On 2017-02-21 12:38, Tomasz Chmielewski wrote:
I have the following tinc setup:
client -- tinc DC1 -- tinc DC2 -- 10.1.2.0/24 subnet
It generally works well, however, there is one issue I'm not able to
solve: *sometimes*, connectivity to *some* destinations does not work
for the first few seconds.
I was able to reproduce it reliably in the following simplified
scenario:
tinc DC1 -- tinc DC2 -- MASQUERADE -- 10.1.2.3 (webserver)
Script to reproduce (it tries to fetch the URL for 5 seconds, exits if
it fails):
#!/bin/bash
set -e
i=1
while true ; do
echo "Run number $i"
curl -s -m 5 10.1.2.3/XXXXXXXX >/dev/null
echo $?
i=$((i+1))
done
Usually, it will break after about 30 iterations.
"time curl -s -m 5 10.1.2.3/XXXXXXXX" takes around 0.2-0.3 secs to
execute - so 5 seconds should be enough time.
tshark shows "TCP Spurious Retransmission" for cases where curl is not
able to fetch any data.
Both tinc servers are running Ubuntu 16.04 (64 bit) with tinc 1.0.26.
DC1 is Europe (Hetzner); DC2 is in USA (Amazon AWS).
What's interesting, I don't have these timeouts when I replace tinc with
openvpn.
Any help appreciated!
Tomasz Chmielewski
https://lxadm.com
_______________________________________________
tinc mailing list
[email protected]
https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
