Problems with tinc 1.0.12

Sven-Haegar Koch haegar at sdinet.de
Fri Feb 5 14:55:14 CET 2010 

hallo,

today I have updated the first node of our tinc clout (33 tinc nodes 
currently) to 1.0.12 - all the others still use 1.0.10 or 1.0.11.

It seems the whole tinc link to already activated connections pauses 
when there is a name resolution or authentication timeout.

Feb  5 14:44:29 fwhh tinc.chaos[16262]: Already connected to royksopp
Feb  5 14:45:00 fwhh tinc.chaos[16262]: Error while looking up hostname: Temporary failure in name resolution
Feb  5 14:45:00 fwhh tinc.chaos[16262]: Connection from unknown port unknown
Feb  5 14:45:00 fwhh tinc.chaos[16262]: Connection closed by <unknown> (unknown port unknown)
Feb  5 14:45:00 fwhh tinc.chaos[16262]: Closing connection with <unknown> (unknown port unknown)
Feb  5 14:45:00 fwhh tinc.chaos[16262]: Old connection_t for <unknown> (unknown port unknown) status 0010 still lingering, deleting...

The the biggest part of the time between (for example) 14:44:29 and 
14:45:00 pings from another tinc node to a host on my network pause, and 
get delivered with a huge delay:

64 bytes from 172.31.17.213: icmp_seq=335 ttl=63 time=92.4 ms
64 bytes from 172.31.17.213: icmp_seq=336 ttl=63 time=10176 ms
64 bytes from 172.31.17.213: icmp_seq=337 ttl=63 time=9176 ms
64 bytes from 172.31.17.213: icmp_seq=338 ttl=63 time=8179 ms
64 bytes from 172.31.17.213: icmp_seq=339 ttl=63 time=7179 ms
64 bytes from 172.31.17.213: icmp_seq=340 ttl=63 time=6183 ms
64 bytes from 172.31.17.213: icmp_seq=341 ttl=63 time=5183 ms
64 bytes from 172.31.17.213: icmp_seq=342 ttl=63 time=4426 ms
64 bytes from 172.31.17.213: icmp_seq=343 ttl=63 time=3426 ms
64 bytes from 172.31.17.213: icmp_seq=344 ttl=63 time=2426 ms
64 bytes from 172.31.17.213: icmp_seq=345 ttl=63 time=1427 ms
64 bytes from 172.31.17.213: icmp_seq=346 ttl=63 time=427 ms
64 bytes from 172.31.17.213: icmp_seq=347 ttl=63 time=92.7 ms

This whole thing repeats 1-2 minutes later again, when the unknown peer 
tries to connect the next time - and I don't even have a way to see 
which machine it could be, as tinc only prints the <unknown> and not an 
ip address.

So at least a small feature request:
please print the ip address alongside the hostname in messages like

Feb  5 14:52:07 fwhh tinc.chaos[16262]: Connection with royksopp (anonymized.twcny.res.rr.com port 1446) activated
Feb  5 14:52:13 fwhh tinc.chaos[16262]: Timeout from royksopp (anonymized.twcny.res.rr.com port 665) during authentication

(Also some times the reverse-lookup from junk-providers do not match 
to a forward lookup, leaving me without any way to even turn it into an 
ip address or specify it to tcpdump and things)

c'ya
sven

-- 
Three may keep a secret, if two of them are dead.
- Ben F.

More information about the tinc mailing list