Reliability of Tinc under load
Baptiste Jonglez
baptiste at bitsofnetworks.org
Tue Oct 28 18:54:47 CET 2014
On Tue, Oct 28, 2014 at 06:24:02PM +0100, Dominik George wrote:
> Hi,
>
> Tinc (1.0.24, GNU/Linux) has proven very unreliable under load.
>
> We have several nodes connected, and some of them use another node as
> default gateway to get a secured internet connection.
>
> Both of these nodes work great and have a stable link when nothing but
> ping probes pass over the link. However, running a full Debian
> dist-upgrade, downloading a big mailbox, or just typing quickly in a SSH
> session can make the Tinc connection break for seconds until it is
> re-established.
Couldn't this be a PMTU issue? My guess is that Tinc's UDP packets are
being silently dropped on the path when they reach a certain size. From
my experience, Tinc is generally clever about figuring out the optimal
packet size, but you never know.
> We first thought that this happens on one node because it is backed by a
> Wifi link, which is horrible for at least UDP,
TCP packets don't magically escape packet loss. I assume you use TCP
inside the tunnel. In that case, if Tinc's UDP packets are dropped by a
low-quality wifi link, then TCP *inside* your tunnel will react
appriopriately.
Baptiste
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20141028/d7568be1/attachment.sig>
More information about the tinc
mailing list