I have a strange problem and I am not sure where to look next. I've just swapped to Unraid and have setup SAB docker with my VPN. Every hour it stops working and I have to either kill the openvpn process from within the docker image or restart it.
You can see below at the timestamps of 13:27 everything is UP and fine. Then an hour later it looks like it does a reconnect of sorts, but from then on it doesn't work. I have deleted and re-downloaded the docker image and set it up again. I have rebooted the Unraid host as well.
I am looking for guidance on where I can try next? Thanks
2020-04-04 13:27:48,825 DEBG 'start-script' stdout output:
[info] Application does not require port forwarding or VPN provider is != pia, skipping incoming port assignment
2020-04-04 13:27:48,825 DEBG 'start-script' stdout output:
[info] Checking we can resolve name 'www.google.com' to address...
2020-04-04 13:27:48,884 DEBG 'start-script' stdout output:
[info] DNS operational, we can resolve name 'www.google.com' to address '216.58.210.36'
2020-04-04 13:27:48,900 DEBG 'start-script' stdout output:
[info] Application does not require external IP address, skipping external IP address detection
2020-04-04 14:34:02,767 DEBG 'start-script' stdout output:
Sat Apr 4 14:34:02 2020 TLS: new session incoming connection from [AF_INET]xxx.xxx.xxx.xxx:1194
2020-04-04 14:34:02,806 DEBG 'start-script' stdout output:
Sat Apr 4 14:34:02 2020 VERIFY OK: depth=1, CN=ChangeMe
2020-04-04 14:34:02,806 DEBG 'start-script' stdout output:
Sat Apr 4 14:34:02 2020 VERIFY KU OK
Sat Apr 4 14:34:02 2020 Validating certificate extended key usage
Sat Apr 4 14:34:02 2020 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sat Apr 4 14:34:02 2020 VERIFY EKU OK
Sat Apr 4 14:34:02 2020 VERIFY X509NAME OK: CN=helios_5e754e9f-953e-4ac1-b9fc-b4ff9f056a4c
Sat Apr 4 14:34:02 2020 VERIFY OK: depth=0, CN=helios_5e754e9f-953e-4ac1-b9fc-b4ff9f056a4c
2020-04-04 14:34:02,830 DEBG 'start-script' stdout output:
Sat Apr 4 14:34:02 2020 TLS: move_session: dest=TM_ACTIVE src=TM_UNTRUSTED reinit_src=1
2020-04-04 14:34:02,831 DEBG 'start-script' stdout output:
Sat Apr 4 14:34:02 2020 TLS: tls_multi_process: untrusted session promoted to semi-trusted
Sat Apr 4 14:34:02 2020 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 256 bit EC, curve: prime256v1
I'm also running the delugevpn docker and the log files show a slightly different message every hour. Connecting to the same VPN. It shows an inactivity timeout and a restart event.
Is this missing from the SAB container?
2020-04-02 19:29:34,440 DEBG 'start-script' stdout output:
[info] Attempting to get external IP using Name Server 'ns1.google.com'...
2020-04-02 19:29:34,689 DEBG 'start-script' stdout output:
[info] Successfully retrieved external IP address xxx.xxx.xxx.xxx
2020-04-02 20:29:34,474 DEBG 'start-script' stdout output:
Thu Apr 2 20:29:34 2020 [helios_5e754e9f-953e-4ac1-b9fc-b4ff9f056a4c] Inactivity timeout (--ping-restart), restarting
Actually ignore that, they both are doing the inactive timeout routing. Will continue digging!
Fix? Seems to be stable now I have set reneg-sec 0 in the server.conf for the OpenVPN server and restarted everything. Didn't see this before when I used an Ubuntu download server connecting up to the VPN, guess it's just one of those things!