I recently upgraded OpenVPN from 2.3.4-5+deb8u2 to 2.4.0-6+deb9u2 (on Debian). Since then, I noticed that after a while without a connection, the daemon alters between 300 seconds of sleeping (without accepting connections) and 20 seconds of waiting for a connection attempt. As a result, it becomes rather unlikely that a connection is established (because the daemon is listening only 6.25% of the time).
The daemon is launched with --daemon ovpn-deneb --status /run/openvpn/deneb.status 10 --cd /etc/openvpn --config /etc/openvpn/deneb.conf --writepid /run/openvpn/deneb.pid through systemd, and the configuration file looks like this: dev tun3 lport 28515 secret deneb.key ifconfig 192.0.2.1 192.0.2.2 mtu-disc no keepalive 10 20 comp-lzo no I think I added the “keepalive” setting to compensate for a change in IP addresses (the configuration above is from a hub, which has a static IP address, and multiple remote daemons connect to it). I suppose I can fix this by adding “ping-timer-rem”. But based on the documentation, it is not entirely clear what I have to do to make OpenVPN to alter betweeen two states only—waiting for an incoming connection, and handling an active tunnel. The “sleeping but not waiting for a connection” state is not really useful to me at all. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
