Routing problems?

[Jim Chapman]

I'm trying to use tinc to create a VPN between a single central location
(with fixed IP address) and a number of "branch" locations with dynamic
addresses.  It's a star configuration.  Each of the branches, and the
server, has a /24 subnet of 10.119.0.0/16.  The branches specify a
single connection to the server, which is passive.  Each of the host
files specifies its /24 subnet, and the tun devices have the /16
netmask.  The dynamic connections are either "nailed up" ppp or fixed
broadband.  (It's all one vpn, with a single tincd running on each host)

Mostly, this works.  Sometimes, however, vpn connectivity is lost
between any two of the sites.  Sometimes it's between a branch and the
center (but the branch still has connectivity to other branches, via
the center) or between branches (but each maintains connectivity to the
center and other branches)

However, the loss of connectivity is only one way;  B2 cannot ping
B1, but B1 can ping B2.  Moreover, doing a ping from B1 to B2 will
restore connectivity between B2 and B1.

I'm running tinc 1.0pre8, on either 2.4.18 or 2.4.19.  The problem most
often occurs between a 2.4.18 branch with PPP and the 2.4.19 center. 
The center will be unable to ping the branch, but a ping from the branch
to the center will restore everything.  Other branches will have
maintained full connectivity between the center and the affected branch
throughout.  The systems are running debian stable (woody)

The problems don't appear to be related to PPP restarts.  All the
systems
have iptables masquerading, but I assume it's not that because the loss
of connectivity is partial.

jim



Tinc:         Discussion list about the tinc VPN daemon
Archive:      http://mail.nl.linux.org/lists/
Tinc site:    http://tinc.nl.linux.org/