If you have a common problem or question, you will probably be able to find an answer here. If it is not here, and even the documentation is of no help, please contact the authors.
-[[!toc levels=2]]
+---
-##Error messages
+[[!toc levels=2]]
-### Tinc doesn't start, but doesn't show an error message
+## Error messages
-If you're are using tinc 1.0.2, chances are tinc cannot write the pidfile. Normally tinc would tell you this, but in this particular version that error message is missing. When starting tinc, add --pidfile=/tmp/tinc.pid or run mkdir -p /usr/local/var/run to solve this problem.
+### Bogus data received
-This bug is fixed in 1.0.3.
+ Jan 1 12:00:00 host tinc.net[1234]: Bogus data received from node (192.0.43.10)
-### File descriptor in bad state
+Tinc tries to connect to another node but reports that bogus data has been received.
+This problem is almost always caused by a problem with the RSA keys from one of the nodes.
+Check that there is only one key in each rsa_key.priv and in each host config file.
+Also make sure that the host config files with the same name contain the same key on both nodes.
+When in doubt, remove the rsa_key.priv files, remove the public keys from the host config files, generate new keys and distribute them again.
- Jan 1 12:00:00 host tinc.net[1234]: Error while reading from ethertap device: File descriptor in bad state
+### Cannot ping the other node(s)
-Due to some changes in the header files in recent Linux 2.4 kernels, a tinc daemon that is not recompiled against your kernel headers will fail to work. You must recompile tinc and make sure it uses the header files from the kernel source tree. Some distributions ship with their own copy of these files in /usr/include/linux, you can explicitly override this by running ./configure --with-kernel=[path to kernel source].
+ PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
+ From 192.168.1.1 icmp_seq=1 Destination Net Unknown
-### Tinc stops functioning after a few hours
+Or when logging with debug level 5:
-There is a small bug in the tinc 1.0pre4 tarball which prevents tinc from notifying the other daemons that its key has expired. One workaround is to edit tinc.conf and add KeyExpire = 30000000, which will set the lifetime of a key to roughly one year.
+ Jan 1 12:00:00 host tinc.net[1234]: Cannot route packet from node (MYSELF): unknown IPv4 destination address 192.168.1.1
-The bug is fixed in 1.0pre5 and later versions.
+When trying to ping another node, it can happen that there is no response.
+First, check that the other node is really online, and that tinc has made a connection with it.
+When running tinc in router mode (which is the default),
+check that the node you are trying to reach has a Subnet statement in its host config file that contains the IP address you are trying to reach.
### Packets looping back to us
A packet is received from the tapdevice, and tinc tries to send it to the right destination, but finds out that this packet should be send to itself. Chances are that a "Subnet = ..." line in the host configuration file of this tinc daemon is wrong. Change it to a subnet that is accepted locally by another interface, or if that is not the case, try changing the prefix length into /32.
-### Address family not supported by protocol
-
- Jan 1 12:00:00 host tinc.net[1234]: Creating metasocket failed: Address family not supported by protocol
- Jan 1 12:00:00 host tinc.net[1234]: Ready
-
-This is not an error, but a warning. Tinc 1.0 and later try to create IPv6 sockets by default. If your kernel has no support for IPv6, this message is logged. However, if tinc logs "Ready", an IPv4 socket was created without problems, and that one will be used. You can ignore this message, or prevent it from appearing in your logs by adding the following to tinc.conf:
-
- AddressFamily = ipv4
-
## Platform specific questions
### Error while writing to Generic BSD tap device /dev/tap0: Input/output error on MacOSX or *BSD
If you are still having trouble, check that you have the tun/tap devices installed and configured for your kernel.
+### Is there an app for tinc?
-### No TAP-Win32 interface under Windows XP SP2
+Tinc itself supports many platforms, and in principle supports mobile platforms such as Android and iOS as well.
+However, on this website you will only find the source code (with some exceptions).
+Ready-to-install packages or apps are mostly made by third parties.
-Because of changes in Windows XP since SP2, the TAP-Win32 driver distributed with the tinc-1.0.2 installer doesn't work correctly. Remove all tap devices (use deltapall.bat) and install tinc 1.0.4.
+For Android, there are two apps available: [tincapp.pacien.org](http://tincapp.pacien.org/) or [tinc_gui.poirsouille.org](https://play.google.com/store/apps/details?id=org.poirsouille.tinc_gui).
## Generic questions
Other reasons to use tinc instead of other solutions:
* Although tinc uses a non-standard protocol, it does not suffer from the inefficiencies of most of the standard protocols.
-* The executable is very small, less than 100 kilobytes, the virtual memory footprint is about 4 megabytes (this includes the libraries it uses).
-
-### Is there a MS Windows client for tinc?
-
-> Question: We are about to use a Linux machine as a firewall to protect our office setup. We are interested in using tinc to allow us to VPN through the firewall from home however home machines have a tendency to be running "that" operating system, the one from Redmond. Is there a tinc compatible VPN client for machines running Microsoft operating systems?
-
-As of tinc 1.0, Windows 2000 and XP are supported. It uses the TAP-Win32 driver as a virtual network device. There are two ways of compiling tinc: in a Cygwin environment or in a MinGW environment. The former provides a complete UNIX environment with all facilities common to UNIX. When compiled with Cygwin, tinc must be run in the Cygwin environment, but native Windows programs will also be able to use the VPN. When compiled with MinGW, tinc will be a native Windows program. When started, it will register itself as a service, which will run in the background and will be restarted after reboots.
+* The executable is very small, less than 150 kilobytes, the real memory usage is usually about 2 megabytes.
projects / wiki / blobdiff