Issue using tinc-vpn on Windows Server 1709 with Docker Overlay Network

Etienne Dechamps etienne at edechamps.fr
Sun May 20 10:58:01 CEST 2018 

Hi Marc,

A number of bugs have been found and fixed in the code that deals with
Windows devices in tinc 1.1:

https://github.com/gsliepen/tinc/pull/169
https://github.com/gsliepen/tinc/pull/173
https://github.com/gsliepen/tinc/pull/174
https://github.com/gsliepen/tinc/pull/181
https://github.com/gsliepen/tinc/pull/182

Unfortunately, these fixes have not made it in a tinc 1.1 release yet,
but when they do, I suspect you will observe improvements. Perhaps
Guus might be inclined to cut a release so that people can try them.

I would also suggest you try with the "old" TAP 9.0.0.9 driver (the
one that ships with tinc). In experiments I did about 3 years ago, the
TAP-Win32 9.0.0.21 branch (NDIS6) was not as fast and reliable with
tinc as legacy 9.0.0.9.

On 19 May 2018 at 11:26, Marc Hoersken <info at marc-hoersken.de> wrote:
> Hello everyone,
>
> I am running into the following error messages everytime I try to use a
> docker overlay network on top of tinc-vpn:
>
> Error getting read result from Windows tap device
> {F30C422F-4524-435F-A15B-71A7E08C260D}: (995) The I/O operation has been
> aborted because of either a thread exit or an application request.
> Received packet of 106 bytes from ... (... port 655)
> Writing packet of 106 bytes to Windows tap device
> Error while writing to Windows tap device
> {F30C422F-4524-435F-A15B-71A7E08C260D}: (995) The I/O operation has been
> aborted because of either a thread exit or an application request.
> Received packet of 74 bytes from ... (... port 655)
> Clamping MSS of packet from ... to ... to 1335
> Writing packet of 74 bytes to Windows tap device
> Error while checking previous write to Windows tap device
> {F30C422F-4524-435F-A15B-71A7E08C260D}: (996) Overlapped I/O event is
> not in a signaled state.
> Received packet of 106 bytes from ... (... port 655)
> Writing packet of 106 bytes to Windows tap device
> Error while checking previous write to Windows tap device
> {F30C422F-4524-435F-A15B-71A7E08C260D}: (996) Overlapped I/O event is
> not in a signaled state.
> Received packet of 106 bytes from ... (... port 655)
> Writing packet of 106 bytes to Windows tap device
> Error while checking previous write to Windows tap device
> {F30C422F-4524-435F-A15B-71A7E08C260D}: (996) Overlapped I/O event is
> not in a signaled state.
> Received packet of 106 bytes from ... (... port 655)
> Writing packet of 106 bytes to Windows tap device
> Error while checking previous write to Windows tap device
> {F30C422F-4524-435F-A15B-71A7E08C260D}: (996) Overlapped I/O event is
> not in a signaled state.
>
> It seems like this errors appear as soon as a VMSwitch is assigned or
> removed from the TAP device.
>
> Does anyone have any experience with running a docker overlay network
> (using a Windows VMSwitch) on top of a tinc-vpn device.
>
> I am using the following versions on top of tap-windows-9.21.2.exe:
>
> tinc.exe --version
> tinc version 1.1pre15 (built Sep  2 2017 21:59:06, protocol 17.7)
> Copyright (C) 1998-2017 Ivo Timmermans, Guus Sliepen and others.
> See the AUTHORS file for a complete list.
>
> docker version
> Client:
>  Version:      17.10.0-ee-preview-3
>  API version:  1.33
>  Go version:   go1.8.4
>  Git commit:   1649af8
>  Built:        Fri Oct  6 17:52:28 2017
>  OS/Arch:      windows/amd64
>
> Server:
>  Version:      17.10.0-ee-preview-3
>  API version:  1.34 (minimum version 1.24)
>  Go version:   go1.8.4
>  Git commit:   b8571fd
>  Built:        Fri Oct  6 18:01:48 2017
>  OS/Arch:      windows/amd64
>  Experimental: true
>
>
> Best regards,
> Marc
>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc

More information about the tinc mailing list