[Battlemesh] tinc.vpn: Already connected without actually being

cmsv cmsv at wirelesspt.net
Fri Jul 18 01:05:10 CEST 2014


Recently started to play with tinc and although there are quiet a few
pages online with tinc setups none of them is quite well organized or
complete. Also none is fully dedicated to openwrt.

The plan:
Simple/basic tinc vpn connectivity. No need to forward to the lan.

Problem:

daemon.notice tinc.vpn[1297]: tincd 1.0.21 (Feb 10 2014 23:44:53)
starting, debug level 1
daemon.info tinc.vpn[1297]: /dev/net/tun is a Linux tun/tap device (tun
mode)
daemon.notice tinc.vpn[1297]: Listening on 0.0.0.0 port 655
daemon.notice tinc.vpn[1297]: Ready
daemon.info tinc.vpn[1297]: Already connected to router2

And the setup is not even complete.

Current setup

# uci show tinc
tinc.vpn=tinc-net
tinc.vpn.enabled=1
tinc.vpn.generate_keys=0
tinc.vpn.key_size=2048
tinc.vpn.AddressFamily=any
tinc.vpn.DirectOnly=0
tinc.vpn.Forwarding=internal
tinc.vpn.Hostnames=0
tinc.vpn.IffOneQueue=0
tinc.vpn.Interface=tun
tinc.vpn.Mode=router
tinc.vpn.Name=router2
tinc.vpn.PingInterval=60
tinc.vpn.PingTimeout=5
tinc.vpn.PriorityInheritance=0
tinc.vpn.PrivateKeyFile=/etc/tinc/vpn/rsa_key.priv
tinc.vpn.ProcessPriority=normal
tinc.vpn.ReplayWindow=16
tinc.vpn.StrictSubnets=0
tinc.vpn.TunnelServer=0
tinc.vpn.debug=9
tinc.vpn.ConnectTo=router2
tinc.router2=tinc-host
tinc.router2.enabled=1
tinc.router2.net=vpn
tinc.router2.Address=router2.wirelesspt.net
tinc.router2.Cipher=blowfish
tinc.router2.ClampMSS=yes
tinc.router2.Compression=1
tinc.router2.Digest=sha256
tinc.router2.IndirectData=0
tinc.router2.MACLength=4
tinc.router2.PMTU=1514
tinc.router2.PMTUDiscovery=yes
tinc.router2.Port=655
tinc.router2.Subnet=192.168.1.0/24

(note: router2.wirelesspt.net is not even valid)


 cat /tmp/tinc/vpn/tinc.conf

DirectOnly = no
Hostnames = no
IffOneQueue = no
PriorityInheritance = no
StrictSubnets = no
TunnelServer = no
AddressFamily = any
ConnectTo = router2
Forwarding = internal
Interface = tun
Mode = router
Name = router2
PingInterval = 60
PingTimeout = 5
PrivateKeyFile = /etc/tinc/vpn/rsa_key.priv
ProcessPriority = normal
ReplayWindow = 16


 cat /tmp/tinc/vpn/hosts/router2

-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAwnEr+XfWj12nDKDSkEocMwAhi0LmUzV/JHm3orjoVkAFZemREdbe
bKEiBLQ9NiS5cx0AHwoNZhEVRIcqBsoq0+rl3uOWiJ7hFqS+TTHcD3Vnz2usFj/b
jhqAZlpciAq/fhQMx0kQjM5v8m9yVtY2aCZ9ZFs947TktjHxePYH/NWg+e3QtlxE
1FfsfNSaHDb1PuCBfj1lSqkxrzzabez1ZDMI1iZ+L0rM8bjYQUSaWPvRnhhz7ukT
+p7OouZ56P7h/bKXyi0tuYlG5DyjReA2dBDfEFnbIRUGTLTrg4aFlh4cNCfs6yIp
AViYkH27WhZLgUZzPfvOAbgZZa59qFr5FjJZBVBcLxR3qWCd/Cu31vE76r1Wuh4R
5x+pOXMydVxsQtd9HWGqbCv1tOsdXT80sPlhNBMcu6fZQ6/1UmBMqcUZ7G7vjynt
4dqEFgN3Y6txSgDdcIKns9/xgS/1LntM2KllTh3J7/aaytL1i7TF9UiNIIpNYE7t
UOK3ivex5CvauJDrODipLDUaTiWr6cquYoauJ3mE0vtgdKCwFJ4fiNCbJlpa4Y8z
w+Pn4+o2r1xuQjqPxtB7hO/Y7ERUh4litr9TL32Oi2Ms2A7vCjMbiuSZivEpubJA
usb7HMCh2doc0rL5Jxd8Xu0ZUuZAStuHLCwyjTXODyb+dlWQewSOLccCAwEAAQ==
-----END RSA PUBLIC KEY-----


IndirectData = no
Address = router2.wirelesspt.net
Cipher = blowfish
Compression = 1
Digest = sha256
MACLength = 4
PMTU = 1514
Port = 655
Subnet = 192.168.1.0/24


lsmod | grep tun
tun                    10640  2

pidof tincd

1890
netstat -napt | grep tincd

tcp        0      0 0.0.0.0:655             0.0.0.0:*
LISTEN      1710/tincd

logread | egrep  "tun|tinc"
mvwrt kern.info kernel: [  119.510000] tun: Universal TUN/TAP device
driver, 1.6
mvwrt kern.info kernel: [  119.520000] tun: (C) 1999-2004 Max
Krasnyansky <maxk at qualcomm.com>
mvwrt daemon.notice tinc.vpn[1710]: tincd 1.0.21 (Feb 10 2014 23:44:53)
starting, debug level 0
mvwrt daemon.info tinc.vpn[1710]: /dev/net/tun is a Linux tun/tap device
(tun mode)
mvwrt daemon.notice tinc.vpn[1710]: Ready


# /etc/init.d/tinc restart
Both netname and configuration directory given, using the latter...


How can it claim to be connected if there is no router2.
Also haven't even created tinc-up & tinc-down files





-- 
Site: http://wirelesspt.net
Mesh: http://tinyurl.com/wirelesspt
Chat: https://wirelesspt.net:6666
Admin: http://wirelesspt.net/wiki/Cmsv
Twitter: http://twitter.com/wirelesspt
Youtube: https://youtube.com/wirelesspt
Facebook: https://www.facebook.com/wirelesspt
Suporte t├ęcnico via sms: 91 19 11 798
Donativos/Paypal: http://tinyurl.com/fazer-donativo
Chave publica PGP/SSH: http://wirelesspt.net/arquivos/pk
Email ao abrigo de: https://creativecommons.org/licenses/by-nc-sa/3.0/pt/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x15C4B382.asc
Type: application/pgp-keys
Size: 36221 bytes
Desc: not available
URL: <http://ml.ninux.org/pipermail/battlemesh/attachments/20140717/e890142f/attachment-0003.key>


More information about the Battlemesh mailing list