Hi, my cable TV internet provider has recently rearranged their network which has significantly worsened the connectivity between my home and the hoster who hosts my OpenVPN server. On good days, I get like 2 Mbit/s through my 50 Mbit/s line, usually less.
This has been verified as not caused by OpenVPN since plain connections from my home to my hoster are as slow as molasses as well while connections to other places work just fine. I do have another server which has decent connectivity to both my home and my OpenVPN installation and I would like to relay the UDP traffic carrying the OpenVPN tunnel through that server. I have tried socat: $ socat -dd -T 86400 UDP4-RECVFROM:1194,fork UDP4-DATAGRAM:my-openvpn-box:1194 This unfortunately does not work as expected. socat seems to change the UDP source port of the relayed packets every once in a while. The OpenVPN serve does not like that. 20:16:05.024023 IP home.55014 > relay.1194: UDP, length 14 20:16:05.024675 IP relay.57045 > openvpn-server.1194: UDP, length 14 20:16:05.037724 IP openvpn-server.1194 > relay.57045: UDP, length 26 20:16:05.037879 IP relay.1194 > home.55014: UDP, length 26 20:16:05.061023 IP home.55014 > relay.1194: UDP, length 22 20:16:05.061057 IP home.55014 > relay.1194: UDP, length 114 20:16:05.061061 IP home.55014 > relay.1194: UDP, length 113 20:16:05.061560 IP relay.49968 > openvpn-server.1194: UDP, length 22 20:16:05.061930 IP relay.34715 > openvpn-server.1194: UDP, length 114 20:16:05.063318 IP relay.52072 > openvpn-server.1194: UDP, length 113 20:16:05.825733 IP openvpn-server.1194 > relay.38689: UDP, length 14 20:16:05.825783 IP relay > openvpn-server: ICMP relay udp port 38689 unreachable, length 50 20:16:07.314468 IP home.55014 > relay.1194: UDP, length 114 20:16:07.315750 IP relay.47555 > openvpn-server.1194: UDP, length 114 20:16:07.453663 IP openvpn-server.1194 > relay.57045: UDP, length 14 20:16:07.453703 IP relay > openvpn-server: ICMP relay udp port 57045 unreachable, length 50 20:16:08.443040 IP home.55014 > relay.1194: UDP, length 113 20:16:08.443665 IP relay.38486 > openvpn-server.1194: UDP, length 113 Setting the bind or sourceport options on the sending side of the socat call results in gazillions of "address already in use" errors on the socat system. Has anybody ever relayed an OpenVPN tunnel through a relay system running Linux? How can I do that? Or am I just using the wrong socat parameters? Greetings Marc P.S.: I would rather not relocate the OpenVPN server since renumbering it would be a significant pain - its addresses are in access lists at all my customers' sites. -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421 ------------------------------------------------------------------------------ _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
