From: Selva Nair <selva.n...@gmail.com>
p2p connections with both ends backing off seldom succeed
as their connection attempt durations becomes increasingly
unlikely to overlap when the retry wait time is long.
Avoid this by applying the backoff logic only on TCP clients
or the tls_client side for UDP.
Regression warning: shared secret setups are left out of the
backoff logic.
Trac #1010
Signed-off-by: Selva Nair <selva.n...@gmail.com>
---
src/openvpn/init.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index 49c74292..2889f355 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -2423,8 +2423,9 @@ socket_restart_pause(struct context *c)
sec = 10;
}
- /* Slow down reconnection after 5 retries per remote -- for tcp only in
client mode */
- if (c->options.ce.proto != PROTO_TCP_SERVER)
+ /* Slow down reconnection after 5 retries per remote -- for TCP client or
UDP tls-client only */
+ if (c->options.ce.proto == PROTO_TCP_CLIENT
+ || (c->options.ce.proto == PROTO_UDP && c->options.tls_client))
{
backoff = (c->options.unsuccessful_attempts /
c->options.connection_list->len) - 4;
if (backoff > 0)
--
2.20.1
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
