Tinc Network Spikes
Guus Sliepen
guus at tinc-vpn.org
Thu Aug 7 11:57:34 CEST 2014
On Wed, Aug 06, 2014 at 02:57:48PM -0600, Mark Lopez wrote:
> > Oh, that's quite a lot. First, which version of tinc are you using?
> > Which Mode (router or switch) are you using? Are you bridging the VPN
> > interface with the LAN interface on any of the nodes?
>
> Thanks for taking time to reply. I appreciate the time and experience that
> developers put into projects like Tinc.
Thank you!
> The connection between some servers may not be the best. There might be a
> correlation between the time of packet floods and when my monitoring server
> losses connection with a node. If the floods are due to network issues or
> that the flood causes issues is another story.
>
> Some nodes constantly send larger amounts of packets overtime to another
> node resulting in the "Got late or replayed packet" message in the logs. A
> restart of the Tinc daemon on those nodes calms the network.
It would be helpful if you could provide us with a dump of the nodes and
edges of the VPN, both when it is working properly and when it is
looping. You can tell tinc to dump this information to the syslog by
running:
tincd -n <netname> -kUSR2
Or if you want to try 1.1, just run:
tinc -n <netname> dump nodes
tinc -n <netname> dump edges
> Side question: Is Tinc 1.1 stable (or predictable) for daily use? I'm
> wondering on upgrading. The extra stats that Tinc 1.1 could generate would
> be largely beneficial.
It should if you set ExperimentalProtocol = no in tinc.conf, but if you
really want a stable VPN I suggest you keep running 1.0.x for now.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20140807/52e68939/attachment.sig>
More information about the tinc
mailing list