Hi,
On 12/01/2023 17:37, Arne Schwabe wrote:
This workaround avoids the kernel trigger ENOBUFS when the kernel
internal queue is overrun with events of disconnectingh clients or
similar. This is a workaround until we come up with a more permanent
solution.
Signed-off-by: Arne Schwabe <a...@rfc2549.org>
After further discussion and deeper testing, we concluded that it is
possible to generate so much netlink traffic that we can easily fill the
buffers and start losing message or get desync'd with kernelspace.
The long term solution is improving ovpn-dco (kernel module) to reduce
such traffic, however, for now it makes sense to extend the userspace
buffer in order to decrease the likelihood of filling it up during
normal operations.
Therefore this patch gets my ACK:
Acked-by: Antonio Quartulli <a...@unstable.cc>
[please add spaces around the '*' operator]
---
src/openvpn/dco_linux.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/openvpn/dco_linux.c b/src/openvpn/dco_linux.c
index 5524cdbcd..c84f9cfe1 100644
--- a/src/openvpn/dco_linux.c
+++ b/src/openvpn/dco_linux.c
@@ -375,6 +375,11 @@ ovpn_dco_init_netlink(dco_context_t *dco)
* wrong sequence numbers (NLE_SEQ_MISMATCH), so disable libnl's sequence
* number check */
nl_socket_disable_seq_check(dco->nl_sock);
+
+ /* nl library sets the buffer size to 32k/32k by default which is sometimes
+ * overrun with very fast connecting/disconnecting clients.
+ * TODO: fix this in a better and more reliable way */
+ ASSERT(!nl_socket_set_buffer_size(dco->nl_sock, 1024*1024, 1024*1024));
}
bool
--
Antonio Quartulli
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
