[Netsukuku] Tinc Awesomeness!

[Miss Valeska]

Alright everyone! So, My friend and I were able, After much work, To 
connect our netsukuku nodes through tinc! What we did, Was, We installed 
tinc, We went to /etc/tinc, And we created the myvpn folder. Then, We 
created, Inside of that folder, A hosts folder. We, Then, Created a 
tinc.conf file in the myvpn folder. This is the tinc.conf file for me. 
This is probably case sensitive, So please be careful.

Name=MissValeska
ConnectTo=TincDaemon
My name on tinc is just MissValeska, And my friend's name is TincDaemon. 
So, That is simple enough. We, Then, Ran sudo tincd -n myvpn 
--generate-keys -K. This generated the keys we needed to connect to each 
other, And killed tincd afterwards. You'll have to press enter a few 
times to confirm the things it will ask you though.

In the hosts folder, A MissValeska file was created for me, Which 
contained my RSA Public key.

-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAxVOGFZbTC13IOT8R48B++LfNOlwiCE3H7AVns44ANyYOaVoq6fRl
Z07ryNqRARvoEy/VcoqK9/uJ988/lgIuSayy50FFH8AiVFn8tMISVKpk1T6zyCqZ
m5G4E3h2gwbYZkuc6rWu0Agq1cI0QRKpLLad6X3lD3fWp7sfMawCss018HV3gNHA
2v1Vo4hyiXXLqN2MQ80Exwk8irpWUnMYFQ3HEdo1BDORBVXBClxtn4avApVnemrJ
y+lQ58ZhlKB2g9F7+5HiYW2adQSdJydKfnjw6MpVvHztHL7Z2AW3+KowW7JkdCmg
kp2S+Ogs4yJ65c+lJ+MZcf3sY+oGjpm7gwIDAQAB
-----END RSA PUBLIC KEY-----

This is all mine is, Feel free to use it, You'll need my IP address 
though, I'll PM you that if you want to connect to me. This is just used 
for verifying that the RSA key the other person is saying is mine, 
Actually is mine.

Next, You'll need their RSA key, So copy it, And put it into a file of 
their username, This is probably case sensitive, So be careful, Both 
here, And in tinc.conf.

-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAvADTePAqnqkoit19Np2NfcBDhFd9Hnet5KHFFdBJ5RCUacBVhIWB
fqkcmv9aIApiHI4mYbKHhK8PqJ3HXGS96f/qXqPEvdDTwShLKPjxlBXtV+zmLReA
CjR4sPDK0cSKC0CunYnm7JI8ey8GX/QE12yslDHwZPNcHG2jxnXjbRkXN9GLxG1V
kcYv07TGwpF5130zSSXEF6EIhNx241xxiaSROuk6xcP75zqEJPfTB8GjNcPnDISS
bzdi+FRSC+/VCS9RE196mmanlX4HiE/TFpnH9EEqgTsLnkPedVT3cuQtVRvDOGXA
b2DdKcwUhBly6b/6C5qVYXuD08pswj6zlQIDAQAB
-----END RSA PUBLIC KEY-----
Address=friendIPhere

This is my friend's RSA key, Obviously with his IP replaced by 
friendIPhere. In this case, We both used the no-ip service. 
https://www.noip.com/ Which you must sign up for, And has a linux .deb 
file you can download here. 
http://launchpadlibrarian.net/26258014/noip2_2.1.9-3_amd64.deb

After setting all of that up, Just use the host name you set for 
yourself in the sign up process for the Address, And it should work 
fine. You MUST download and install that .deb file though! It will have 
configuration options as it is installing, This is crucial to 
registering your actual computer's IP address and such to the hostname 
you will be using from your no-ip account.

Now, After this, You can just run sudo service tinc start, And then sudo 
tincd -n myvpn

This should start tinc, However! You will NOT have tinc as an interface 
(in this case we just called it tinc, Instead of something like tinc0, 
Though, That would be best for minimum confusion.) until you set that up 
in your /etc/network, I modified my /etc/network/interfaces with this at 
the bottom of the file. Remember, The netmask and address are changable, 
I'm not sure what the netmask will entail in changing, But the address 
is just the IP address of the interface tinc. P.S, You can change the 
name of the tinc interface here, But changing tinc to what ever you'd 
like, However, It might require changes to the following files, I'm not 
certain though.

iface tinc inet static
        address 10.0.0.41
        netmask 255.0.0.0
        tinc-net myvpn
        tinc-debug 1
        tinc-mlock yes
        tinc-user nobody
        tinc-pidfile /tmp/tinc.pid
        tinc-logfile /var/log/tinc.log

I think the tinc files are created by default in the folders like 
/etc/network/if-up.d and /etc/network/if-pre-up.d, But, I'm not sure. 
This is what is in my if-up.d folder as a file called tinc.

#!/bin/sh

set -e

[ "$METHOD" = loopback ] && exit 0
[ -n "$IF_TINC_NET" ] && exit 0

invoke-rc.d tinc alarm || exit 0

This was in my if-pre-up.d folder as a file called tinc.

#!/bin/sh

set -x

[ -z "$IF_TINC_NET" ] && exit 0

# Read options from /etc/default

. /etc/default/tinc

# Read options from /etc/network/interfaces

[ -n "$IF_TINC_CONFIG" ]          && EXTRA="$EXTRA -c $IF_TINC_CONFIG"
[ -n "$IF_TINC_DEBUG" ]           && EXTRA="$EXTRA -d$IF_TINC_DEBUG"
[ -n "$IF_TINC_MLOCK" ]           && EXTRA="$EXTRA --mlock"
[ -n "$IF_TINC_LOGFILE" ]         && EXTRA="$EXTRA 
--logfile=$IF_TINC_LOGFILE"
[ -n "$IF_TINC_PIDFILE" ]         && EXTRA="$EXTRA 
--pidfile=$IF_TINC_PIDFILE" || 
IF_TINC_PIDFILE=/var/run/tinc.$IF_TINC_NET.pid
[ -n "$IF_TINC_CHROOT" ]          && EXTRA="$EXTRA --chroot"
[ -n "$IF_TINC_USER" ]            && EXTRA="$EXTRA --user=$IF_TINC_USER"

set -e

# Start tinc daemon

/usr/sbin/tincd -n "$IF_TINC_NET" -o "Interface=$IFACE" $EXTRA

# Wait for it to come up properly

sleep 0.1
i=0;
while [ ! -f "$IF_TINC_PIDFILE" ] ; do
    if [ $i = '30' ] ; then
        echo 'Failed to start tinc daemon!'
        exit 1
    fi
    sleep 0.1
    i=$(($i+1))
done

exit 0


So, We just ran netsukuku by running sudo ntkd -i tinc -v 2 at this 
point, Which worked fine. However, We couldn't work out how to ping each 
other, Pinging myself (10.0.0.41) worked. However, Pinging him through 
the tinc interface, Resulted in

ping: bad timing interval.

Which, Also, Occured for me when I tried to ping myself through that 
interface, Though that makes more sense for me. However, I don't know 
what this command means entirely, Anyway, Here is the terminal log of that.

missvaleska@missvaleska-GA-970A-D3:~$ ping -i tinc 10.0.0.42
ping: bad timing interval.
missvaleska@missvaleska-GA-970A-D3:~$ ping -i tinc 10.0.0.41
ping: bad timing interval.
missvaleska@missvaleska-GA-970A-D3:~$ ping 10.0.0.41
PING 10.0.0.41 (10.0.0.41) 56(84) bytes of data.
64 bytes from 10.0.0.41: icmp_req=1 ttl=64 time=0.032 ms
64 bytes from 10.0.0.41: icmp_req=2 ttl=64 time=0.030 ms
64 bytes from 10.0.0.41: icmp_req=3 ttl=64 time=0.024 ms
64 bytes from 10.0.0.41: icmp_req=4 ttl=64 time=0.030 ms
^C
--- 10.0.0.41 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2997ms
rtt min/avg/max/mdev = 0.024/0.029/0.032/0.003 ms
missvaleska@missvaleska-GA-970A-D3:~$ ping 10.0.0.42
connect: Network is unreachable
missvaleska@missvaleska-GA-970A-D3:~$ ping 10.0.0.41
PING 10.0.0.41 (10.0.0.41) 56(84) bytes of data.
64 bytes from 10.0.0.41: icmp_req=1 ttl=64 time=0.044 ms
64 bytes from 10.0.0.41: icmp_req=2 ttl=64 time=0.031 ms
^C
--- 10.0.0.41 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.031/0.037/0.044/0.008 ms
missvaleska@missvaleska-GA-970A-D3:~$


We tried pinging google through tinc using the internet sharing feature, 
It just universally said, Destination network unknown, However 
google.com.inet (Which I thought would tell netsukuku, This is an 
internet address, And how to resolve it.) just said ping: unknown host 
google.com.inet

Which is great, I think! Because, Then it means it is connected to the 
internet, It just doesn't know how to connect to google.com. (I tried 
pinging 8.8.8.8, Thinking it might be a DNS issue. It resulted in the 
same error, Though, Ping never told me it couldn't find it, I could only 
figure it out using wireshark.) Anyway, Here are the wireshark logs too, 
I hope this was helpful!
_______________________________________________
Netsukuku mailing list
Netsukuku@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/netsukuku