Hi there We just rolled out a test version of a new client "--up" script for 4 Windows users running openvpn as a service and it was borked. The script had a bad exit value and so the client would connect, run up.cmd, error and disconnect. Then sleep 5 seconds and do it all over again
End result was with just 4 clients in that state, the management port on the server became unusable. Some times you could connect - getting the banner - but any command you sent would just hang and never return. Other times it would connect - but you wouldn't get the banner, and other times it couldn't even connect! Fixed the clients, they reconnected and got working connections, and then the server came right all by itself Having the management interface going "lala" like that was a bit of a shock: the server itself actually uses that API during connection phase for some sanity checks - and they would fail once it stopped working, which in turn made the problem worse. This was openvpn-git - built a couple of weeks ago, so it's pretty fresh. I had "verb 5" enabled and didn't see any error that implied a problem, but the connections were in a real state. I'm guessing there's some kind of blocking problem occurring when a client successfully connects and then immediately disconnects? Somehow that causes the management interface to pause, not knowing what to do next? This was UDP (but with explicit-exit-notify 2) Any ideas what I can do to stop this happening again (besides better QA on our "up" script ;-) Thanks! -- Cheers Jason Haar Corporate Information Security Manager, Trimble Navigation Ltd. Phone: +1 408 481 8171 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ------------------------------------------------------------------------------ Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
