Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🐛 BUG: Simultaneous reload caused connection failure between two hosts #1066

Closed
Cyberes opened this issue Jan 30, 2024 · 2 comments
Closed

🐛 BUG: Simultaneous reload caused connection failure between two hosts #1066

Cyberes opened this issue Jan 30, 2024 · 2 comments

Comments

@Cyberes
Copy link

Cyberes commented Jan 30, 2024
edited
Loading

What version of nebula are you using?

1.7.2 (on all hosts)

What operating system are you using?

Linux

Describe the Bug

When I reloaded Nebula on two hosts at the same time (via Ansible), the connection between them was broken and unable to be reestablished until Nebula on one of the hosts was restarted.

Logs from affected hosts

Logs from host HOST-CA:

Jan 29 19:55:47 HOST-CA systemd[1]: Reloading nebula...
Jan 29 19:55:47 HOST-CA nebula[686]: time="2024-01-29T19:55:47-07:00" level=info msg="Caught HUP, reloading config"
Jan 29 19:55:47 HOST-CA systemd[1]: Reloaded nebula.
Jan 29 19:55:47 HOST-CA nebula[686]: time="2024-01-29T19:55:47-07:00" level=info msg="Trusted CA certificates refreshed" fingerprints="[...]"
Jan 29 19:55:47 HOST-CA nebula[686]: time="2024-01-29T19:55:47-07:00" level=info msg="Client cert refreshed from disk" cert="..."
Jan 29 19:55:47 HOST-CA nebula[686]: time="2024-01-29T19:55:47-07:00" level=info msg="listen.read_buffer was set" size=20971520
Jan 29 19:55:47 HOST-CA nebula[686]: time="2024-01-29T19:55:47-07:00" level=info msg="listen.write_buffer was set" size=20971520
Jan 29 19:55:48 HOST-CA nebula[686]: time="2024-01-29T19:55:48-07:00" level=info msg="Re-handshaking with remote" reason="local certificate is not current" vpnIp=172.0.2.120
Jan 29 19:55:48 HOST-CA nebula[686]: time="2024-01-29T19:55:48-07:00" level=info msg="Handshake message sent" handshake="map[stage:1 style:ix_psk0]" initiatorIndex=4242092807 localIndex=4242092807 remoteIndex=0 udpAddrs="[...]" vpnIp=172.0.2.120
Jan 29 19:55:48 HOST-CA nebula[686]: time="2024-01-29T19:55:48-07:00" level=info msg="Attempt to relay through hosts" localIndex=4242092807 relays="[172.0.0.2 172.0.0.3 172.0.0.2 172.0.0.3]" remoteIndex=0 vpnIp=172.0.2.120
Jan 29 19:55:48 HOST-CA nebula[686]: time="2024-01-29T19:55:48-07:00" level=info msg="Send handshake via relay" localIndex=4242092807 relay=172.0.0.2 remoteIndex=0 vpnIp=172.0.2.120
Jan 29 19:55:48 HOST-CA nebula[686]: time="2024-01-29T19:55:48-07:00" level=info msg="send CreateRelayRequest" initiatorRelayIndex=903961414 relay=172.0.0.3 relayFrom=172.0.3.109 relayTo=172.0.2.120
Jan 29 19:55:48 HOST-CA nebula[686]: time="2024-01-29T19:55:48-07:00" level=info msg="Send handshake via relay" localIndex=4242092807 relay=172.0.0.2 remoteIndex=0 vpnIp=172.0.2.120
Jan 29 19:55:48 HOST-CA nebula[686]: time="2024-01-29T19:55:48-07:00" level=info msg="Re-send CreateRelay request" localIndex=4242092807 relay=172.0.0.3 remoteIndex=0 vpnIp=172.0.2.120
Jan 29 19:55:48 HOST-CA nebula[686]: time="2024-01-29T19:55:48-07:00" level=info msg="send CreateRelayRequest" initiatorRelayIndex=903961414 relay=172.0.0.3 relayFrom=172.0.3.109 relayTo=172.0.2.120
Jan 29 19:55:48 HOST-CA nebula[686]: time="2024-01-29T19:55:48-07:00" level=info msg=handleCreateRelayResponse initiatorRelayIndex=903961414 relayFrom=172.0.3.109 relayTo=172.0.2.120 responderRelayIndex=4235542184 vpnIp=172.0.0.3
Jan 29 19:55:48 HOST-CA nebula[686]: time="2024-01-29T19:55:48-07:00" level=info msg="Attempt to relay through hosts" localIndex=4242092807 relays="[172.0.0.2 172.0.0.3 172.0.0.2 172.0.0.3]" remoteIndex=0 vpnIp=172.0.2.120
Jan 29 19:55:48 HOST-CA nebula[686]: time="2024-01-29T19:55:48-07:00" level=info msg="Send handshake via relay" localIndex=4242092807 relay=172.0.0.2 remoteIndex=0 vpnIp=172.0.2.120
Jan 29 19:55:48 HOST-CA nebula[686]: time="2024-01-29T19:55:48-07:00" level=info msg="Send handshake via relay" localIndex=4242092807 relay=172.0.0.3 remoteIndex=0 vpnIp=172.0.2.120
Jan 29 19:55:48 HOST-CA nebula[686]: time="2024-01-29T19:55:48-07:00" level=info msg="Send handshake via relay" localIndex=4242092807 relay=172.0.0.2 remoteIndex=0 vpnIp=172.0.2.120
Jan 29 19:55:48 HOST-CA nebula[686]: time="2024-01-29T19:55:48-07:00" level=info msg="Send handshake via relay" localIndex=4242092807 relay=172.0.0.3 remoteIndex=0 vpnIp=172.0.2.120
Jan 29 19:55:48 HOST-CA nebula[686]: time="2024-01-29T19:55:48-07:00" level=info msg="Handshake message received" certName=nginx durationNs=294188193 fingerprint=... handshake="map[stage:2 style:ix_psk0]" initiatorIndex=4242092807 issuer=... remoteIndex=4242092807 responderIndex=1332314981 sentCachedPackets=0 udpAddr="..." vpnIp=172.0.2.120
Jan 29 19:55:50 HOST-CA nebula[686]: time="2024-01-29T19:55:50-07:00" level=info msg="Re-handshaking with remote" reason="local certificate is not current" vpnIp=172.0.0.3
Jan 29 19:55:50 HOST-CA nebula[686]: time="2024-01-29T19:55:50-07:00" level=info msg="Re-handshaking with remote" reason="local certificate is not current" vpnIp=172.0.0.2
Jan 29 19:55:50 HOST-CA nebula[686]: time="2024-01-29T19:55:50-07:00" level=info msg="Handshake message sent" handshake="map[stage:1 style:ix_psk0]" initiatorIndex=2902814933 localIndex=2902814933 remoteIndex=0 udpAddrs="[146.190.118.198:4242]" vpnIp=172.0.0.3
Jan 29 19:55:50 HOST-CA nebula[686]: time="2024-01-29T19:55:50-07:00" level=info msg="Handshake message sent" handshake="map[stage:1 style:ix_psk0]" initiatorIndex=2565487819 localIndex=2565487819 remoteIndex=0 udpAddrs="[137.184.245.206:4242]" vpnIp=172.0.0.2
Jan 29 19:55:50 HOST-CA nebula[686]: time="2024-01-29T19:55:50-07:00" level=info msg="Re-handshaking with remote" reason="local certificate is not current" vpnIp=172.0.2.116
Jan 29 19:55:50 HOST-CA nebula[686]: time="2024-01-29T19:55:50-07:00" level=info msg="Handshake message received" certName=failover_cloud_proxy durationNs=38345880 fingerprint=... handshake="map[stage:2 style:ix_psk0]" initiatorIndex=2902814933 issuer=... remoteIndex=2902814933 responderIndex=1011784885 sentCachedPackets=0 udpAddr="..." vpnIp=172.0.0.3
Jan 29 19:55:50 HOST-CA nebula[686]: time="2024-01-29T19:55:50-07:00" level=info msg="Handshake message sent" handshake="map[stage:1 style:ix_psk0]" initiatorIndex=1826885568 localIndex=1826885568 remoteIndex=0 udpAddrs="[71.218.159.95:50754 71.218.159.95:65459 10.0.0.12:56118]" vpnIp=172.0.2.116
Jan 29 19:55:50 HOST-CA nebula[686]: time="2024-01-29T19:55:50-07:00" level=info msg="Attempt to relay through hosts" localIndex=1826885568 relays="[172.0.0.2 172.0.0.3 172.0.0.2 172.0.0.3]" remoteIndex=0 vpnIp=172.0.2.116
Jan 29 19:55:50 HOST-CA nebula[686]: time="2024-01-29T19:55:50-07:00" level=info msg="Send handshake via relay" localIndex=1826885568 relay=172.0.0.2 remoteIndex=0 vpnIp=172.0.2.116
Jan 29 19:55:50 HOST-CA nebula[686]: time="2024-01-29T19:55:50-07:00" level=info msg="send CreateRelayRequest" initiatorRelayIndex=164158769 relay=172.0.0.3 relayFrom=172.0.3.109 relayTo=172.0.2.116
Jan 29 19:55:50 HOST-CA nebula[686]: time="2024-01-29T19:55:50-07:00" level=info msg="Send handshake via relay" localIndex=1826885568 relay=172.0.0.2 remoteIndex=0 vpnIp=172.0.2.116
Jan 29 19:55:50 HOST-CA nebula[686]: time="2024-01-29T19:55:50-07:00" level=info msg="Re-send CreateRelay request" localIndex=1826885568 relay=172.0.0.3 remoteIndex=0 vpnIp=172.0.2.116
Jan 29 19:55:50 HOST-CA nebula[686]: time="2024-01-29T19:55:50-07:00" level=info msg="send CreateRelayRequest" initiatorRelayIndex=164158769 relay=172.0.0.3 relayFrom=172.0.3.109 relayTo=172.0.2.116
Jan 29 19:55:50 HOST-CA nebula[686]: time="2024-01-29T19:55:50-07:00" level=info msg="Handshake message received" certName=cloud_proxy durationNs=43795775 fingerprint=... handshake="map[stage:2 style:ix_psk0]" initiatorIndex=2565487819 issuer=... remoteIndex=2565487819 responderIndex=3894813585 sentCachedPackets=0 udpAddr="..." vpnIp=172.0.0.2
Jan 29 19:55:50 HOST-CA nebula[686]: time="2024-01-29T19:55:50-07:00" level=info msg="Handshake message received" certName=syslog durationNs=128537528 fingerprint=... handshake="map[stage:2 style:ix_psk0]" initiatorIndex=1826885568 issuer=... remoteIndex=1826885568 responderIndex=1831610286 sentCachedPackets=0 udpAddr="..." vpnIp=172.0.2.116
Jan 29 19:55:53 HOST-CA nebula[686]: time="2024-01-29T19:55:53-07:00" level=info msg="send CreateRelayRequest" initiatorRelayIndex=2329087363 relayFrom=172.0.0.2 relayTo=172.0.2.120 responderRelayIndex=0 vpnIp=172.0.0.2
Jan 29 19:55:55 HOST-CA nebula[686]: time="2024-01-29T19:55:55-07:00" level=info msg="send CreateRelayRequest" initiatorRelayIndex=164158769 relayFrom=172.0.0.3 relayTo=172.0.2.116 responderRelayIndex=0 vpnIp=172.0.0.3
Jan 29 19:55:55 HOST-CA nebula[686]: time="2024-01-29T19:55:55-07:00" level=info msg="send CreateRelayRequest" initiatorRelayIndex=1236495831 relayFrom=172.0.0.3 relayTo=172.0.2.120 responderRelayIndex=0 vpnIp=172.0.0.3
Jan 29 19:55:55 HOST-CA nebula[686]: time="2024-01-29T19:55:55-07:00" level=info msg="send CreateRelayRequest" initiatorRelayIndex=2329087363 relayFrom=172.0.0.2 relayTo=172.0.2.120 responderRelayIndex=0 vpnIp=172.0.0.2
Jan 29 19:55:55 HOST-CA nebula[686]: time="2024-01-29T19:55:55-07:00" level=info msg="send CreateRelayRequest" initiatorRelayIndex=301301138 relayFrom=172.0.0.2 relayTo=172.0.2.116 responderRelayIndex=0 vpnIp=172.0.0.2
Jan 29 19:55:58 HOST-CA nebula[686]: time="2024-01-29T19:55:58-07:00" level=info msg="Tunnel status" certName=failover_cloud_proxy localIndex=2138296936 remoteIndex=2164133836 tunnelCheck="map[method:active state:dead]" vpnIp=172.0.0.3
Jan 29 19:55:58 HOST-CA nebula[686]: time="2024-01-29T19:55:58-07:00" level=info msg="Tunnel status" certName=syslog localIndex=3313392190 remoteIndex=1024773976 tunnelCheck="map[method:active state:dead]" vpnIp=172.0.2.116
Jan 29 19:56:01 HOST-CA nebula[686]: time="2024-01-29T19:56:01-07:00" level=info msg="send CreateRelayRequest" initiatorRelayIndex=2329087363 relayFrom=172.0.0.2 relayTo=172.0.2.120 responderRelayIndex=0 vpnIp=172.0.0.2
Jan 29 19:56:01 HOST-CA nebula[686]: time="2024-01-29T19:56:01-07:00" level=info msg="send CreateRelayRequest" initiatorRelayIndex=301301138 relayFrom=172.0.0.2 relayTo=172.0.2.116 responderRelayIndex=0 vpnIp=172.0.0.2
Jan 29 19:56:07 HOST-CA nebula[686]: time="2024-01-29T19:56:07-07:00" level=info msg="send CreateRelayRequest" initiatorRelayIndex=2329087363 relayFrom=172.0.0.2 relayTo=172.0.2.120 responderRelayIndex=0 vpnIp=172.0.0.2
Jan 29 19:56:07 HOST-CA nebula[686]: time="2024-01-29T19:56:07-07:00" level=info msg="send CreateRelayRequest" initiatorRelayIndex=301301138 relayFrom=172.0.0.2 relayTo=172.0.2.116 responderRelayIndex=0 vpnIp=172.0.0.2
Jan 29 19:56:09 HOST-CA nebula[686]: time="2024-01-29T19:56:09-07:00" level=info msg="Tunnel status" certName=nginx localIndex=708071080 remoteIndex=3069862209 tunnelCheck="map[method:active state:dead]" vpnIp=172.0.2.120
Jan 29 19:56:09 HOST-CA nebula[686]: time="2024-01-29T19:56:09-07:00" level=info msg="Tunnel status" certName=cloud_proxy localIndex=1264874103 remoteIndex=3134933756 tunnelCheck="map[method:active state:dead]" vpnIp=172.0.0.2
Jan 29 19:56:12 HOST-CA nebula[686]: time="2024-01-29T19:56:12-07:00" level=info msg="send CreateRelayRequest" initiatorRelayIndex=164158769 relayFrom=172.0.0.3 relayTo=172.0.2.116 responderRelayIndex=0 vpnIp=172.0.0.3
[CreateRelay request loops from here on]

Logs from host nginx:

Jan 29 19:55:41 nginx systemd[1]: Reloading nebula.
Jan 29 19:55:41 nginx nebula[178]: time="2024-01-29T19:55:41-07:00" level=info msg="Caught HUP, reloading config"
Jan 29 19:55:41 nginx systemd[1]: Reloaded nebula.
Jan 29 19:55:41 nginx nebula[178]: time="2024-01-29T19:55:41-07:00" level=info msg="Trusted CA certificates refreshed" fingerprints="[...]"
Jan 29 19:55:41 nginx nebula[178]: time="2024-01-29T19:55:41-07:00" level=info msg="Client cert refreshed from disk" cert="..."
Jan 29 19:55:41 nginx nebula[178]: time="2024-01-29T19:55:41-07:00" level=error msg="Failed to set listen.read_buffer" error="operation not permitted"
Jan 29 19:55:41 nginx nebula[178]: time="2024-01-29T19:55:41-07:00" level=error msg="Failed to set listen.write_buffer" error="operation not permitted"
Jan 29 19:55:42 nginx nebula[178]: time="2024-01-29T19:55:42-07:00" level=info msg="Handshake message received" certName=icinga fingerprint=... handshake="map[stage:1 style:ix_psk0]" initiatorIndex=1985295069 issuer=... remoteIndex=0 responderIndex=0 udpAddr="..." vpnIp=172.0.2.133
Jan 29 19:55:42 nginx nebula[178]: time="2024-01-29T19:55:42-07:00" level=info msg="Taking new handshake" certName=icinga localIndex=676672407 remoteIndex=1514467054 vpnIp=172.0.2.133
Jan 29 19:55:42 nginx nebula[178]: time="2024-01-29T19:55:42-07:00" level=info msg="Handshake message sent" certName=icinga fingerprint=... handshake="map[stage:2 style:ix_psk0]" initiatorIndex=1985295069 issuer=... remoteIndex=0 responderIndex=198983537 sentCachedPackets=0 udpAddr="..." vpnIp=172.0.2.133
Jan 29 19:55:42 nginx nebula[178]: time="2024-01-29T19:55:42-07:00" level=info msg=handleCreateRelayRequest initiatorRelayIndex=3531621667 relayFrom=172.0.2.133 relayTo=172.0.2.120 vpnIp=172.0.0.2
Jan 29 19:55:42 nginx nebula[178]: time="2024-01-29T19:55:42-07:00" level=info msg="send CreateRelayResponse" initiatorRelayIndex=3531621667 relayFrom=172.0.2.133 relayTo=172.0.2.120 responderRelayIndex=3883226631 vpnIp=172.0.0.2
Jan 29 19:55:42 nginx nebula[178]: time="2024-01-29T19:55:42-07:00" level=info msg=handleCreateRelayRequest initiatorRelayIndex=3531621667 relayFrom=172.0.2.133 relayTo=172.0.2.120 vpnIp=172.0.0.2
Jan 29 19:55:42 nginx nebula[178]: time="2024-01-29T19:55:42-07:00" level=info msg="send CreateRelayResponse" initiatorRelayIndex=3531621667 relayFrom=172.0.2.133 relayTo=172.0.2.120 responderRelayIndex=3883226631 vpnIp=172.0.0.2
Jan 29 19:55:42 nginx nebula[178]: time="2024-01-29T19:55:42-07:00" level=info msg=handleCreateRelayRequest initiatorRelayIndex=1680648790 relayFrom=172.0.2.133 relayTo=172.0.2.120 vpnIp=172.0.0.3
Jan 29 19:55:42 nginx nebula[178]: time="2024-01-29T19:55:42-07:00" level=info msg="send CreateRelayResponse" initiatorRelayIndex=1680648790 relayFrom=172.0.2.133 relayTo=172.0.2.120 responderRelayIndex=373160935 vpnIp=172.0.0.3
Jan 29 19:55:42 nginx nebula[178]: time="2024-01-29T19:55:42-07:00" level=info msg=handleCreateRelayRequest initiatorRelayIndex=1680648790 relayFrom=172.0.2.133 relayTo=172.0.2.120 vpnIp=172.0.0.3
Jan 29 19:55:42 nginx nebula[178]: time="2024-01-29T19:55:42-07:00" level=info msg="send CreateRelayResponse" initiatorRelayIndex=1680648790 relayFrom=172.0.2.133 relayTo=172.0.2.120 responderRelayIndex=373160935 vpnIp=172.0.0.3
Jan 29 19:55:43 nginx nebula[178]: time="2024-01-29T19:55:43-07:00" level=info msg="Re-handshaking with remote" reason="local certificate is not current" vpnIp=172.0.0.2
Jan 29 19:55:43 nginx nebula[178]: time="2024-01-29T19:55:43-07:00" level=info msg="Handshake message sent" handshake="map[stage:1 style:ix_psk0]" initiatorIndex=437774906 localIndex=437774906 remoteIndex=0 udpAddrs="[137.184.245.206:4242]" vpnIp=172.0.0.2
Jan 29 19:55:43 nginx nebula[178]: time="2024-01-29T19:55:43-07:00" level=info msg="Handshake message received" certName=cloud_proxy durationNs=49339384 fingerprint=... handshake="map[stage:2 style:ix_psk0]" initiatorIndex=437774906 issuer=... remoteIndex=437774906 responderIndex=1366900285 sentCachedPackets=0 udpAddr="..." vpnIp=172.0.0.2
Jan 29 19:55:44 nginx nebula[178]: time="2024-01-29T19:55:44-07:00" level=info msg=handleCreateRelayRequest initiatorRelayIndex=2116511271 relayFrom=172.0.3.109 relayTo=172.0.2.120 vpnIp=172.0.0.2
Jan 29 19:55:44 nginx nebula[178]: time="2024-01-29T19:55:44-07:00" level=info msg="send CreateRelayResponse" initiatorRelayIndex=2116511271 relayFrom=172.0.3.109 relayTo=172.0.2.120 responderRelayIndex=136343822 vpnIp=172.0.0.2
Jan 29 19:55:44 nginx nebula[178]: time="2024-01-29T19:55:44-07:00" level=info msg="Handshake message received" certName=failover_cloud_proxy fingerprint=... handshake="map[stage:1 style:ix_psk0]" initiatorIndex=3493836043 issuer=... remoteIndex=0 responderIndex=0 udpAddr="..." vpnIp=172.0.0.3
Jan 29 19:55:44 nginx nebula[178]: time="2024-01-29T19:55:44-07:00" level=info msg="Taking new handshake" certName=failover_cloud_proxy localIndex=731252978 remoteIndex=3859203954 vpnIp=172.0.0.3
Jan 29 19:55:44 nginx nebula[178]: time="2024-01-29T19:55:44-07:00" level=info msg="Handshake message sent" certName=failover_cloud_proxy fingerprint=... handshake="map[stage:2 style:ix_psk0]" initiatorIndex=3493836043 issuer=... remoteIndex=0 responderIndex=2028481548 sentCachedPackets=0 udpAddr="..." vpnIp=172.0.0.3
Jan 29 19:55:44 nginx nebula[178]: time="2024-01-29T19:55:44-07:00" level=info msg="Handshake message received" certName=syslog fingerprint=... handshake="map[stage:1 style:ix_psk0]" initiatorIndex=2165386032 issuer=... remoteIndex=0 responderIndex=0 udpAddr="..." vpnIp=172.0.2.116
Jan 29 19:55:44 nginx nebula[178]: time="2024-01-29T19:55:44-07:00" level=info msg="Taking new handshake" certName=syslog localIndex=3252076489 remoteIndex=2017290363 vpnIp=172.0.2.116
Jan 29 19:55:44 nginx nebula[178]: time="2024-01-29T19:55:44-07:00" level=info msg="Handshake message sent" certName=syslog fingerprint=... handshake="map[stage:2 style:ix_psk0]" initiatorIndex=2165386032 issuer=... remoteIndex=0 responderIndex=1493929163 sentCachedPackets=0 udpAddr="..." vpnIp=172.0.2.116
Jan 29 19:55:44 nginx nebula[178]: time="2024-01-29T19:55:44-07:00" level=info msg=handleCreateRelayRequest initiatorRelayIndex=3499948200 relayFrom=172.0.2.116 relayTo=172.0.2.120 vpnIp=172.0.0.2
Jan 29 19:55:44 nginx nebula[178]: time="2024-01-29T19:55:44-07:00" level=info msg="send CreateRelayResponse" initiatorRelayIndex=3499948200 relayFrom=172.0.2.116 relayTo=172.0.2.120 responderRelayIndex=412435964 vpnIp=172.0.0.2
Jan 29 19:55:44 nginx nebula[178]: time="2024-01-29T19:55:44-07:00" level=info msg=handleCreateRelayRequest initiatorRelayIndex=3499948200 relayFrom=172.0.2.116 relayTo=172.0.2.120 vpnIp=172.0.0.2
Jan 29 19:55:44 nginx nebula[178]: time="2024-01-29T19:55:44-07:00" level=info msg="send CreateRelayResponse" initiatorRelayIndex=3499948200 relayFrom=172.0.2.116 relayTo=172.0.2.120 responderRelayIndex=412435964 vpnIp=172.0.0.2
[CreateRelay request loops from here on]

These two hosts were unable to talk until I restarted Nebula on HOST-CA

Config files from affected hosts

firewall:
  conntrack:
    default_timeout: 10m
    max_connections: 100000
    tcp_timeout: 12m
    udp_timeout: 3m
  inbound:
  - host: any
    port: any
    proto: icmp
  - host: any
    port: any
    proto: any
  outbound:
  - host: any
    port: any
    proto: any
lighthouse:
  am_lighthouse: false
  hosts:
  - 172.0.0.2
  - 172.0.0.3
  interval: 60
listen:
  batch: 128
  host: 0.0.0.0
  port: 0
  read_buffer: 10485760
  write_buffer: 10485760
logging:
  format: text
  level: info
pki:
  ca: |
    -----BEGIN NEBULA CERTIFICATE-----
    ...
    -----END NEBULA CERTIFICATE-----
  cert: |
    -----BEGIN NEBULA CERTIFICATE-----
    ...
    -----END NEBULA CERTIFICATE-----
  key: |
    -----BEGIN NEBULA X25519 PRIVATE KEY-----
    ...
    -----END NEBULA X25519 PRIVATE KEY-----
punchy:
  delay: 1s
  punch: true
  punch_back: true
  respond: true
relay:
  am_relay: false
  relays:
  - 172.0.0.2
  - 172.0.0.3
  use_relays: true
static_host_map:
  172.0.0.2:
  - ...
  172.0.0.3:
  - ...
tun:
  dev: nebula1
  disabled: false
  drop_local_broadcast: false
  drop_multicast: false
  routes: null
  tx_queue: 5000
  unsafe_routes: null
@Cyberes Cyberes changed the title 🐛 BUG: Reload caused connection failure between hosts 🐛 BUG: Simultaneous reload caused connection failure between hosts Jan 30, 2024
@Cyberes Cyberes changed the title 🐛 BUG: Simultaneous reload caused connection failure between hosts 🐛 BUG: Simultaneous reload caused connection failure between two hosts Jan 30, 2024
@Cyberes
Copy link
Author

Cyberes commented Jan 30, 2024

I reviewed my logs and see that there is at least one more instance of this happening between two hosts. The logs show the repeating CreateRelayResponse cycle for hours.

@Cyberes
Copy link
Author

Cyberes commented Jan 31, 2024
edited
Loading

I just ran the Ansible playbook where Nebula was restarted and this communication issue was consistently occurring between these hosts. I then updated everything to the latest version (1.8.2) and it started worked normally. I guess we're good. Thoughts?

@Cyberes Cyberes closed this as completed Jan 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Cyberes