Routing problem

Kostko kostko at jweb-network.net
Wed Nov 26 16:24:50 CET 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sure,

ROUTER #1:
- - tinc.conf:
Name = icarus

AddressFamily = ipv4
BindToAddress = 193.77.XXX.XXX
Device = /dev/net/tun
Mode = router
KeyExpire = 3600
PingTimeout = 60
PrivateKeyFile = /etc/tinc/vpn01/rsa_key.priv

ConnectTo tihomir

- - tinc-up:
#!/bin/sh
ifconfig $INTERFACE 192.168.0.1 netmask 255.255.0.0

- - hosts/icarus:
Address = 193.77.XXX.XXX
Cipher = blowfish
Compression = 1
Digest = sha1
Subnet = 192.168.0.0/24

- -----BEGIN RSA PUBLIC KEY-----
...
- -----END RSA PUBLIC KEY-----

- - hosts/tihomir:
Address = 193.77.YYY.YYY
Cipher = blowfish
Compression = 1
Digest = sha1
Subnet = 192.168.1.0/24

- -----BEGIN RSA PUBLIC KEY-----
...
- -----END RSA PUBLIC KEY-----

ROUTER #2:
- - tinc.conf:
Name = tihomir

AddressFamily = ipv4
BindToAddress = 193.77.YYY.YYY
Device = /dev/net/tun
Mode = router
KeyExpire = 3600
PingTimeout = 60
PrivateKeyFile = /etc/tinc/vpn01/rsa_key.priv

ConnectTo icarus

- - tinc-up:
#!/bin/sh
ifconfig $INTERFACE 192.168.1.1 netmask 255.255.0.0

Regards,
Kostko.

Guus Sliepen wrote:
| On Wed, Nov 26, 2003 at 03:22:02PM +0100, Kostko wrote:
|
|
|>Well, if i tcpdump the relevant interfaces, i see that packets
|>successfully come from the router #2 via the tun connection. But they
|>don't get forwarded to any local interfaces (they should go to eth1).
|>And if i ping from router #1's lan, i see that the packets get to the
|>router but they don't get forwarded to vpn01 interface. Also there is no
|>additional output from tincd when ran in debug mode (except the daemon
|>connection which seems to be ok). The other router has very similar
|>configuration, but the routing works there...
|
|
| Can you send tinc.conf and tinc-up from both routers and the contents of
| hosts/?
|

- --
Kostko <kostko at jweb-network.net>
JWeb-Network

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQE/xMXCllbq6idCSBURAuBZAKC6geRx4MxeqOgOfOuoLjCJyd+n7QCfWpob
HkRg8EqcX5BOAuyxNH/IOOQ=
=dJLG
-----END PGP SIGNATURE-----

Tinc:         Discussion list about the tinc VPN daemon
Archive:      http://mail.nl.linux.org/lists/
Tinc site:    http://tinc.nl.linux.org/

More information about the Tinc mailing list