[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] Temporary network outage after tls restart


  • Subject: [Openvpn-users] Temporary network outage after tls restart
  • From: "Tomas Sanitra" <tomas.sanitra@xxxxxxxxx>
  • Date: Mon, 12 Mar 2007 14:22:04 +0100

Hello, I have a client connected via OpenVPN to a private network. Every 30 minutes the client process is restarted (see log below). The problem is that during those few seconds which are needed to restart the session also other connections are destroyed - e.g. my SSH connection which IS NOT GOING VIA OPENVPN. It looks like the OpenVPN is 'blocking' the whole network communication on client for few seconds.

Operating system on client and server is SuSe Linux Enterprise Server 9, version of OpenVPN is openvpn-2.0.2-1 (built from sources).


Mar 12 13:34:43 sk16496c openvpn[5946]: Connection reset, restarting [-1]
Mar 12 13:34:43 sk16496c openvpn[5946]: TCP/UDP: Closing socket
Mar 12 13:34:43 sk16496c openvpn[5946]: SIGUSR1[soft,connection-reset] received, process restarting
Mar 12 13:34:43 sk16496c openvpn[5946]: Restart pause, 5 second(s)
Mar 12 13:34:48 sk16496c openvpn[5946]: IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and e
arlier used 5000 as the default port.
Mar 12 13:34:48 sk16496c openvpn[5946]: WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Mar 12 13:34:48 sk16496c openvpn[5946]: Re-using SSL/TLS context
Mar 12 13:34:48 sk16496c openvpn[5946]: LZO compression initialized
Mar 12 13:34:48 sk16496c openvpn[5946]: Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Mar 12 13:34:48 sk16496c openvpn[5946]: Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Mar 12 13:34:48 sk16496c openvpn[5946]: Local Options hash (VER=V4): '69109d17'
Mar 12 13:34:48 sk16496c openvpn[5946]: Expected Remote Options hash (VER=V4): 'c0103fa8'
Mar 12 13:34:48 sk16496c openvpn[5946]: Attempting to establish TCP connection with 163.242.53.87:1194
Mar 12 13:34:48 sk16496c openvpn[5946]: TCP connection established with 163.242.53.87:1194
Mar 12 13:34:48 sk16496c openvpn[5946]: TCPv4_CLIENT link local: [undef]
Mar 12 13:34:48 sk16496c openvpn[5946]: TCPv4_CLIENT link remote: 163.242.53.87:1194
Mar 12 13:34:48 sk16496c openvpn[5946]: TLS: Initial packet from 163.242.53.87:1194 , sid=9b4ad87c 2c7b4b90
Mar 12 13:34:48 sk16496c openvpn[5946]: VERIFY OK: depth=1, /C=SK/ST=Zapad/L=Bratislava/O=mycompany/OU=myunit/CN=pgwfe/emailAddress= tomas.sanitra@xxxxxxxxxxxx
Mar 12 13:34:48 sk16496c openvpn[5946]: VERIFY OK: depth=0, /C=SK/ST=Zapad/O=mycompany/OU=myunit/CN=pgwfe/emailAddress= tomas.sanitra@xxxxxxxxxxxx
Mar 12 13:34:48 sk16496c openvpn[5946]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mar 12 13:34:48 sk16496c openvpn[5946]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 12 13:34:48 sk16496c openvpn[5946]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mar 12 13:34:48 sk16496c openvpn[5946]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 12 13:34:48 sk16496c openvpn[5946]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mar 12 13:34:48 sk16496c openvpn[5946]: [pgwfe] Peer Connection Initiated with 163.242.53.87:1194
Mar 12 13:34:49 sk16496c openvpn[5946]: SENT CONTROL [pgwfe]: 'PUSH_REQUEST' (status=1)
Mar 12 13:34:49 sk16496c openvpn[5946]: PUSH: Received control message: 'PUSH_REPLY,route 10.8.0.0 255.255.255.0,ping 10,ping-restart 120,ifconfig 10.8.0.134 10.8.0.133'
Mar 12 13:34:49 sk16496c openvpn[5946]: OPTIONS IMPORT: timers and/or timeouts modified
Mar 12 13:34:49 sk16496c openvpn[5946]: OPTIONS IMPORT: --ifconfig/up options modified
Mar 12 13:34:49 sk16496c openvpn[5946]: OPTIONS IMPORT: route options modified
Mar 12 13:34:49 sk16496c openvpn[5946]: Preserving previous TUN/TAP instance: tun0
Mar 12 13:34:49 sk16496c openvpn[5946]: Initialization Sequence Completed


--
         Tomas Sanitra
--------------------------------------
tomas.sanitra@xxxxxxxxx
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users