|
|
Tom Barcellona wrote: >> So I also need to set --resolv-retry to some arbitrary >> value? > > No, --ping-restart says that after x number of seconds, if no data is > received from the other end, restart openvpn. --resov-retry says that if > the connection is restarted, try to resolve the domain name of the other > computer for x number of seconds. If you can't resolve it in that amount > of time, give up. > > So, "--ping-restart 30 --resolv-retry 60" for example, would tell > openvpn to restart the connection thirty seconds after the last time it > heard anything from the other side; and when it brings the connection > back up, only spend sixty seconds trying to resolve the other computer's > domain name before giving up alltogether and quitting. Resolv-retry > seems like it is best used to keep openvpn from wasting its time trying > to connect to a computer that is likely not even there anymore. (if it > was, then presumably it would have updated its dns record.) > I think you misunderstood me. The man page says: --ping-restart: If the peer cannot be reached, a restart will be triggered, causing the hostname used with --remote to be re-resolved (if --resolv-retry is also specified). This suggests that the hostname will not be re-resolved *unless resolv_retry* was specified. Is the manpage wrong? Or just confusing? Or what? I don't need resolve_retry because I expect resolve to fail, I want to re-resolve the hostname because the IP may change due to DHCP. ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |