From: "Hoël Bézier" <hoelbezier@riseup.net>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Sending HUP to OpenVPN after WiFi reconnect in Mesh
Date: Wed, 3 Jan 2024 18:11:53 +0100 [thread overview]
Message-ID: <ZZWVWiZdqWcJiGcS@sparta> (raw)
In-Reply-To: <ZZWQbPXUWbJXqvwu@georgi>
[-- Attachment #1: Type: text/plain, Size: 1869 bytes --]
Am Wed, Jan 03, 2024 at 05:50:52PM +0100 schrieb Florian Gamböck:
>
>[snip]
>
>What bugs me however is, that OpenVPN loses connection to the VPN server
>after such an AP change and is not able to reconnect automatically
>again.
>
>[snip]
>
>While this is happening, I cannot access the internet. I suspect, this
>is because of the "persist-tun" setting in the OpenVPN config, but I
>don't want to remove it because I'd rather have no internet at all than
>having suddenly internet without VPN ("kill switch").
>
>I can manually "repair" this situation by sending SIGHUP to OpenVPN,
>which causes a hard reconnect.
>
>Now, with this background information, I need your help to come up with
>a strategy to survive an automatic Mesh WiFi reconnect, without the need
>of manually restarting OpenVPN all the time.
I’ve encountered the same issue as you. I fixed it by removing the persist-tun
option from my configuration file.
The way I understand this configuration option, is that OpenVPN allows itself
to destroy and recreate tun interfaces if needed. I’m not sure whether it means
you may end up on the internet without going through your VPN.
What I’m sure of is that sending SIGHUP to OpenVPN tells it to destroy and
recreate that tun interface of yours, bypassing the persist-tun instruction you
gave it in your configuration file.
Others may have more satisfying answers than mine, but I believe the
appropriate way to fix your issue is by allowing OpenVPN to recreate tun
interfaces when needed, such as after a disconnect, and so you need to remove
the persist-tun option. You might want to wait confirmation from other people
around before doing so, though.
I’d be very interested if anyone had further information on that matter,
whether they would contredict my claims or support them.
Hoël
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2024-01-03 17:13 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-03 16:50 [gentoo-user] Sending HUP to OpenVPN after WiFi reconnect in Mesh Florian Gamböck
2024-01-03 17:11 ` Hoël Bézier [this message]
2024-01-04 0:34 ` Florian Gamböck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZZWVWiZdqWcJiGcS@sparta \
--to=hoelbezier@riseup.net \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox