Strange Traffic Problem

Thu Apr 23 21:08:54 CEST 2015

I'm been experiencing a very very odd problem for the past several weeks and 
am throwing it out in case someone can shed some light on it for me.

There is a single box on our tinc mesh which can be pinged from all hosts, 
but cannot ping any. It is not limited to ping, the box cannot communicate 
over tinc. tinc is running in router mode for this mesh. ~30 other nodes 
function normally, with no differences in configuration other than name, key, 
and subnet. ~10 of these nodes are running on identical hardware and software 
(one such node in my own office). There are no issues outside of tinc. All 
host files are syncronized and identical.

TCPdump on other machines shows no incoming traffic from this box, but 
TCPdump on this box shows traffic 'exiting' via the tinc tun device. Having 
tried everything I could conceive of, for some reason I decided to start 
mucking with packet sizes. pinging with a data size of 26 bytes (total size 
34) works perfectly. Any larger size fails.

I've included some relevant informations below, keys are trimmed. Please let 
me know if you'd like something else.
I would greatly appreciate any help or even suggestions anyone can offer.

==============================================================================
Central Node (10.0.0.1) configurations:
==============================================================================
---------------------------------------
tinc.conf
---------------------------------------
Name=central

Mode=router
AddressFamily=any
BindToInterface=eth0

MaxTimeout=333
KeyExpire=888
PingInterval=88
PingTimeout=4

#Forwarding=kernel
TunnelServer=yes

---------------------------------------
hosts/central
---------------------------------------
Compression=10
PMTUDiscovery=yes
Subnet=10.0.0.0/28
Subnet=0.0.0.0/0#10

==============================================================================
My Office Node (10.13.1.1) configurations:
==============================================================================
---------------------------------------
tinc.conf
---------------------------------------
Name=$HOST

Mode=router
AddressFamily=any
BindToInterface=pppoe-wan

MaxTimeout=333
KeyExpire=888
PingInterval=44
PingTimeout=4
ProcessPriority=high
LocalDiscovery=yes

ConnectTo=central

---------------------------------------
hosts/myoffice
---------------------------------------
PMTUDiscovery=yes
Compression=10
Subnet=10.13.1.0/24

==============================================================================
Problem Node (10.24.1.1) configurations:
==============================================================================
---------------------------------------
tinc.conf
---------------------------------------
Name=$HOST

Mode=router
AddressFamily=any
BindToInterface=pppoe-wan

MaxTimeout=333
KeyExpire=888
PingInterval=44
PingTimeout=4
ProcessPriority=high
LocalDiscovery=yes

ConnectTo=central

---------------------------------------
hosts/problemnode
---------------------------------------
PMTUDiscovery=yes
Compression=10
Subnet=10.24.1.0/24

==============================================================================
Ping Output:
==============================================================================
[02:45 ~] root at problemnode # ping 10.0.0.1
PING 10.0.0.1 (10.0.0.1): 56 data bytes
^C
--- 10.0.0.1 ping statistics ---
4 packets transmitted, 0 packets received, 100% packet loss
[02:46 ~] root at problemnode ✗ ping -s 26 10.0.0.1
PING 10.0.0.1 (10.0.0.1): 26 data bytes
34 bytes from 10.0.0.1: seq=0 ttl=64 time=244.067 ms
34 bytes from 10.0.0.1: seq=1 ttl=64 time=244.342 ms
34 bytes from 10.0.0.1: seq=2 ttl=64 time=251.433 ms
34 bytes from 10.0.0.1: seq=3 ttl=64 time=246.311 ms
^C
--- 10.0.0.1 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 244.067/246.538/251.433 ms
[02:46 ~] root at problemnode # ping -s 27 10.0.0.1
PING 10.0.0.1 (10.0.0.1): 27 data bytes
^C
--- 10.0.0.1 ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss
[02:46 ~] root at problemnode ✗

-- 
-shikkc