Hello,
I think there is a failure in the manuals on openvpn.org.
They write there, that the pings are send over the control channel:
*--ping n*
Ping remote over the TCP/UDP control channel if no packets have been
sent for at least *n* seconds (
but there are some reasons why the pings are send over the data channel:
-p2p mode dont has a control channel:
Packet opcode/key_id (8 bits) -- TLS only, not used in
* pre-shared secret mode.
-both sites must send the ping. if it would be send over control
channel, the sender would get an ACK and so the other peer dont have to
send the ping too.
- in the logs the pings come in P_DATA_V1, there is no P_CONTROL_ACK or
something. There is no op code for a ping. I think it comes on the data
channel with a speciale bit sequence.
What do you say ?
A second question:
I have Clients which get from time to time new ip adresses. I have
server mode with tls client and tls server.
I thougt with the directive --float the tunnel will overcome the ip
change. But it breaks, because the Server says:
No TLS State for client... opcode=6
In p2p mode it works fine.
Doesnt it work with tls mode?
Regards
Tobias
