[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] load balancing with a wee problem

  • Subject: Re: [Openvpn-users] load balancing with a wee problem
  • From: Sebastian Perkins <sperkins@xxxxxxxxxxxxxxxxxx>
  • Date: Tue, 15 Jan 2008 16:34:28 +0100 (CET)

on the client .conf the only persist options are :

Sebastian Perkins
Responsable Informatique

----- Message Original -----
De: "Darren Loher" <dloher@xxxxxxxxxxxx>
A: "Sebastian Perkins" <sperkins@xxxxxxxxxxxxxxxxxx>, openvpn-users@xxxxxxxxxxxxxxxxxxxxx
Sent: mardi 15 janvier 2008 16 h 27 (GMT+0100) Europe/Berlin
Sujet: RE: [Openvpn-users] load balancing with a wee problem

Try removing “persist routes” if you are using that on the client configuration.


From: openvpn-users-bounces@xxxxxxxxxxxxxxxxxxxxx [mailto:openvpn-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Sebastian Perkins
Sent: Tuesday, January 15, 2008 3:20 AM
To: openvpn-users@xxxxxxxxxxxxxxxxxxxxx
Subject: [Openvpn-users] load balancing with a wee problem



We are using openvpn tunnel mode with 2 servers + 22 clients interconnecting our offices. Works great !

Clients are openvpn 2.0.7 -> 2.0.9 (fedora core 3 or 4) and serveurs are FC5 + openvpn 2.1rc2 (from the yum repository).

The 2 servers are used for load balancing : each is connected to an ADSL modem. The clients connect with 2 remote entries + resolve random to balance. Actually this solution is also quite fault tolerant.

So far so good, our problem comes from a client's light broadband failure (ie under 20min) :  the client's tunnel doesn't come back up.

I've gone through the logs, it seems that :
Client A  is connected  to  Server 1
broadband goes down
broadband goes up
Client A  reconnects using "remote random" => connects to server 2
Server 1 issues a reconnection ("ping restarting...")

Then I get "connnexion refused" errors...

If I issue "service openvpn restart" on the client, everything works fine. Server side, all other tunneled connexions are fine and do not experience any problems. Clients that come down are in 2.0.7 or 2.0.9...

I can post the configs I you want, but my idea is that the servers are using "keepalive" options, just like the clients : should I just use keepalive on the clients ? Or am I wrong ?

Thanks in advance,

Sebastian Perkins
Responsable Informatique