Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN: Dropped connections not restarted

    Scheduled Pinned Locked Moved
    2.0-RC Snapshot Feedback and Problems - RETIRED
    3
    3
    1.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MrHorizontal
      last edited by

      In yesterday's snap (22/04), OpenVPN client connections are being mysteriously killed with a hard exit well before any timeouts are triggered and not brought up again automatically.

      Connections are dropping from a mysterious log message:

      Apr 22 23:32:16 pf2 openvpn[370]: event_wait : Interrupted system call (code=4)
Apr 22 23:32:16 pf2 openvpn[370]: /etc/rc.filter_configure ovpnc1 1500 1562 10.0.61.30 10.0.61.29 init
Apr 22 23:32:16 pf2 openvpn[370]: SIGTERM[hard,] received, process exiting

      In the main system log at the same time, I have the following messages:

      Apr 22 23:32:01 pf2 dhclient: netstat
Apr 22 23:32:01 pf2 dhclient: RENEW
Apr 22 23:32:01 pf2 dhclient: Creating resolv.conf
Apr 22 23:32:11 pf2 php: : rc.newwanip: Informational is starting .
Apr 22 23:32:11 pf2 php: : rc.newwanip: on (IP address: 10.0.0.136) (interface: wan) (real interface: em1).
Apr 22 23:32:11 pf2 php: : The command 'route add -host A.B.C.D 10.0.32.1' returned exit code '1', the output was 'route: writing to routing socket: Network is unreachable add host A.B.C.D: gateway 10.0.32.1: Network is unreachable'
Apr 22 23:32:16 pf2 kernel: ovpnc1: link state changed to DOWN

      If I resave each OVPN connection, the connections duly come back up again and then go down again after about 30 mins. The earliest timeout configured in the OVPN connections is 3 hours (recycle TLS control channel)

      1 Reply Last reply Reply Quote 0
      • B
        blackb1rd
        last edited by

        I saw this behavior of dropping OVPN connections today and it seems to happen when dhclient renews it's wan ip address (which never changes in my case, no need to drop it), however the connection came back quite rapidly. I guess your wan ip dhcp renewal interval is set to 30 minutes, which explains the drops you're experiencing. I think it's a bug, as said before, no need to drop it's tunnels when the ip address remains the same.

        Not sure why in my case the connection came back, possibly being triggered by packets, don't know.

        Using snapshot 14/04.

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          yeah updated this. http://redmine.pfsense.org/issues/show/449

          1 Reply Last reply Reply Quote 0
          • First post
            Last post