Project

General

Profile

Bug #9595

OpenVPN does not resync when running on a gateway group

Added by James Webb about 1 month ago. Updated about 1 month ago.

Status:
New
Priority:
Normal
Assignee:
Category:
OpenVPN
Target version:
Start date:
06/17/2019
Due date:
% Done:

100%

Estimated time:
3.00 h
Affected Version:
2.4.4-p3
Affected Architecture:
All

Description

When OpenVPN clients/servers are running on a gateway group interface, they should always bind to the most preferable interface within that group. In cases when cables are disconnected/reconnected or when IP changes occur, OpenVPN will often hug a lower priority interface and not resume operation on the most preferable online interface within a gateway group.

This is due to the following reason:

IP changes are monitored by the rc.newwanip file which in turn executes the function openvpn_resync_all in /etc/inc/openvpn.inc

An excerpt from this function is shown below:

if (is_array($config['openvpn']['openvpn-client'])) {
    foreach ($config['openvpn']['openvpn-client'] as & $settings) {
        if ($interface <> "" && $interface != $settings['interface']) {
            continue;
        }
        openvpn_resync('client', $settings);
    }
}

This excerpt sadly does not take account of the situation when OpenVPN instances are bound to gateway groups because the interface in question will never be equal to the OpenVPN interface, thus OpenVPN instances are never resynced when these situations occur.

The solution I propose will bring OpenVPN resyncs more in line with that currently implemented within rc.openvpn to allow for instances operating on gateway group interfaces to behave correctly.

I will submit a PR for review shortly.

Best wishes,
James.

ovpngwgroup.patch (2.01 KB) ovpngwgroup.patch patch file James Webb, 06/19/2019 08:38 AM

Also available in: Atom PDF