linux returns EAGAIN for closed ocserv interfaces

Niels Peen niels at
Sat Sep 20 03:05:53 PDT 2014

> On 20 Sep 2014, at 00:19, Nikos Mavrogiannopoulos <nmav at> wrote:
> A question about the other vpn server that you use. Does it open a new
> tun device for each client? If not that may also give some hint on the
> issue.

Yes, both OpenVPN and OpenConnect are setup to use a new tun device for each client.

After running both patches for a while now I’ve observed the following:

* When using the dnsmasq work-around only this keeps dnsmasq responsive. However, because the send queue fills up, the end-user experience is unusably slow. It essentially now behaves the same as BIND.

# netstat -uln|grep 53
udp        0      0 *                          
udp        0  64512    *                          

The address is what the VPN clients query and becomes unusably slow. stays responsive.

* When using the ocserv patch only the problem does not occur. I’ll keep using it and report back if that changes.


More information about the openconnect-devel mailing list