State graph of UDP data-connections
Steffen Vogel
post at steffenvogel.de
Wed Aug 6 11:09:05 CEST 2014
Hi,
I'm using Tinc in a scenario where round-trip time matters.
I've multiple nodes behind firewalls (with and without NAT) and a single
public server node.
How do I can get the current state of UDP data-connections between my
firewall'd nodes?
According to the docs:
- 'dump connections' give me all TCP meta-connections of the current
node
- 'dump edges' give me all connections between all nodes of the VPN.
The meta-protocol has a command called ADD_EDGE which is used to
inform other nodes about existing UDP data-connections.
This leads to the conclusion that 'dump edges' is used to show UDP
data-connections.
But as far as I can tell from my tests, these are only the TCP
meta-connections.
I've tried to trace the actual UDP data-connections by using:
'tcpdump -i eth0 udp port tinc'
This shows me that the UDP data path is actually fully-meshed.
So Tinc succeeds using STUN and UDP hole punching for my firewalls.
So I'm wondering why these fully meshed UDP connections (created by
STUN) arn't shown by 'dump edges' ?!
Regards,
Steffen
[1] http://tinc-vpn.org/documentation-1.1/The-meta_002dconnection.html
[2] http://tinc-vpn.org/documentation-1.1/The-meta_002dprotocol.html
[3] http://www.tinc-vpn.org/pipermail/tinc/2009-April/001901.html
--
Steffen Vogel
Robensstraße 69
52070 Aachen
Mail: post at steffenvogel.de
Mobil: +49 1575 7180927
Web: http://www.steffenvogel.de
Jabber: steffen.vogel at jabber.rwth-aachen.de
-------------- n�chster Teil --------------
Ein Dateianhang mit Bin�rdaten wurde abgetrennt...
Dateiname : signature.asc
Dateityp : application/pgp-signature
Dateigr��e : 819 bytes
Beschreibung: This is a digitally signed message part
URL : <http://www.tinc-vpn.org/pipermail/tinc/attachments/20140806/5da21761/attachment.sig>
More information about the tinc
mailing list