Tinc on NixOS

William Kennington william at wkennington.com
Tue Aug 26 20:06:37 CEST 2014 

Just a heads up I'm working on a Nico's module for tinc if you are
interested in testing it.

https://github.com/wkennington/nixpkgs/tree/master.tincd

You are going to need my users patch yo add the extra uids needed for this
to work at the moment.

https://github.com/wkennington/nixpkgs/tree/master.users

You might also want to check out my addition of the tinc1.1 prerelease.

https://github.com/wkennington/nixpkgs/tree/master.tinc

Best,
William
On Aug 26, 2014 11:00 AM, "Zia Syed" <xia.syed at gmail.com> wrote:

> Ok i've got it working.
>
> I used the ifconfig command, but removed the netmask and it worked.
>
> like this
> ifconfig $INTERFACE 192.168.1.10
>
> whereas this didn't work
> ifconfig $INTERFACE 192.168.1.10 netmask 255.255.255.0
>
> Thanks guys.
>
> Zia
>
>
> On Tue, Aug 26, 2014 at 10:40 AM, Zia Syed <xia.syed at gmail.com> wrote:
>
>> Thanks Guus. That works, but I am still not about to route traffic
>> between the nodes. tinc-up doesn't execute automatically, and when I
>> manually try, i get
>> 'RTNETLINK answers: File exists'
>> for
>> ip addr add 192.168.1.10 dev $INTERFACE
>>
>> where $INTERFACE i pass as eno1.
>>
>> On the tinc debug, i see this
>>
>> Connection with esprit1 (67.169.32.18 port 655) activated
>> Sending ADD_SUBNET to esprit1 (67.169.32.18 port 655): 10 38d07b36 homer2
>> 10.16.0.0/24#10
>> Sending 35 bytes of metadata to esprit1 (67.169.32.18 port 655)
>> Sending ADD_EDGE to everyone (BROADCAST): 12 7ae0f39b homer2 esprit1
>> 67.169.32.18 655 c 78
>> Sending 49 bytes of metadata to esprit1 (67.169.32.18 port 655)
>> Flushing 84 bytes to esprit1 (67.169.32.18 port 655)
>> Got ADD_SUBNET from esprit1 (67.169.32.18 port 655): 10 5dc18841 esprit1
>> 192.168.1.0/24#10
>> Forwarding ADD_SUBNET from esprit1 (67.169.32.18 port 655): 10 5dc18841
>> esprit1 192.168.1.0/24#10
>> Got ADD_EDGE from esprit1 (67.169.32.18 port 655): 12 1198c2b0 esprit1
>> homer2 12.249.58.54 655 c 78
>> Forwarding ADD_EDGE from esprit1 (67.169.32.18 port 655): 12 1198c2b0
>> esprit1 homer2 12.249.58.54 655 c 78
>>
>>
>> Does my routing table looks alright?
>>
>> [root at homer2:/etc/tinc/test]# route
>>  Kernel IP routing table
>> Destination     Gateway         Genmask         Flags Metric Ref    Use
>> Iface
>> default         10.16.0.1       0.0.0.0         UG    0      0        0
>> eno16777728
>> 10.16.0.0       *               255.255.0.0     U     0      0        0
>> eno16777728
>> 192.168.1.0     *               255.255.255.0   U     0      0        0
>> eno16777728
>>
>> [root at homer2:/etc/tinc/test]# ssh test at 192.168.1.10
>> ssh: connect to host 192.168.1.10 port 22: No route to host
>>
>> [root at esprit1:/etc/tinc/test]# route
>> Kernel IP routing table
>> Destination     Gateway         Genmask         Flags Metric Ref    Use
>> Iface
>> default         192.168.1.1     0.0.0.0         UG    202    0        0
>> eno1
>> 10.16.0.0       *               255.255.255.0   U     0      0        0
>> eno1
>> 192.168.1.0     *               255.255.255.0   U     202    0        0
>> eno1
>>
>> [root at esprit1:/etc/tinc/test]# ssh test at 10.16.0.14
>> ssh: connect to host 10.16.0.14 port 22: No route to host
>>
>> My host config for homer2 is
>> [root at esprit1:/etc/tinc/test]# cat hosts/homer2
>> Address = 10.16.0.14
>> Subnet = 10.16.0.0/24
>>
>> and for esprit1
>>
>> [root at homer2:/etc/tinc/test]# cat hosts/esprit1
>> Address = 67.169.32.18
>> Subnet = 192.168.1.0/24
>>
>> thanks,
>>  Zia
>>
>>
>> On Tue, Aug 26, 2014 at 1:43 AM, Guus Sliepen <guus at tinc-vpn.org> wrote:
>>
>>> On Mon, Aug 25, 2014 at 09:55:05PM -0700, Zia Syed wrote:
>>>
>>> > I'm trying to run Tinc on a NixOS machine, using the similar
>>> configuration
>>> > i had for Ubuntu. My home subnet is 192.168.1.0/24 and my work is
>>> > 10.16.0.0/24. However, unlike ubuntu, when I start tincd on nixos,
>>> and try
>>> > to 'ifconfig $INTERFACE 192.168.1.10 netmask 255.255.255.0' in my
>>> tinc-up,
>>> > I loose network access on the box (no ping/ssh to the box). I see tun0
>>> > interface created, but no data flows.
>>> >
>>> > eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
>>> >         inet 192.168.1.10  netmask 255.255.255.0  broadcast
>>> 192.168.1.255
>>> [...]
>>> > #!/nix/store/ajxd1z42ql9qihdj1pa7in12iynf532g-bash-4.2-p45/bin/sh
>>> > #ifconfig $INTERFACE 192.168.1.10 netmask 255.255.255.0
>>> > ip route add 10.16.0.0/24 dev $INTERFACE
>>> > ip link set dev $INTERFACE up
>>>
>>> Like Saverio already said, you are configuring tun0 with exactly the
>>> same IP address and netmask as the eno1 interface. This will indeed
>>> cause you to lose network access. You can use the same IP address on
>>> tun0 as on eno1, but then the netmask should be different. Try this
>>> instead:
>>>
>>> #!/nix/store/ajxd1z42ql9qihdj1pa7in12iynf532g-bash-4.2-p45/bin/sh
>>> ip addr add 192.168.1.10 dev $INTERFACE
>>> ip route add 10.16.0.0/24 dev $INTERFACE
>>> ip link set dev $INTERFACE up
>>>
>>> --
>>> Met vriendelijke groet / with kind regards,
>>>      Guus Sliepen <guus at tinc-vpn.org>
>>>
>>> _______________________________________________
>>> tinc mailing list
>>> tinc at tinc-vpn.org
>>> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>>>
>>>
>>
>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20140826/a04fcdeb/attachment-0001.html>

More information about the tinc mailing list