Re: OpenVPN doesn't start (hangs) in routing domain.

Mon, 22 Feb 2016 14:00:10 -0800 

Użytkownik Stuart Henderson napisał:

On 2016/02/16 08:47, Rafał Ramocki wrote:



Hi, Synopis: When OpenVPN installed by pkg_add is started in rdomain 
it hangs during initialization. Category: system user kernel amd64 
i386 Environment: System : OpenBSD 5.8 Details : OpenBSD 5.8 
(GENERIC.MP) #1236: Sun Aug 16 02:31:04 MDT 2015 
[email protected]:/usr/src/sys/arch/amd64/compile/GENERIC.MP 
Architecture: OpenBSD.amd64 Machine : amd64 Description: I've 
configured routing domain with few interfaces. I'm trying to start 
OpenVPN in it with following configuration:



If it still happens on -current and you can provide log with 'verb 11'
then I'll try to take a look sometime. (I have only a very small
interest in openvpn and definitely not enough that I'm going to look
at anything pre -current; there have been very many changes in this
area since 5.8).


I've just tried on current snapshot and I confirm that problem still 
exists. Below is full output with verb 11.


Feb 22 22:39:06 openbsd openvpn_server[13784]: Current Parameter Settings:
Feb 22 22:39:06 openbsd openvpn_server[13784]:   config = 'server.conf'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   mode = 1
Feb 22 22:39:06 openbsd openvpn_server[13784]:   show_ciphers = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   show_digests = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   show_engines = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   genkey = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   key_pass_file = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   show_tls_ciphers = DISABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]: Connection profiles 
[default]:

Feb 22 22:39:06 openbsd openvpn_server[13784]:   proto = udp
Feb 22 22:39:06 openbsd openvpn_server[13784]:   local = '192.168.1.1'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   local_port = 1194
Feb 22 22:39:06 openbsd openvpn_server[13784]:   remote = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   remote_port = 1194
Feb 22 22:39:06 openbsd openvpn_server[13784]:   remote_float = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   bind_defined = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   bind_local = ENABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   connect_retry_seconds = 5
Feb 22 22:39:06 openbsd openvpn_server[13784]:   connect_timeout = 10
Feb 22 22:39:06 openbsd openvpn_server[13784]:   connect_retry_max = 0

Feb 22 22:39:06 openbsd openvpn_server[13784]:   socks_proxy_server = 
'[UNDEF]'

Feb 22 22:39:06 openbsd openvpn_server[13784]:   socks_proxy_port = 0

Feb 22 22:39:06 openbsd openvpn_server[13784]:   socks_proxy_retry = 
DISABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]:   tun_mtu = 1500
Feb 22 22:39:06 openbsd openvpn_server[13784]:   tun_mtu_defined = ENABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   link_mtu = 1500
Feb 22 22:39:06 openbsd openvpn_server[13784]:   link_mtu_defined = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   tun_mtu_extra = 0

Feb 22 22:39:06 openbsd openvpn_server[13784]:   tun_mtu_extra_defined = 
DISABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]:   mtu_discover_type = -1
Feb 22 22:39:06 openbsd openvpn_server[13784]:   fragment = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   mssfix = 1450

Feb 22 22:39:06 openbsd openvpn_server[13784]:   
explicit_exit_notification = 0

Feb 22 22:39:06 openbsd openvpn_server[13784]: Connection profiles END
Feb 22 22:39:06 openbsd openvpn_server[13784]:   remote_random = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   ipchange = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   dev = 'tun8'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   dev_type = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   dev_node = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   lladdr = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   topology = 3
Feb 22 22:39:06 openbsd openvpn_server[13784]:   tun_ipv6 = DISABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]:   ifconfig_local = 
'172.31.208.1'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   ifconfig_remote_netmask 
= '255.255.255.0'

Feb 22 22:39:06 openbsd openvpn_server[13784]:   ifconfig_noexec = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   ifconfig_nowarn = DISABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]:   ifconfig_ipv6_local = 
'[UNDEF]'

Feb 22 22:39:06 openbsd openvpn_server[13784]:   ifconfig_ipv6_netbits = 0

Feb 22 22:39:06 openbsd openvpn_server[13784]:   ifconfig_ipv6_remote = 
'[UNDEF]'

Feb 22 22:39:06 openbsd openvpn_server[13784]:   shaper = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   mtu_test = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   mlock = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   keepalive_ping = 10
Feb 22 22:39:06 openbsd openvpn_server[13784]:   keepalive_timeout = 120
Feb 22 22:39:06 openbsd openvpn_server[13784]:   inactivity_timeout = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   ping_send_timeout = 10
Feb 22 22:39:06 openbsd openvpn_server[13784]:   ping_rec_timeout = 240
Feb 22 22:39:06 openbsd openvpn_server[13784]:   ping_rec_timeout_action = 2

Feb 22 22:39:06 openbsd openvpn_server[13784]:   ping_timer_remote = 
DISABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]:   remap_sigusr1 = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   persist_tun = ENABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   persist_local_ip = DISABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]:   persist_remote_ip = 
DISABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]:   persist_key = ENABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   passtos = DISABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]:   resolve_retry_seconds = 
1000000000

Feb 22 22:39:06 openbsd openvpn_server[13784]:   username = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   groupname = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   chroot_dir = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   cd_dir = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   writepid = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   up_script = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   down_script = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   down_pre = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   up_restart = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   up_delay = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   daemon = ENABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   inetd = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   log = DISABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]:   suppress_timestamps = 
DISABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]:   nice = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   verbosity = 11
Feb 22 22:39:06 openbsd openvpn_server[13784]:   mute = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   gremlin = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   status_file = 'status'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   status_file_version = 1

Feb 22 22:39:06 openbsd openvpn_server[13784]:   status_file_update_freq 
= 60

Feb 22 22:39:06 openbsd openvpn_server[13784]:   occ = ENABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   rcvbuf = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   sndbuf = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   sockflags = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   fast_io = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   lzo = 7
Feb 22 22:39:06 openbsd openvpn_server[13784]:   route_script = '[UNDEF]'

Feb 22 22:39:06 openbsd openvpn_server[13784]:   route_default_gateway = 
'[UNDEF]'

Feb 22 22:39:06 openbsd openvpn_server[13784]:   route_default_metric = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   route_noexec = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   route_delay = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   route_delay_window = 30

Feb 22 22:39:06 openbsd openvpn_server[13784]:   route_delay_defined = 
DISABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]:   route_nopull = DISABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]:   route_gateway_via_dhcp 
= DISABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]:   max_routes = 100
Feb 22 22:39:06 openbsd openvpn_server[13784]:   allow_pull_fqdn = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   management_addr = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   management_port = 0

Feb 22 22:39:06 openbsd openvpn_server[13784]:   management_user_pass = 
'[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   
management_log_history_cache = 250
Feb 22 22:39:06 openbsd openvpn_server[13784]:   
management_echo_buffer_size = 100
Feb 22 22:39:06 openbsd openvpn_server[13784]:   
management_write_peer_info_file = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   management_client_user 
= '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   management_client_group 
= '[UNDEF]'

Feb 22 22:39:06 openbsd openvpn_server[13784]:   management_flags = 0

Feb 22 22:39:06 openbsd openvpn_server[13784]:   shared_secret_file = 
'[UNDEF]'

Feb 22 22:39:06 openbsd openvpn_server[13784]:   key_direction = 0

Feb 22 22:39:06 openbsd openvpn_server[13784]:   ciphername_defined = 
ENABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]:   ciphername = 'BF-CBC'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   authname_defined = ENABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   authname = 'SHA1'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   prng_hash = 'SHA1'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   prng_nonce_secret_len = 16
Feb 22 22:39:06 openbsd openvpn_server[13784]:   keysize = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   engine = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   replay = ENABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]:   mute_replay_warnings = 
DISABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]:   replay_window = 64
Feb 22 22:39:06 openbsd openvpn_server[13784]:   replay_time = 15
Feb 22 22:39:06 openbsd openvpn_server[13784]:   packet_id_file = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   use_iv = ENABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   test_crypto = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   tls_server = ENABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   tls_client = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   key_method = 2
Feb 22 22:39:06 openbsd openvpn_server[13784]:   ca_file = 'ca.crt'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   ca_path = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   dh_file = 'dh2048.pem'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   cert_file = 'server.crt'

Feb 22 22:39:06 openbsd openvpn_server[13784]:   extra_certs_file = 
'[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   priv_key_file = 
'server.key'

Feb 22 22:39:06 openbsd openvpn_server[13784]:   pkcs12_file = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   cipher_list = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   tls_verify = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   tls_export_cert = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   verify_x509_type = 0

Feb 22 22:39:06 openbsd openvpn_server[13784]:   verify_x509_name = 
'[UNDEF]'

Feb 22 22:39:06 openbsd openvpn_server[13784]:   crl_file = 'crl.pem'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   ns_cert_type = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   remote_cert_ku[i] = 0
Feb 22 22:39:06 openbsd last message repeated 15 times
Feb 22 22:39:06 openbsd openvpn_server[13784]:   remote_cert_eku = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   ssl_flags = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   tls_timeout = 2
Feb 22 22:39:06 openbsd openvpn_server[13784]:   renegotiate_bytes = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   renegotiate_packets = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   renegotiate_seconds = 3600
Feb 22 22:39:06 openbsd openvpn_server[13784]:   handshake_window = 60
Feb 22 22:39:06 openbsd openvpn_server[13784]:   transition_window = 3600
Feb 22 22:39:06 openbsd openvpn_server[13784]:   single_session = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   push_peer_info = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   tls_exit = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   tls_auth_file = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   server_network = 0.0.0.0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   server_netmask = 0.0.0.0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   server_network_ipv6 = ::
Feb 22 22:39:06 openbsd openvpn_server[13784]:   server_netbits_ipv6 = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   server_bridge_ip = 0.0.0.0

Feb 22 22:39:06 openbsd openvpn_server[13784]:   server_bridge_netmask = 
0.0.0.0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   
server_bridge_pool_start = 0.0.0.0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   server_bridge_pool_end 
= 0.0.0.0

Feb 22 22:39:06 openbsd openvpn_server[13784]:   push_entry = 'ping 10'

Feb 22 22:39:06 openbsd openvpn_server[13784]:   push_entry = 
'ping-restart 120'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   ifconfig_pool_defined = 
DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   ifconfig_pool_start = 
0.0.0.0

Feb 22 22:39:06 openbsd openvpn_server[13784]:   ifconfig_pool_end = 0.0.0.0

Feb 22 22:39:06 openbsd openvpn_server[13784]:   ifconfig_pool_netmask = 
0.0.0.0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   
ifconfig_pool_persist_filename = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   
ifconfig_pool_persist_refresh_freq = 600
Feb 22 22:39:06 openbsd openvpn_server[13784]:   
ifconfig_ipv6_pool_defined = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   ifconfig_ipv6_pool_base 
= ::
Feb 22 22:39:06 openbsd openvpn_server[13784]:   
ifconfig_ipv6_pool_netbits = 0

Feb 22 22:39:06 openbsd openvpn_server[13784]:   n_bcast_buf = 256
Feb 22 22:39:06 openbsd openvpn_server[13784]:   tcp_queue_limit = 64
Feb 22 22:39:06 openbsd openvpn_server[13784]:   real_hash_size = 256
Feb 22 22:39:06 openbsd openvpn_server[13784]:   virtual_hash_size = 256

Feb 22 22:39:06 openbsd openvpn_server[13784]:   client_connect_script = 
'[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   learn_address_script = 
'[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   
client_disconnect_script = '[UNDEF]'

Feb 22 22:39:06 openbsd openvpn_server[13784]:   client_config_dir = 'ccd'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   ccd_exclusive = ENABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   tmp_dir = '/tmp'

Feb 22 22:39:06 openbsd openvpn_server[13784]:   push_ifconfig_defined = 
DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   push_ifconfig_local = 
0.0.0.0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   
push_ifconfig_remote_netmask = 0.0.0.0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   
push_ifconfig_ipv6_defined = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   
push_ifconfig_ipv6_local = ::/0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   
push_ifconfig_ipv6_remote = ::

Feb 22 22:39:06 openbsd openvpn_server[13784]:   enable_c2c = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   duplicate_cn = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   cf_max = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   cf_per = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   max_clients = 1024
Feb 22 22:39:06 openbsd openvpn_server[13784]:   max_routes_per_client = 256

Feb 22 22:39:06 openbsd openvpn_server[13784]:   
auth_user_pass_verify_script = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   
auth_user_pass_verify_script_via_file = DISABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]:   port_share_host = '[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]:   port_share_port = 0
Feb 22 22:39:06 openbsd openvpn_server[13784]:   client = DISABLED
Feb 22 22:39:06 openbsd openvpn_server[13784]:   pull = DISABLED

Feb 22 22:39:06 openbsd openvpn_server[13784]:   auth_user_pass_file = 
'[UNDEF]'
Feb 22 22:39:06 openbsd openvpn_server[13784]: OpenVPN 2.3.10 
x86_64-unknown-openbsd5.9 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Feb 
19 2016
Feb 22 22:39:06 openbsd openvpn_server[13784]: library versions: 
LibreSSL 2.3.2, LZO 2.09





--
Rafał Ramocki
Dział Administracji Systemami
eo Networks S.A.
tel: 15 822 79 91
e-mail : [email protected]

eo Networks S.A.
ul. Głuszycka 5, 02-215 Warszawa
NIP: 5272604418, REGON: 141905973
Sąd Rejonowy dla m.st.. Warszawy w Warszawie XIII Wydział Gospodarczy Krajowego 
Rejestru Sądowego,
KRS: 0000332547, Kapitał zakładowy i kapitał wpłacony : 205 937,90 złotych.

Ten dokument zawiera informacje poufne, które mogą być również objęte tajemnicą 
handlową lub służbową. Jest on przeznaczony do wyłącznego użytku adresata. 
Jeśli nie są Państwo jego adresatem lub jeśli otrzymaliście Państwo ten 
dokument omyłkowo, to wszelkie rozpowszechnianie, dystrybucja, reprodukcja, 
kopiowanie, publikacja lub wykorzystanie tego dokumentu czy też zawartych w nim 
informacji jest zabronione. Jeśli otrzymaliście Państwo tę wiadomość przez 
pomyłkę, prosimy o bezzwłoczne skontaktowanie się z nami oraz usunięcie tej 
wiadomości z Państwa komputera.

This message may contain confidential and/or privileged information and is 
intended solely for the use of the individual or entity to whom is addressed. 
If you are not the intended recipient, then any disclosure, copying, 
distribution or any other action in reliance upon is expressly prohibited and 
may be unlawful. In this case, please advise the sender by replying and 
deleting this message.























					Reply via email to