linux returns EAGAIN for closed ocserv interfaces
Niels Peen
niels at peen.ch
Sat Sep 20 03:05:53 PDT 2014
> On 20 Sep 2014, at 00:19, Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:
>
> A question about the other vpn server that you use. Does it open a new
> tun device for each client? If not that may also give some hint on the
> issue.
Yes, both OpenVPN and OpenConnect are setup to use a new tun device for each client.
After running both patches for a while now I’ve observed the following:
* When using the dnsmasq work-around only this keeps dnsmasq responsive. However, because the send queue fills up, the end-user experience is unusably slow. It essentially now behaves the same as BIND.
# netstat -uln|grep 53
udp 0 0 10.255.0.2:53 0.0.0.0:*
udp 0 64512 10.0.0.1:53 0.0.0.0:*
The 10.0.0.1 address is what the VPN clients query and becomes unusably slow. 10.255.0.2 stays responsive.
* When using the ocserv patch only the problem does not occur. I’ll keep using it and report back if that changes.
Regards,
Niels
More information about the openconnect-devel
mailing list