Macbook DHCP issue.

Matthew Tolle matt at night.com
Wed Nov 28 17:25:50 CET 2012 

Hi Guus,

Thanks for the comments. 

I set the MAC address by hand on the laptop when I connect so it stays consistent. That way I get the same DHCP address when DHCP is working. 

The script I use to kick off tinc on the laptop does the following: 

clears the logfile /var/log/tinc
opens logfile for reading
starts tinc: /opt/local/sbin/tincd --logfile=/var/log/tinc --pidfile=/var/run/tincd.pid --debug=5 -n vpn
waits till tap0 comes online. uses ifconfig to gather this info.
sets MAC addr: /sbin/ifconfig tap0 ether <MAC>
Waits for tinc to come online. Reads the log file for this information. 
sleep 2
requests a DHCP address: /usr/sbin/ipconfig set tap0 DHCP
waits for interface to get an address. Uses ifconfig to gather this info.
adds a bunch of routes.

this script has worked fine for a while now. 

Anyway when I get home I can swap over to SWITCH on all VPN nodes and do a TCPdump on the interface and see what that comes up with. 

As to a firewall.. not sure my laptop has a firewall. The remote side does have one. I don't think it's the problem. A linux box at home with the same configuration a the laptop works just fine. If I understand Tinc correctly once the link is up it acts as just a normal interface. So if my laptop can DHCP an address when at the remote site then it should work exactly the same remotely when tinc is connected and online. It would be different if it didn't work both onsite and didn't work remotely with tinc. 

This is getting confusing. Maybe this helps: 

Laptop <--Tinc-- remote  - No DHCP address
Linux   <--Tinc-- remote  - Works fine. MAC addr set to the same one used on the laptop or with a dynamic MAC.
Laptop in same location as "remote" - Works fine. DHCP and all.

What I should also try is flipping the setup. Set my home linux box up as the "remote" box. Connect to it with my laptop and see if I can DHCP an address off my home airport unit. That would be interesting. 

Thanks. I'll send more details tonight.

-Matt

On Nov 28, 2012, at 2:11 AM, Guus Sliepen <guus at tinc-vpn.org> wrote:

> On Tue, Nov 27, 2012 at 10:23:00PM -0700, Matthew Tolle wrote:
> 
>> Tinc on the remote side has always been set to switch mode. I've tried it in many different forms on the laptop side. It's currently set to hub mode. 
> 
> You should keep it set to switch mode. Mixing different modes in one VPN is
> usually not a good idea.
> 
>> I can rerun the debug for you in switch mode if you need that. From what I read it should be the same. 
> 
> It probably won't make a difference in this case, that is true.
> 
>> I don't run or have access to the DHCP server on the remote side, but I'm fairly sure it has not changed. The laptop gets it's IP address just fine when it's local to the site. 
> 
> Tinc itself does seem to run fine, and it is receiving and sending packets
> from/to remote. So I don't think the problem is with tinc itself. You could run
> tcpdump on the VPN interface to see what kind of packets are exchanged. Also
> check that the firewall configuration of laptop and/or remote have not been
> changed. Also, perhaps the DHCP server is out of addresses? Note that the tap
> devices get a new MAC address every time they are created (at boot, or on Linux
> everytime you restart tinc).
> 
> -- 
> Met vriendelijke groet / with kind regards,
>     Guus Sliepen <guus at tinc-vpn.org>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc

More information about the tinc mailing list