<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Earlier, my tinc topology is this: <a href="https://ibb.co/bP1EJa" class="">https://ibb.co/bP1EJa</a>, let me explain a little bit:<div class=""><br class=""></div><div class="">client configuration:</div><div class="">Name = client</div><div class="">AddressFamily = ipv4<br class="">ProcessPriority = high<br class="">PingTimeout = 10<br class="">TunnelServer = yes<br class=""><div class=""><br class=""></div><div class="">1. All tinc nodes configured with “IndirectData = yes”, and the lines shown on the picture with arrow means the directional “ConnectTo”, so all the tinc traffic will go follow the “ConnectTo” indicated on the topology. (a1, a2, a3 will be transit node relay traffic from south to north)</div><div class="">2. The yellow highlighted number indicate the weight for the default route advertised by server nodes, the lower the preferred; the client is on the bottom of the diagram</div><div class="">3. Based on the above two points, the traffic to default route will follow below redundant path prioritized as below:</div><div class=""> All fine <span class="Apple-tab-span" style="white-space:pre"> </span>: client1 > a1 > h1</div><div class=""> if h1 down<span class="Apple-tab-span" style="white-space:pre"> </span>: client1 > a1 > h2</div><div class=""> if h1/h2 down<span class="Apple-tab-span" style="white-space:pre"> </span>: client1 > a1 > server1</div><div class=""> same for other node on the top line failed</div><div class=""><br class=""></div><div class=""> if a1 down<span class="Apple-tab-span" style="white-space:pre"> </span>: client1 > a2 > h1</div><div class=""> if a1/a2 down<span class="Apple-tab-span" style="white-space:pre"> </span>: client1 > a3 > h1</div><div class=""> if a1/a2/a3 down : client1 > server4</div><div class=""><br class=""></div><div class="">The above is the setup will cause irregular tinc down events, and when the event happens, the client1 drop all connections to a1/a2/a3/server4/server5/server6, but the connections between a1/a2/a3 to h1/h2/server1/server2/server/3 are pretty stable.</div><div class=""><br class=""></div><div class=""><br class=""></div><div class="">But after I changed the tinc topology to this: <a href="https://ibb.co/eOS4ZF" class="">https://ibb.co/eOS4ZF</a>, the connection from client1 to a1 is much stable, never drop after couple of days….</div><div class=""><br class=""></div><div class=""><br class=""></div><div class=""><br class=""><div class=""><div><blockquote type="cite" class=""><div class="">On 14 Sep 2017, at 7:15 AM, Bright Zhao <<a href="mailto:startryst@gmail.com" class="">startryst@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class=""><div dir="auto" class="">I don't know why, but for my case, I reduced the tinc topology from a complex one(which provide layered redundancy) to a very simpled one(one connection), and that connection drop disappeared.</div><div dir="auto" class=""><br class=""></div><div dir="auto" class="">Later, let me draw the topology and share the config to you to see if there's any findings of the cause.</div><br class=""><div class="gmail_quote"><div class="">Guus Sliepen <<a href="mailto:guus@tinc-vpn.org" class="">guus@tinc-vpn.org</a>>于2017年9月14日 周四上午3:20写道:<br class=""></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On Wed, Sep 13, 2017 at 08:02:11PM +0100, Etienne Dechamps wrote:<br class="">
<br class="">
> It seems like that kind of problem could be solved by making sure that tinc<br class="">
> continues PINGing over TCP metaconnections even when an UDP tunnel is<br class="">
> established, to keep the metaconnection alive. In fact I was under the<br class="">
> impression that the 1.1 branch already did that or that I had submitted<br class="">
> some code to do that at some point in the past, but it looks like I maybe<br class="">
> be misremembering things.<br class="">
<br class="">
Tinc always sends regular PINGs over its metaconnections, regardless of<br class="">
what happens with UDP. This has been the case at least since 1.0 was<br class="">
released.<br class="">
<br class="">
--<br class="">
Met vriendelijke groet / with kind regards,<br class="">
Guus Sliepen <<a href="mailto:guus@tinc-vpn.org" target="_blank" class="">guus@tinc-vpn.org</a>><br class="">
_______________________________________________<br class="">
tinc mailing list<br class="">
<a href="mailto:tinc@tinc-vpn.org" target="_blank" class="">tinc@tinc-vpn.org</a><br class="">
<a href="https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" rel="noreferrer" target="_blank" class="">https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a><br class="">
</blockquote></div></div><div dir="ltr" class="">-- <br class=""></div><div class="gmail_signature" data-smartmail="gmail_signature">Sent from iPhone</div></div></blockquote></div><br class=""></div></div></div></body></html>