connectivity issues
Mike Bentzen
mike at bentzen.com.au
Sun May 12 03:49:24 CEST 2013
Hi Guus and List,
Since the CVE-2013-1428 was announced, I followed the recommendation to
update my windows machines to tinc1.1pre7.
I've had connectivity issues since upgrading. I've done some debugging
but I can't figure out when or why its happening.
All machines on the network are running Windows 7 or Windows 2008R2
Enterprise server and tinc 1.1pre7.
I've got one master node, which all machines connect to. Everything is
running in router mode.
All machines (apart from MIKEIPHONE and MIKEIPAD are connected to the
network and authenticated)
I've also recently changed the Forwarding variable on the master node
to: Forwarding = off, but I cannot remember how long ago this was, and
I'm not sure if this is what is causing the issue.
I don't want VPS01PP to route any VPN traffic, I only want it to be used
for establishing the connection between other nodes.
Example:
When trying to connect MIKEHOMEPC to MIKEDEV02, i get a destination
unreachable message.
VPN addresses: MIKEHOMEPC = 192.168.69.5/32, MIKEDEV02 = 192.168.69.3/32
Pinging 192.168.69.3 with 32 bytes of data:
Reply from 192.168.69.3: Destination net unreachable.
Reply from 192.168.69.3: Destination net unreachable.
Ping statistics for 192.168.69.3:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Control-C
^C
MIKEDEV02 is on, and is connected to the vpn.
--:MIKEDEV02:--
I can do a tincctl top, and I can see the following:
Tinc vpn Nodes: 8 Sort: name Current
Node IN pkts IN bytes OUT pkts OUT bytes
MIKEHOMEPC 0 0 0 0
MIKEIPAD 0 0 0 0
MIKEIPHONE 0 0 0 0
MIKELAPTOP 0 0 0 0
MIKEWORKPC 0 0 0 0
MIKEDEV01 0 0 0 0
MIKEDEV02 0 0 1 208
VPS01PP 1 208 0 0
I have been watching this top screen for about 2 minutes, and the in out
bytes flash between this screen and all 0's.
It's constant and does not vary.
tinc.vpn> dump edges
MIKEHOMEPC to VPS01PP at x.232.112.61 port 655 options c weight 115
MIKELAPTOP to VPS01PP at x.232.112.61 port 655 options c weight 343
MIKEWORKPC to VPS01PP at x.232.112.61 port 655 options c weight 46
MIKEDEV01 to VPS01PP at x.232.112.61 port 655 options c weight 76
MIKEDEV02 to VPS01PP at x.232.112.61 port 655 options c weight 87
VPS01PP to MIKEHOMEPC at x.241.100.155 port 655 options c weight 115
VPS01PP to MIKELAPTOP at x.241.100.155 port 655 options c weight 343
VPS01PP to MIKEWORKPC at x.62.187.113 port 655 options c weight 46
VPS01PP to MIKEDEV01 at x.62.187.113 port 655 options c weight 76
VPS01PP to MIKEDEV02 at x.62.187.113 port 655 options c weight 87
tinc.rgdevvpn>
From this screen, it seems that MIKEHOMEPC is only accessible via VPS01PP?
tinc.rgdevvpn> dump reachable nodes
MIKEHOMEPC at x.241.100.155 port 655 cipher 91 digest 64 maclength 4
compression 0 options c status 0018 nexthop VPS01PP via MIKEHOMEPC
distance 2 pmtu 1451 (min 0 max 1518)
MIKELAPTOP at x.241.100.155 port 655 cipher 91 digest 64 maclength 4
compression 0 options c status 0018 nexthop VPS01PP via MIKELAPTOP
distance 2 pmtu 1459 (min 0 max 1518)
MIKEWORKPC at x.62.187.113 port 655 cipher 91 digest 64 maclength 4
compression 0 options c status 0018 nexthop VPS01PP via MIKEWORKPC
distance 2 pmtu 1459 (min 0 max 1518)
MIKEDEV01 at x.62.187.113 port 655 cipher 0 digest 0 maclength 0
compression 0 options c status 0018 nexthop VPS01PP via MIKEDEV01
distance 2 pmtu 1518 (min 0 max 1518)
MIKEDEV02 at MYSELF port 655 cipher 0 digest 0 maclength 0 compression 0
options 200000c status 0018 nexthop MIKEDEV02 via MIKEDEV02 distance 0
pmtu 1518 (min 0 max 1518)
VPS01PP at x.232.112.61 port 655 cipher 91 digest 64 maclength 4
compression 0 options c status 009a nexthop VPS01PP via VPS01PP distance
1 pmtu 1459 (min 1459 max 1459)
tinc.rgdevvpn>
When I disconnect MIKEDEV02 from the VPN, and reconnect (restarting the
windows service), it works as expected until I've logged off and
finished what I was doing. Log back on, and I can't connect. I can
probably provide some debugging output and config shortly, if the reason
isn't obvious.
Any thoughts?
Thanks.
Mike
More information about the tinc
mailing list