Problem communicating from server to client

Nikolaus Rath Nikolaus at rath.org
Tue Oct 11 16:49:41 CEST 2011 

Hello,

I've set up a tinc "server" named "spitzer" in proxy arp mode, and a 
client "inspiron" that connects to it.

inspiron runs tinc 1.0.16, spitzer runs 1.0.11.

Ping and ssh from inspiron to spitzer and other hosts in the network
(via spitzer) works fine.

Ping and ssh from other hosts in the network to inspiron works fine
(i.e. going through spitzer works fine)

However, ping and ssh from spitzer to inspiron does not work.

The packets seem to be received by inspiron, in debug mode I can see
messages like:

Got MTU probe length 1411 from spitzer (128.59.144.255 port 655)
Received packet of 98 bytes from spitzer (128.59.144.255 port 655)
Writing packet of 98 bytes to Linux tun/tap device (tun mode)
Got MTU probe length 1427 from spitzer (128.59.144.255 port 655)
Got MTU probe length 1421 from spitzer (128.59.144.255 port 655)
Got MTU probe length 1415 from spitzer (128.59.144.255 port 655)
Received packet of 98 bytes from spitzer (128.59.144.255 port 655)
Writing packet of 98 bytes to Linux tun/tap device (tun mode)
Received packet of 98 bytes from spitzer (128.59.144.255 port 655)
Writing packet of 98 bytes to Linux tun/tap device (tun mode)
Received packet of 98 bytes from spitzer (128.59.144.255 port 655)
Writing packet of 98 bytes to Linux tun/tap device (tun mode)
Got MTU probe length 1444 from spitzer (128.59.144.255 port 655)

(there's *lots* of these MTU probe messages).


Routing table in inspiron:

[0] inspiron:/etc/tinc/hbt# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         128.59.144.1    0.0.0.0         UG    0      0        0 eth0
128.59.144.0    0.0.0.0         255.255.248.0   U     0      0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 hbt
[0] inspiron:/etc/tinc/hbt# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         



Does anyone have a suggestion how I could debug this further?


   -Nikolaus

-- 
 »Time flies like an arrow, fruit flies like a Banana.«

  PGP fingerprint: 5B93 61F8 4EA2 E279 ABF6  02CF A9AD B7F8 AE4E 425C

More information about the tinc mailing list