I've tried to use tinc to access all computers and access points in different locations.
Two "servers" with white ip addresses (hercules and hydra).
Everything else are "clients" behind NAT or double NAT.
Several clients are in the same physical location and same local network (lyra, perseus, oriona, monoceros).
Internet connection sometimes is not very stable (maybe a few % packet drop), sometimes goes offline (a few minutes - a few hours). "Lyra" probably was also affected but rebooted several times even before i noticed network split.
I suspect ~15 december 23:39 there was some packet drop (but no offline) and tinc network splitted into two networks.
tinc version 1.1pre18 everywhere, rsa keys deleted, custom listening ports, no autoconnect (do i need one?).
192.168.111.0/24 - network with all tinc nodes
192.168.1.0/24, 192.168.2.0/24, .. - local networks with computers. not using routing at the moment. fyi
hostnames and ip addresses are redacted.
Servers configs
Server tinc-up
#!/bin/sh
ip link set $INTERFACE up
ip addr add 192.168.111.x/24 dev $INTERFACE
Server tinc.conf
name hercules
addressfamily ipv4
port 9242
device /dev/net/tun
connectto hydra
Server hosts/hercules
address y.y.y.y
port 9242
subnet 192.168.111.x/32
Ed25519PublicKey = ...
Clients configs
Client tinc-up
#!/bin/sh
ip link set $INTERFACE up
ip addr add 192.168.111.v/24 dev $INTERFACE
Client tinc.conf
name lyra
addressfamily ipv4
port 9242
connectto hercules
connectto hydra
Client hosts/lyra
subnet 192.168.111.v/32
Ed25519PublicKey = ...
Client hosts/hercules
address x.x.x.x
port 9242
subnet 192.168.111.x/32
Ed25519PublicKey = ...
Client hosts/hydra
address y.y.y.y
port 9242
subnet 192.168.111.y/32
Ed25519PublicKey = ...
Some logs
From hercules (server)
Dec 15 22:58:50 hercules tincd[257747]: Got REQ_KEY from orionb while we already started a SPTPS session!
Dec 15 23:40:31 hercules tincd[257747]: Got REQ_KEY from monoceros while we already started a SPTPS session!
Dec 15 23:40:31 hercules tincd[257747]: Got REQ_KEY from oriona while we already started a SPTPS session!
Dec 15 23:48:09 hercules tincd[257747]: Got REQ_KEY from oriona while we already started a SPTPS session!
Dec 16 00:09:11 hercules tincd[257747]: Got REQ_KEY from monoceros while we already started a SPTPS session!
Dec 17 02:23:10 hercules tincd[257747]: Metadata socket read error for taurus (q.w.e.r port 48788): Connection reset by peer
Dec 17 02:25:23 hercules tincd[257747]: Metadata socket read error for taurus (q.w.e.r port 57872): Connection reset by peer
From hydra (server)
Dec 15 22:19:37 hydra tincd[4750]: Got REQ_KEY from perseus while we already started a SPTPS session!
Dec 16 08:42:05 hydra tincd[4750]: Failed to decrypt and verify packet from orionc (s.h.s.y port 19144)
Dec 16 08:42:05 hydra tincd[4750]: Invalid packet seqno: 21640 != 0 from orionc (s.h.s.y port 19144)
Dec 16 08:42:05 hydra tincd[4750]: Invalid packet seqno: 21641 != 0 from orionc (s.h.s.y port 19144)
Dec 17 02:23:10 hydra tincd[4750]: Metadata socket read error for taurus (w.v.t.a port 34366): Connection reset by peer
Dec 17 02:25:23 hydra tincd[4750]: Metadata socket read error for taurus (w.v.t.a port 35518): Connection reset by peer
From monoceros (client)
Dec 15 23:39:57 monoceros lsiosmokeping[3464914]: DNS: 4.2.2.2: timeout (26 s) reached, killing the probe.
Dec 15 23:39:57 monoceros lsiosmokeping[3464914]: got TERM signal, terminating.
Dec 15 23:39:58 monoceros lsiosmokeping[3464914]: DNS: 4.2.2.1: timeout (26 s) reached, killing the probe.
Dec 15 23:39:58 monoceros lsiosmokeping[3464914]: got TERM signal, terminating.
Dec 15 23:40:31 monoceros tincd[42514]: Packet is 2642 seqs in the future, dropped (1) from hercules (y.y.y.y port 9242)
Dec 16 00:09:11 monoceros tincd[42514]: Packet is 3084 seqs in the future, dropped (1) from hercules (y.y.y.y port 9242)
Dec 16 00:48:09 monoceros tincd[42514]: Failed to decrypt and verify packet from oriona (x.x.x.x port 9242)
Dec 16 00:48:09 monoceros tincd[42514]: Invalid packet seqno: 2253 != 0 from oriona (x.x.x.x port 9242)
Dec 16 00:48:09 monoceros tincd[42514]: Invalid packet seqno: 2254 != 0 from oriona (x.x.x.x port 9242)
From perseus (client)
Dec 15 22:19:37 perseus tincd[149376]: Failed to decrypt and verify packet from hydra (z.z.z.z port 9242)
Dec 15 22:19:37 perseus tincd[149376]: Invalid packet seqno: 17814 != 0 from hydra (z.z.z.z port 9242)
Dec 15 22:19:37 perseus tincd[149376]: Invalid packet seqno: 17815 != 0 from hydra (z.z.z.z port 9242)
Dec 17 18:19:39 perseus tincd[149376]: Failed to decrypt and verify packet from oriona (x.x.x.x port 9242)
Dec 17 18:19:39 perseus tincd[149376]: Invalid packet seqno: 542 != 0 from oriona (x.x.x.x port 9242)
Dec 17 18:19:39 perseus tincd[149376]: Invalid packet seqno: 543 != 0 from oriona (x.x.x.x port 9242)
I've tried to use tinc to access all computers and access points in different locations. Two "servers" with white ip addresses (hercules and hydra). Everything else are "clients" behind NAT or double NAT.
Several clients are in the same physical location and same local network (lyra, perseus, oriona, monoceros). Internet connection sometimes is not very stable (maybe a few % packet drop), sometimes goes offline (a few minutes - a few hours). "Lyra" probably was also affected but rebooted several times even before i noticed network split.
I suspect ~15 december 23:39 there was some packet drop (but no offline) and tinc network splitted into two networks.
tinc version 1.1pre18 everywhere, rsa keys deleted, custom listening ports, no autoconnect (do i need one?). 192.168.111.0/24 - network with all tinc nodes 192.168.1.0/24, 192.168.2.0/24, .. - local networks with computers. not using routing at the moment. fyi
hostnames and ip addresses are redacted.
Servers configs
Server tinc-up
Server tinc.conf
Server hosts/hercules
Clients configs
Client tinc-up
Client tinc.conf
Client hosts/lyra
Client hosts/hercules
Client hosts/hydra
Some logs
From hercules (server)
From hydra (server)
From monoceros (client)
From perseus (client)