I just saw another system with a down/up openvpn earlier today.
The problem there was one-way traffic.
Traffic could flow from the side that showed down to the site that showed up but traffic could not flow from the site that showed up to the site that showed down.
The tunnel was partially up. Pings sent across from the "down" side would go out the tunnel, be received and replied to by the other side, but would never arrive.
It was a CARP VIP on the down side that the ISP was losing the MAC address for. They would accept traffic from that address but couldn't deliver traffic to it.