[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] Service Looping ?


  • Subject: [Openvpn-users] Service Looping ?
  • From: Dave Green <daveg@xxxxxxxxxxxxx>
  • Date: Mon, 26 Jan 2004 11:33:51 +1300

My OpenVPN bridging setup is working well using a linux host. On some occasions though I get some sort of looping on the host end after the client closes the connection. I'm using pretty much standard configs. I get xinted entries from the openvpn service about connection refused and resource temporarily unavailable and these get repeated at a high rate. Restarting xinetd seems to clear the condition.

The xinetd config is:

service openvpn_ssl_0
{
       disable         = no
       type            = UNLISTED
       port            = 8500
       socket_type     = dgram
       protocol        = udp
       wait            = yes
       user            = root
       log_on_success  += PID
       server          = /usr/local/bin/openvpn
       server_args     = --config /usr/local/bin/configssl0.ovpn
}

(Is the log_on_success option valid here ?)

The syslog excerpt is listed below. Any comments on what the cause may be ?

Thanks,

Dave Green

Jan 24 21:59:21 info openvpn[2901]: OpenVPN 1.5.0 i686-pc-linux-gnu [SSL] [LZO]
built on Dec 23 2003
Jan 24 21:59:21 info openvpn[2901]: Diffie-Hellman initialized with 1024 bit keyJan 24 21:59:21 info openvpn[2901]: WARNING: file '/usr/local/bin/wpiserver.pem' is group or others accessible
Jan 24 21:59:21 info openvpn[2901]: Control Channel MTU parms [ L:1573 D:138 EF:38 EB:0 ET:0 ]
Jan 24 21:59:21 info openvpn[2901]: TUN/TAP device tap0 opened
Jan 24 21:59:21 info openvpn[2901]: Data Channel MTU parms [ L:1573 D:1400 EF:41 EB:0 ET:32 ]
Jan 24 21:59:21 info openvpn[2901]: Local Options hash (VER=V3): 'c76d612c'
Jan 24 21:59:21 info openvpn[2901]: Expected Remote Options hash (VER=V3): '036d05dc'
Jan 24 21:59:21 info openvpn[2901]: UID set to nobody
Jan 24 21:59:21 info openvpn[2901]: UDPv4 link local: [inetd]
Jan 24 21:59:21 info openvpn[2901]: UDPv4 link remote: [undef]
Jan 24 21:59:21 info openvpn[2901]: TLS: tls_pre_decrypt: first response to initial packet from xx.xx.xx.xx:8500, sid=d797b044 40c53227
Jan 24 21:59:43 info openvpn[2901]: VERIFY OK: depth=1, /CN=Dave.Green/ST=Central.NI/C=NZ/emailAddress=daveg@xxxxxxxxxxxxx/O=Root.Certification.Authority
Jan 24 21:59:43 info openvpn[2901]: VERIFY OK: depth=0, /CN=Dave.Green/ST=Central.NI/C=NZ/emailAddress=daveg@xxxxxxxxxxxxx/O=Winstone.Pulp.Interntional.Ltd
Jan 24 21:59:44 info openvpn[2901]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Jan 24 21:59:44 info openvpn[2901]: Data Channel Decrypt: Using 160 bit message
hash 'SHA1' for HMAC authentication
Jan 24 21:59:44 info openvpn[2901]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Jan 24 21:59:44 info openvpn[2901]: Data Channel Encrypt: Using 160 bit message
hash 'SHA1' for HMAC authentication
Jan 24 21:59:45 info openvpn[2901]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Jan 24 21:59:45 info openvpn[2901]: Peer Connection Initiated with xx.xx.xx.xx:8500
Jan 24 22:06:44 info login(pam_unix)[2932]: session opened for user root by root(uid=0)
Jan 24 22:06:44 info -- root[2932]: ROOT LOGIN ON pts/1 FROM 10.0.0.155
Jan 24 22:09:34 info login(pam_unix)[2932]: session closed for user root
Jan 24 22:10:06 info openvpn[2901]: read UDPv4 [ECONNREFUSED]: Connection refused (code=111)
Jan 24 22:10:21 info last message repeated 9 times
Jan 24 22:19:34 info openvpn[2901]: 489 variation(s) on previous 10 message(s) suppressed by --mute
Jan 24 22:19:34 info openvpn[2901]: Inactivity timeout (--inactive), exiting
Jan 24 22:19:34 info openvpn[2901]: Closing TCP/UDP socket
Jan 24 22:19:34 info openvpn[2901]: Closing TUN/TAP device
Jan 24 22:19:34 info xinetd[2173]: service openvpn_ssl_0, recvfrom: Connection refused (errno = 111)
Jan 24 22:19:34 info xinetd[2173]: service openvpn_ssl_0, recvfrom: Resource temporarily unavailable (errno = 11)
Jan 24 22:20:04 info last message repeated 740777 times
Jan 24 22:21:06 info last message repeated 1476979 times
Jan 24 22:21:24 info last message repeated 441133 times
Jan 24 22:21:24 info xinetd[2173]: Starting reconfiguration




--------
CAUTION:
This message and any attachments contain privileged and confidential
information.  If you are not the intended recipient of this message, you
are hereby notified that any use, dissemination, distribution or
reproduction of this message is prohibited. If you have received this
message in error please notify the sender immediately via email and then
destroy this message and any attachments.

Any views expressed in this message are those of the individual sender
and may not necessarily reflect the views of Winstone Pulp International
Ltd.




------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users