Periodic routing problem

Dan Ros dan-lists at ivixor.net
Mon Jan 16 22:59:07 CET 2006 

Hi, I've been running tinc for a couple of months and it's great, but I 
have a periodic problem which maybe you guys can figure out. I operate a 
3-node tinc VPN, lets say A, B and C.

      A
    /    \
  B --- C

 The problem is that after a while, node C can't exchange data with node 
B. It works fine (ping and other traffic) for about 10 minutes, then 
fails. Here is some debug output as seen from node C.

When the problem occurs:

Got late or replayed packet from koneko (84.92.216.214 port 655), seqno 
5, last received 40031
Got late or replayed packet from koneko (84.92.216.214 port 655), seqno 
6, last received 40031
Got late or replayed packet from koneko (84.92.216.214 port 655), seqno 
7, last received 40031
Got late or replayed packet from koneko (84.92.216.214 port 655), seqno 
8, last received 40031

(koneko is on the physical LAN of node B)

So, the connection times out. If you try and reestablish the connection 
between C and B:

Temporarily setting debug level to 5.  Kill me with SIGINT again to go 
back to level 0.
Read packet of 74 bytes from Linux tun/tap device (tun mode)
Sending packet of 74 bytes to lleuad (84.92.216.214 port 655)
No valid key known yet for lleuad (84.92.216.214 port 655), queueing packet
Sending REQ_KEY to lleuad (84.92.216.214 port 4227): 15 athos lleuad
Sending 16 bytes of metadata to lleuad (84.92.216.214 port 4227)
Got ANS_KEY from lleuad (84.92.216.214 port 4227): 16 lleuad athos 
14EDE2A2E4C14F97B3CBF94A388C79C420D6096B29D9F1EB 91 64 4 0
Flushing queue for lleuad (84.92.216.214 port 655)
Got REQ_KEY from lleuad (84.92.216.214 port 4227): 15 lleuad athos
Sending ANS_KEY to lleuad (84.92.216.214 port 4227): 16 athos lleuad 
43D869F952C38107C4DB5997B83A33F99AE5D4B3188E50EF 91 64 4 0
Sending 75 bytes of metadata to lleuad (84.92.216.214 port 4227)
Got late or replayed packet from koneko (84.92.216.214 port 655), seqno 
1, last received 40031
Connection from 84.92.216.214 port 39706
Sending ID to (null) (84.92.216.214 port 39706): 0 athos 17
Sending 11 bytes of metadata to (null) (84.92.216.214 port 39706)
Got ID from (null) (84.92.216.214 port 39706): 0 koneko 17
Sending METAKEY to koneko (84.92.216.214 port 39706): 1 94 64 0 0 
AD9F91CC49E4FF565A8048BF97B584B23A44B9915E0D6C38E8998104744DA5F0C4D534B40862DC66DB608AC06BA243866E155C5BDAEABE26995625D644E018942A4635A3491A38E5008F7517635F74A8DBF6EDCC3B9B1433DA54C2CE2236B2163EE6B24C4F04D7EAA881A7B98E63A9D4790803E61D55A4DF94F22742EC2C4E5A
Sending 269 bytes of metadata to koneko (84.92.216.214 port 39706)
Connection closed by koneko (84.92.216.214 port 39706)
Closing connection with koneko (84.92.216.214 port 39706

And it won't work until i restart tincd on node C. This happens no 
matter what ConnectTo statements exist. Any ideas? Many thanks.

Dan

More information about the tinc mailing list