What/why this event happens: Can't write to Linux tun/tap device (tun mode) /dev/net/tun: Input/output error
Bright Zhao
startryst at gmail.com
Fri May 26 15:10:53 CEST 2017
Hi, Guus
Thanks a lot for your suggestion, actually I did something else as below.
But one question here is if I don’t add "/sbin/ifconfig myvpn 10.0.0.1 netmask 255.255.255.0”, it seems the crontab wouldn’t trigger tinc-up, and then the ip addr of myvpn wouldn’t be configured, then it will prompt the error of "Can't write to Linux tun/tap device (tun mode) /dev/net/tun: Input/output error”
So I have to manually add that ifconfig command, so how can I avoid to do that, and let the tincd to invoke the tinc-up script?
crontab -e (under root):
0 * * * * /root/add.sh >> /tmp/out.log 2>&1
30 * * * * /root/remove.sh >> /tmp/out.log 2>&1
/root/add.sh:
#!/bin/sh
echo Subnet = 54.169.128.0/17 >> /etc/tinc/myvpn/hosts/aws_sgp
echo Subnet = 54.169.0.0/17 >> /etc/tinc/myvpn/hosts/aws_sgp
/usr/sbin/tincd -n myvpn -k
sleep 1s
/usr/sbin/tincd -n myvpn --debug=3
/sbin/ifconfig myvpn 10.0.0.1 netmask 255.255.255.0
/root/remove.sh:
#!/bin/sh
sed -i '/54.169.128.0\/17/d' /etc/tinc/myvpn/hosts/aws_sgp
sed -i '/54.169.0.0\/17/d' /etc/tinc/myvpn/hosts/aws_sgp
/usr/sbin/tincd -n myvpn -k
sleep 1s
/usr/sbin/tincd -n myvpn --debug=3
/sbin/ifconfig myvpn 10.0.0.1 netmask 255.255.255.0
> On 26 May 2017, at 6:03 PM, Guus Sliepen <guus at tinc-vpn.org> wrote:
>
> On Fri, May 26, 2017 at 09:30:44AM +0800, Bright Zhao wrote:
>
>> Due to some routing rotation purpose, I use crontab to add below info:
>>
>> 0 * * * * echo Subnet = 54.169.128.0/17 >> /etc/tinc/myvpn/hosts/aws_sgp
>> 0 * * * * echo Subnet = 54.169.0.0/17 >> /etc/tinc/myvpn/hosts/aws_sgp
>> 1 * * * * /usr/sbin/tincd -n myvpn -k
>> 1 * * * * /usr/sbin/tincd -n myvpn --debug=3
>>
>> 30 * * * * sed -i '/54.169.128.0\/17/d' /etc/tinc/myvpn/hosts/aws_sgp
>> 30 * * * * sed -i '/54.169.0.0\/17/d' /etc/tinc/myvpn/hosts/aws_sgp
>> 31 * * * * /usr/sbin/tincd -n myvpn -k
>> 31 * * * * /usr/sbin/tincd -n myvpn --debug=3
>
> This is not the right way to do it. Cronjobs are being run in parallel.
> So if you both stop and start tinc at the same time, there is no
> guarantee that it will happen in the right order. The easiest way is to
> create two scripts, one that adds the Subnets and the other that removes
> them, and the other that adds them.
>
> Another issue is that with tinc 1.0, the -k option sends a TERM signal
> to the running tinc daemon, but it might take a little time before it
> actually stops. So add a sleep command inbetween, or check for
> /var/run/tinc.myvpn.pid to disappear.
>
> --
> Met vriendelijke groet / with kind regards,
> Guus Sliepen <guus at tinc-vpn.org>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20170526/3f08c182/attachment.html>
More information about the tinc
mailing list