Hello,yes it works fine now.In some reason I have high pings:root@farengeit:~# ping 172.16.0.1PING 172.16.0.1 (172.16.0.1) 56(84) bytes of data.64 bytes from 172.16.0.1: icmp_seq=1 ttl=64 time=1.15 ms64 bytes from 172.16.0.1: icmp_seq=2 ttl=64 time=2.24 ms64 bytes from 172.16.0.1: icmp_seq=3 ttl=64 time=4.36 ms64 bytes from 172.16.0.1: icmp_seq=4 ttl=64 time=3.75 ms64 bytes from 172.16.0.1: icmp_seq=5 ttl=64 time=4.70 ms64 bytes from 172.16.0.1: icmp_seq=6 ttl=64 time=3.76 ms64 bytes from 172.16.0.1: icmp_seq=7 ttl=64 time=4.39 msBoth machines are on the same laptop, if you rememberAlso I created user manual.I will publish this on my blog too.Example of Usage on Ubuntu 14.04 or Centos 6.6Both VMs are Ubuntu Server:Server EXT IP: 172.25.60.62Client EXT IP: 172.25.60.63====INSTALLATION PART=====Install dependencies:# apt-get install uml-utilities# apt-get install golang====COMPILATION PART=====On both CLIENT and SERVER do:Download tarball here:Fore example last stable:Extract archive and compile the code# tar xvf govpn-3.2.tar.xz# cd govpn-3.2# mkdir -p peers# makeOn SERVER:This is number of CPU's# export GOMAXPROC=4# cd govpn-3.2Create new client:# ./utils/newclient.sh AlicePlace verifier to peers/6d4ac605ce8dc37c2f0bf21cb542a713/verifier6d4ac605ce8dc37c2f0bf21cb542a713 - This is Client IDOn CLIENT:# ./utils/storekey.sh /tmp/passphraseEnter passphrase:[my secure passphrase is here]Id - this is number generated on server with script newclient.sh:# govpn-verifier -id 6d4ac605ce8dc37c2f0bf21cb542a713 -key /tmp/passphrase562556cc9ecf0019b4cf45bcdf42706944ae9b3ac7c73ad299d83f2d5a169c55562556cc9ecf0019b4cf45bcdf42706944ae9b3ac7c73ad299d83f2d5a169c55 - this number is verifierRemove file:# rm /tmp/passphraseOn SERVER:# cd govpn-3.2Put verifier to file and save it:# vim peers/6d4ac605ce8dc37c2f0bf21cb542a713/verifier562556cc9ecf0019b4cf45bcdf42706944ae9b3ac7c73ad299d83f2d5a169c55====RUN PART=====On SERVER:# echo "echo tap10" >> peers/6d4ac605ce8dc37c2f0bf21cb542a713/up.sh# tunctl -t tap10# ip link set mtu 1432 dev tap10# ip addr add 172.16.0.1/24 dev tap10# ip link set up dev tap10=# ifconfig tap10 up# ifup tap10Run the daemon:# govpn-server -bind 172.25.60.62:1194 -mtu 1472On CLIENT:# umask 066# utils/storekey.sh key.txt# tunctl -t tap10# ip link set mtu 1432 dev tap10# ip addr add 172.16.0.2/24 dev tap10# ip link set up dev tap10# ip route add default via 172.16.0.1# ifconfig tap10 up# ifup tap10Run the daemon:# govpn-client -key key.txt -id 6d4ac605ce8dc37c2f0bf21cb542a713 -iface tap10 -remote 172.25.60.62:1194 -mtu 1472Check that tunnel works, do ping from CLIENT to SERVER:# ping 172.16.0.1PING 172.16.0.1 (172.16.0.1) 56(84) bytes of data.64 bytes from 172.16.0.1: icmp_seq=1 ttl=64 time=1.15 ms64 bytes from 172.16.0.1: icmp_seq=2 ttl=64 time=2.24 ms64 bytes from 172.16.0.1: icmp_seq=3 ttl=64 time=4.36 ms======================================================================I will continue test to see how stable is tunnel and why pings are so high.Also I will create tunnel between machines in USA and ISRAEL to check its performance.In future, I want to create deb and rpm packages for it too, but before need to do checksAlex.--On Wed, May 13, 2015 at 7:52 PM, <stargrave@stargrave.org> wrote:Greetings,
*** Alan Holt [2015-05-13 18:21]:
>*You can see on attached screenshot that both interface are up.*
But interface on the server side is no "RUNNING", as client's do.
Does up.sh in server's peer subdirectory contain something like echo
tap10? Will "ifconfig tap10 up" (or "ip link set up dev tap10") help?
>Looks like no traffic can go trough the tunnel.
I think that tunnel works (you can listen tcpdump over unencrypted
network part), but server's TAP is not running.
In FreeBSD I had to turn sysctl options:
net.link.tap.user_open=1
net.link.tap.up_on_open=1
The second one up-s the interface when tap device is opened. Maybe
something similar is needed under GNU/Linux (currently I do not have any
working under the hand).
--
Happy hacking, Sergey Matveev
בברכה,אלכס ברבר+9 72 54 285 952 3--Best regards.Alex Berber+9 72 54 285 952 3