5. Running tinc
If everything else is done, you can start tinc by typing the following command:
tinc will detach from the terminal and continue to run in the background like a good daemon.
If there are any problems however you can try to increase the debug level
and look in the syslog to find out what the problems are.
5.1 Runtime options
Besides the settings in the configuration file, tinc also accepts some
command line options.
- `--bypass-security'
- Disables encryption and authentication.
Only useful for debugging.
- `-c, --config=PATH'
- Read configuration options from the directory PATH. The default is
`/etc/tinc/netname/'.
- `-d, --debug=LEVEL'
- Set debug level to LEVEL. The higher the debug level, the more gets
logged. Everything goes via syslog.
- `-K, --generate-keys[=BITS]'
- Generate public/private keypair of BITS length. If BITS is not specified,
1024 is the default. tinc will ask where you want to store the files,
but will default to the configuration directory (you can use the -c or -n option
in combination with -K). After that, tinc will quit.
- `--help'
- Display a short reminder of these runtime options and terminate.
- `-k, --kill[=SIGNAL]'
- Attempt to kill a running tincd (optionally with the specified SIGNAL instead of SIGTERM) and exit.
Use it in conjunction with the -n option to make sure you kill the right tinc daemon.
- `-n, --net=NETNAME'
- Connect to net NETNAME. See section 4.2 Multiple networks.
- `-D, --no-detach'
- Don't fork and detach.
This will also disable the automatic restart mechanism for fatal errors.
- `-L, --mlock'
- Lock tinc into main memory.
This will prevent sensitive data like shared private keys to be written to the system swap files/partitions.
- `--version'
- Output version information and exit.
5.2 Error messages
What follows is a list of the most common error messages you can see
when configuring tinc. Most of these messages are visible in the syslog
only, so keep an eye on it!
- Could not open /dev/tap0: No such device
- You forgot to `modprobe netlink_dev' or `modprobe ethertap'.
- You forgot to compile `Netlink device emulation' in the kernel.
- Can't write to /dev/net/tun: No such device
- You forgot to `modprobe tun'.
- You forgot to compile `Universal TUN/TAP driver' in the kernel.
- Packet with destination 1.2.3.4 is looping back to us!
- Something is not configured right. Packets are being sent out to the
virtual network device, but according to the Subnet directives in your host configuration
file, those packets should go to your own host. Most common mistake is that
you have a Subnet line in your host configuration file with a prefix length which is
just as large as the prefix of the virtual network interface. The latter should in almost all
cases be larger. Rethink your configuration.
Note that you will only see this message if you specified a debug
level of 5 or higher!
- Chances are that a `Subnet = ...' line in the host configuration file of this tinc daemon is wrong.
Change it to a subnet that is accepted locally by another interface,
or if that is not the case, try changing the prefix length into /32.
- Network doesn't work, syslog shows only packets of length 46
- Network address and prefix length do not match!
- The Subnet field must contain a network address.
- If you only want to use one IP address, set the netmask to /32.
- This is a bug: net.c:253: 24: Some error
- This is something that should not have happened.
Please report this, and tell us exactly what went wrong before you got
this message. In normal operation, these errors should not occur.
- Error reading RSA key file `rsa_key.priv': No such file or directory
- You must specify the complete pathname.
Specifying a relative path does not make sense here. tinc changes its
directory to / when starting (to avoid keeping a mount point busy).
This document was generated
by root on September, 24 2002
using texi2html