s***@keemail.me
2017-03-06 09:21:52 UTC
Hi!I noticed a connection delay on my clients, when they connect, disconnect and then connect again for a number of times (e.g. 2-3 times).
The client simply hangs upon connection, see the log below:       OpenVPN 2.4.0 [git:master/f5bf296bacce76a8+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Dec 29 2016                  library versions: OpenSSL 1.0.2k  26 Jan 2017, LZO 2.08   TCP/UDP: Preserving recently used remote address: [AF_INET]<ip>:443          UDP link local (bound): [AF_INET][undef]:443                                     UDP link remote: [AF_INET]<ip>:443                                        [SERVERNAME] Peer Connection Initiated with [AF_INET]127.0.0.2:443
During this time, the server logs:"CLIENTNAME/127.0.0.2:443 PUSH: Received control message: 'PUSH_REQUEST'"for a number of times, until the connection is successful, which may take 5-20 seconds.
Server configuration:   port 443   proto udp   dev tun   server 172.16.0.0 255.255.255.0   ca /etc/openvpn/server/ca.crt   cert /etc/openvpn/server/server.crt   key /etc/openvpn/server/server.key   dh /etc/openvpn/server/dh4096.pem   tls-crypt /etc/openvpn/server/tls-crypt.key   tls-version-min 1.2   tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384   cipher AES-256-CBC   auth SHA512   verb 3   comp-lzo   duplicate-cn
What causes this delay and how can it be reduced or completely avoided?
Kind regards,
SaAtomic
The client simply hangs upon connection, see the log below:       OpenVPN 2.4.0 [git:master/f5bf296bacce76a8+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Dec 29 2016                  library versions: OpenSSL 1.0.2k  26 Jan 2017, LZO 2.08   TCP/UDP: Preserving recently used remote address: [AF_INET]<ip>:443          UDP link local (bound): [AF_INET][undef]:443                                     UDP link remote: [AF_INET]<ip>:443                                        [SERVERNAME] Peer Connection Initiated with [AF_INET]127.0.0.2:443
During this time, the server logs:"CLIENTNAME/127.0.0.2:443 PUSH: Received control message: 'PUSH_REQUEST'"for a number of times, until the connection is successful, which may take 5-20 seconds.
Server configuration:   port 443   proto udp   dev tun   server 172.16.0.0 255.255.255.0   ca /etc/openvpn/server/ca.crt   cert /etc/openvpn/server/server.crt   key /etc/openvpn/server/server.key   dh /etc/openvpn/server/dh4096.pem   tls-crypt /etc/openvpn/server/tls-crypt.key   tls-version-min 1.2   tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384   cipher AES-256-CBC   auth SHA512   verb 3   comp-lzo   duplicate-cn
What causes this delay and how can it be reduced or completely avoided?
Kind regards,
SaAtomic