Tinc on NixOS

Wed Aug 27 02:21:44 CEST 2014

Thanks William. I will look at it and see if i can test it.

On Tue, Aug 26, 2014 at 11:06 AM, William Kennington <
william at wkennington.com> wrote:

> Just a heads up I'm working on a Nico's module for tinc if you are
> interested in testing it.
>
> https://github.com/wkennington/nixpkgs/tree/master.tincd
>
> You are going to need my users patch yo add the extra uids needed for this
> to work at the moment.
>
> https://github.com/wkennington/nixpkgs/tree/master.users
>
> You might also want to check out my addition of the tinc1.1 prerelease.
>
> https://github.com/wkennington/nixpkgs/tree/master.tinc
>
> Best,
> William
> On Aug 26, 2014 11:00 AM, "Zia Syed" <xia.syed at gmail.com> wrote:
>
>> Ok i've got it working.
>>
>> I used the ifconfig command, but removed the netmask and it worked.
>>
>> like this
>> ifconfig $INTERFACE 192.168.1.10
>>
>> whereas this didn't work
>> ifconfig $INTERFACE 192.168.1.10 netmask 255.255.255.0
>>
>> Thanks guys.
>>
>> Zia
>>
>>
>> On Tue, Aug 26, 2014 at 10:40 AM, Zia Syed <xia.syed at gmail.com> wrote:
>>
>>> Thanks Guus. That works, but I am still not about to route traffic
>>> between the nodes. tinc-up doesn't execute automatically, and when I
>>> manually try, i get
>>> 'RTNETLINK answers: File exists'
>>> for
>>> ip addr add 192.168.1.10 dev $INTERFACE
>>>
>>> where $INTERFACE i pass as eno1.
>>>
>>> On the tinc debug, i see this
>>>
>>> Connection with esprit1 (67.169.32.18 port 655) activated
>>> Sending ADD_SUBNET to esprit1 (67.169.32.18 port 655): 10 38d07b36
>>> homer2 10.16.0.0/24#10
>>> Sending 35 bytes of metadata to esprit1 (67.169.32.18 port 655)
>>> Sending ADD_EDGE to everyone (BROADCAST): 12 7ae0f39b homer2 esprit1
>>> 67.169.32.18 655 c 78
>>> Sending 49 bytes of metadata to esprit1 (67.169.32.18 port 655)
>>> Flushing 84 bytes to esprit1 (67.169.32.18 port 655)
>>> Got ADD_SUBNET from esprit1 (67.169.32.18 port 655): 10 5dc18841 esprit1
>>> 192.168.1.0/24#10
>>> Forwarding ADD_SUBNET from esprit1 (67.169.32.18 port 655): 10 5dc18841
>>> esprit1 192.168.1.0/24#10
>>> Got ADD_EDGE from esprit1 (67.169.32.18 port 655): 12 1198c2b0 esprit1
>>> homer2 12.249.58.54 655 c 78
>>> Forwarding ADD_EDGE from esprit1 (67.169.32.18 port 655): 12 1198c2b0
>>> esprit1 homer2 12.249.58.54 655 c 78
>>>
>>>
>>> Does my routing table looks alright?
>>>
>>> [root at homer2:/etc/tinc/test]# route
>>>  Kernel IP routing table
>>> Destination     Gateway         Genmask         Flags Metric Ref    Use
>>> Iface
>>> default         10.16.0.1       0.0.0.0         UG    0      0        0
>>> eno16777728
>>> 10.16.0.0       *               255.255.0.0     U     0      0        0
>>> eno16777728
>>> 192.168.1.0     *               255.255.255.0   U     0      0        0
>>> eno16777728
>>>
>>> [root at homer2:/etc/tinc/test]# ssh test at 192.168.1.10
>>> ssh: connect to host 192.168.1.10 port 22: No route to host
>>>
>>> [root at esprit1:/etc/tinc/test]# route
>>> Kernel IP routing table
>>> Destination     Gateway         Genmask         Flags Metric Ref    Use
>>> Iface
>>> default         192.168.1.1     0.0.0.0         UG    202    0        0
>>> eno1
>>> 10.16.0.0       *               255.255.255.0   U     0      0        0
>>> eno1
>>> 192.168.1.0     *               255.255.255.0   U     202    0        0
>>> eno1
>>>
>>> [root at esprit1:/etc/tinc/test]# ssh test at 10.16.0.14
>>> ssh: connect to host 10.16.0.14 port 22: No route to host
>>>
>>> My host config for homer2 is
>>> [root at esprit1:/etc/tinc/test]# cat hosts/homer2
>>> Address = 10.16.0.14
>>> Subnet = 10.16.0.0/24
>>>
>>> and for esprit1
>>>
>>> [root at homer2:/etc/tinc/test]# cat hosts/esprit1
>>> Address = 67.169.32.18
>>> Subnet = 192.168.1.0/24
>>>
>>> thanks,
>>>  Zia
>>>
>>>
>>> On Tue, Aug 26, 2014 at 1:43 AM, Guus Sliepen <guus at tinc-vpn.org> wrote:
>>>
>>>> On Mon, Aug 25, 2014 at 09:55:05PM -0700, Zia Syed wrote:
>>>>
>>>> > I'm trying to run Tinc on a NixOS machine, using the similar
>>>> configuration
>>>> > i had for Ubuntu. My home subnet is 192.168.1.0/24 and my work is
>>>> > 10.16.0.0/24. However, unlike ubuntu, when I start tincd on nixos,
>>>> and try
>>>> > to 'ifconfig $INTERFACE 192.168.1.10 netmask 255.255.255.0' in my
>>>> tinc-up,
>>>> > I loose network access on the box (no ping/ssh to the box). I see tun0
>>>> > interface created, but no data flows.
>>>> >
>>>> > eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
>>>> >         inet 192.168.1.10  netmask 255.255.255.0  broadcast
>>>> 192.168.1.255
>>>> [...]
>>>> > #!/nix/store/ajxd1z42ql9qihdj1pa7in12iynf532g-bash-4.2-p45/bin/sh
>>>> > #ifconfig $INTERFACE 192.168.1.10 netmask 255.255.255.0
>>>> > ip route add 10.16.0.0/24 dev $INTERFACE
>>>> > ip link set dev $INTERFACE up
>>>>
>>>> Like Saverio already said, you are configuring tun0 with exactly the
>>>> same IP address and netmask as the eno1 interface. This will indeed
>>>> cause you to lose network access. You can use the same IP address on
>>>> tun0 as on eno1, but then the netmask should be different. Try this
>>>> instead:
>>>>
>>>> #!/nix/store/ajxd1z42ql9qihdj1pa7in12iynf532g-bash-4.2-p45/bin/sh
>>>> ip addr add 192.168.1.10 dev $INTERFACE
>>>> ip route add 10.16.0.0/24 dev $INTERFACE
>>>> ip link set dev $INTERFACE up
>>>>
>>>> --
>>>> Met vriendelijke groet / with kind regards,
>>>>      Guus Sliepen <guus at tinc-vpn.org>
>>>>
>>>> _______________________________________________
>>>> tinc mailing list
>>>> tinc at tinc-vpn.org
>>>> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>>>>
>>>>
>>>
>>
>> _______________________________________________
>> tinc mailing list
>> tinc at tinc-vpn.org
>> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>>
>>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20140826/9eb5cb97/attachment.html>