• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Bug with gateway monitoring and topology /30

OpenVPN
2
3
670
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    daviddst
    last edited by Mar 29, 2017, 12:09 PM

    Hi,

    With a OpenVPN client and /30 topology, local IP is localhost address and remote IP is gateway address.

    When gateway monitoring is enabled, pinger monitor only local IP address, so, it's impossible to detect a packet loose or latency.  Sometime, tunnel is up but no traffic pass in the tunnel (trouble on server or client), pinger is unable to detect the problem and load balacing not work.

    pfSense should use remote IP for monitoring gateway instead of local local IP address (gateway can't fixed with dynamic allocation) ?

    Another problem, the remote host on Status/OpenVPN/Client Instance Statistics is not correctly updated. If I start/stop the tunnel, Virtual Addres is updated, but not Remote Host. I don't know if remote host is use for something else.

    Regards,

    1 Reply Last reply Reply Quote 0
    • J
      jimp Rebel Alliance Developer Netgate
      last edited by Mar 29, 2017, 1:02 PM

      With /30 topology the server address in the /30 is completely virtual and often cannot be pinged. You have to set your own monitor IP address for that case, it can't be automatically determined in a reliable way.

      For the status, that is pulled directly from OpenVPN's management interface. If it's wrong, it's a bug or quirk in OpenVPN's behavior, so you'll have to raise the issue upstream with OpenVPN directly.

      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      1 Reply Last reply Reply Quote 0
      • D
        daviddst
        last edited by Mar 30, 2017, 2:57 PM

        @jimp:

        With /30 topology the server address in the /30 is completely virtual and often cannot be pinged. You have to set your own monitor IP address for that case, it can't be automatically determined in a reliable way.

        I can't set the gateway manually because the gateway change at each connexion. Again, it's usefull to ping local IP address, it could be nice if user sould be able to choose dynamic remote address.

        @jimp:

        For the status, that is pulled directly from OpenVPN's management interface. If it's wrong, it's a bug or quirk in OpenVPN's behavior, so you'll have to raise the issue upstream with OpenVPN directly.

        You're right, I confirm the IP address is wrong in OpenVPN interface, I'll check with openvpn project.

        For that moment, do you know if it's possible to push the new gateway IP address manually to pinger with a script (without pfSense GUI) ?

        Thank you,

        1 Reply Last reply Reply Quote 0
        3 out of 3
        • First post
          3/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.