REQ_KEY from A (12.221.73.89): 
15 A B
Feb 19 15:13:22 linux tinc.vpn[2414]: Sending ANS_KEY to A 
(12.221.73.89): 16 B A B157130AC44115976F7A773719D0DBEC8E2EADD4EF0BA824 
91 64 4
Feb 19 15:13:22 linux tinc.vpn[2414]: Sending 68 bytes of metadata to A 
(12.221.73.89)
Feb 19 15:13:22 linux tinc.vpn[2414]: Received UDP packet on port 655 
from unknown source cdd4959:517
Feb 19 15:13:45 linux last message repeated 5 times
Feb 19 15:13:51 linux tinc.vpn[2414]: Read packet of 87 bytes from Linux 
tun/tap device
Feb 19 15:13:51 linux tinc.vpn[2414]: Sending packet of 87 bytes to A 
(12.221.73.89)
Feb 19 15:13:51 linux tinc.vpn[2414]: No valid key known yet for A 
(12.221.73.89), queueing packet
Feb 19 15:13:51 linux tinc.vpn[2414]: Sending REQ_KEY to A 
(12.221.73.89): 15 B A
Feb 19 15:13:51 linux tinc.vpn[2414]: Sending 11 bytes of metadata to A 
(12.221.73.89)
Feb 19 15:13:51 linux tinc.vpn[2414]: Got ANS_KEY from A (12.221.73.89): 
16 A B 46808131ED9A3ECFC560A65C1873B50D2C30DD12D41CCF9C 91 64 4
Feb 19 15:13:51 linux tinc.vpn[2414]: Flushing queue for A (12.221.73.89)
Feb 19 15:13:51 linux tinc.vpn[2414]: Received UDP packet on port 655 
from unknown source cdd4959:517
Feb 19 15:14:48 linux tinc.vpn[2414]: Received UDP packet on port 655 
from unknown source cdd4959:517
Feb 19 15:14:57 linux tinc.vpn[2414]: Received UDP packet on port 655 
from unknown source cdd4959:517
Feb 19 15:15:18 linux tinc.vpn[2414]: Got PING from A (12.221.73.89): 8
Feb 19 15:15:18 linux tinc.vpn[2414]: Sending PONG to A (12.221.73.89): 9
Feb 19 15:15:18 linux tinc.vpn[2414]: Sending 2 bytes of metadata to A 
(12.221.73.89)
Feb 19 15:15:31 linux tinc.vpn[2414]: Received UDP packet on port 655 
from unknown source cdd4959:517


The connection and key are negotiated, but all data from A appears to 
come from
an unknown source.

Any ideas?



Tinc:         Discussion list about the tinc VPN daemon
Archive:      http://mail.nl.linux.org/lists/
Tinc site:    http://tinc.nl.linux.org/

More information about the Tinc mailing list