Feature #11520: Add 'explicit-exit-notify' option by default - pfSense Packages - pfSense bugtracker

Actions

Copy link

Feature #11520

closed

Add 'explicit-exit-notify' option by default

Added by Viktor Gurov about 3 years ago. Updated about 3 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Viktor Gurov

Category:

OpenVPN Client Export

Target version:

Start date:

02/24/2021

Due date:

% Done:

Estimated time:

Plus Target Version:

Description

https://build.openvpn.net/man/openvpn-2.5/openvpn.8.html:

--explicit-exit-notify n

In UDP client mode or point-to-point mode, send server/peer an exit notification if tunnel is restarted or OpenVPN process is exited. In client mode, on exit/restart, this option will tell the server to immediately close its client instance object rather than waiting for a timeout.

The n parameter (default 1 if not present) controls the maximum number of attempts that the client will try to resend the exit notification message.

In UDP server mode, send RESTART control channel command to connected clients. The n parameter (default 1 if not present) controls client behavior. With n = 1 client will attempt to reconnect to the same server, with n = 2 client will advance to the next server.

without this option "Concurrent connections" can be exhausted very quickly if clients reconnect frequently

see also https://forum.netgate.com/topic/161324/openvpn-is-not-working-if-client-is-reconnected-immediately

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense » pfSense Packages

Custom queries

Feature #11520

Add 'explicit-exit-notify' option by default

Updated by Pippin MMD about 3 years ago

Updated by Viktor Gurov about 3 years ago

Updated by Jim Pingle about 3 years ago

Updated by Renato Botelho about 3 years ago

Updated by Danilo Zrenjanin about 3 years ago