Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    All connections randomly drop at once "Cannot open TUN/TAP dev /dev/tapX: Device busy (errno=16) openvpn[783]: TUN/TAP device ovpncX exists previously, keep at program end

    OpenVPN
    1
    2
    274
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      AWeidner
      last edited by AWeidner

      We have multiple branch offices connected with OpenVPN bridge.

      Setup - Central Office

      • pfSense 2.7 CE, all patches installed up to this point (updated from 2.6)
      • OpenVPN clients with Certificate issued by each individual branch office
      • TAP interfaces bridged to individual hardware interfaces for each branch office
      • Individual tunnel networks for each client
      • Optical fibre connection with 300MBit/s

      Setup - Branch Office(s)

      • pfSense 2.7 CE, all patches installed up to this point (updated from 2.6)
      • OpenVPN setup with TAP interfaces, bridged to the LAN port of the pfSense
      • DSL connections with variying speeds according to the size of the remote location (Upload 10 or 40 MBit/s, Download 50 or 100MBit/s)

      This setup worked for at least two years with pfSense 2.6. Since the upgrade to 2.7 the error appeared randomly on single connections. For example when the DSL connection in the remote office dropped.

      Since last Wednesday, all the connections randomly drop at once with the error mentioned above logged on both the client instance in the main office and the server in the branch office when trying to restart the service. After restarting all boxes it works again. It happened at least 3 times in the last five days, since the last restart on friday it worked until about sunday, 12:00pm.

      I am not aware of changes to the routing or the VPN instances. This is what most related entries suggested, when this error was mentioned previously.

      Any help would be appreciated (Please: no comments on TUN vs TAP usage. It is what it is.)

      A 1 Reply Last reply Reply Quote 0
      • A
        AWeidner @AWeidner
        last edited by

        Regression #13613 sounds like a valid explaination: "It looks like the problem is that we send a SIGTERM to openvpn, but don't wait until it actually exits before destroying the interface. That it turn causes it to not actually exit, breaking the subsequent openvpn instance."

        Though this was for 23.01, it may have been introduced with 2.7 as well, as i did not have any such issues as long as we were on 2.6.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.