No error output when fail to handshake due to OS time difference - Githubissues

ntop / n2n

Peer-to-peer VPN

GNU General Public License v3.0

6.05k stars 925 forks source link

No error output when fail to handshake due to OS time difference #1159

Open sweihub opened 7 months ago

sweihub commented 7 months ago

Hi,

I am using the v3.0 stable, I found that when the supernode encryption mode was on, and if the supernode OS and edge OS have time difference, usually above 1 minute, the edge failed to join the N2N, and no error output.

After time sync in both supernode and edge, the issue was solved. Would you add relevant error output when the underlayer failed to handshake due to encrypt/decrypt issue?

My supernode config

/usr/bin/supernode -f -p 12345 -v -F ABC -c /etc/n2n/community.list

My edge config

edge.conf
=========
-f
-l x.x.x.x:12345
-r
-E
-z2
-m 02:e7:89:72:2a:32
-d n2n
--persistent
-c boston
-I node
-J PASSWORD
-P XXXXXXXXbLkp465qQ0dwNUmZia70QKG6XXXXXXX
-A5
-k SecretKey
-a 10.120.10.x/16

Logan007 commented 6 months ago

Yes, system clocks need to be somewhat in sync with header encryption enabled.

I just looked it up, there actually is an error message implemented for example here and some other places, but on TRACE_DEBUG level only so you can only see it when you run edge with -vvvvv, so when on bug hunt already.

Alternatively, you could just upgrade the error message level to TRACE_NORMAL in the code. I would advise against it because if this error occurs, you will get it for every packet arriving which would most likely look overwhelming in your regular log output.