tinc and UDP
-
I have tinc running between my SG-3100 (2.4.5-RELEASE-p1 with tinc 1.0.35_2) and a Fresh Tomato router (2020.5 with tinc 1.1pre17-de7d5a0) over the Internet. The problem: I can't get them to use UDP to transfer data, which is needed to improve throughput.
With Wireshark, I can see the Tomato router periodically send a UDP packet to port 655 of the SG-3100. With tcpdump on the SG-3100, I can see those packets come in, but I don't see any UDP traffic come from tincd on the SG-3100. The tinc logs don't show anything interesting (to my untrained eyes) on either end even at debug level 5. I don't see any blocking of port 655 in the SG-3100 firewall logs. Neither end is using TCPOnly in their configs.
Any advice?
-
@nineeyes You need to add a firewall rule that passes tinc
-
@viktor_g I had that. I left out one key bit of information which I was unaware was relevant at the time: That is, my SG-3100 was running multiWAN and my Tomato router was behind it. I had issues with NAT reflection requirements that I did not sort out completely before giving up on that configuration.
I moved the Tomato router from behind the SG-3100 and put it directly on it's own WAN connection and then the Tinc UDP flowed fine in both directions.
How was the bandwidth using iperf3? Not great. At 15mbps the single core of the Tomato router (an Asus RT-AC66U) was maxed out while one of the cores of the SG-3100 never exceeded 16% running tincd.
