Losing connection with Unknown DTLS packet
Stuart Luppescu
slu at ccsr.uchicago.edu
Mon Nov 28 10:47:52 PST 2016
On Sat, 2016-11-26 at 12:23 -0500, Daniel Lenski wrote:
> Can you run as openconnect -vvvvv to show maximal verbosity of
> debugging output? Does the more verbose output give additional
> information about what's going wrong?
I tried this and got a 56MB file with 1325033 lines. I grep'ed for
error but nothing came up. I don't know what to search for in that big
file. However, at the console I got these messages:
CSTP Dead Peer Detection detected dead peer!
Failed to reconnect to host cvpn.uchicago.edu: No route to host
DTLS got write error: Error in the push function.. Falling back to SSL
DTLS handshake failed: Resource temporarily unavailable, try again.
CSTP Dead Peer Detection detected dead peer!
Failed to reconnect to host cvpn.uchicago.edu: Connection timed out
Failed to reconnect to host cvpn.uchicago.edu: Connection timed out
Failed to reconnect to host cvpn.uchicago.edu: Connection timed out
Failed to reconnect to host cvpn.uchicago.edu: Connection timed out
Failed to reconnect to host cvpn.uchicago.edu: Connection timed out
Failed to reconnect to host cvpn.uchicago.edu: Connection timed out
Failed to reconnect to host cvpn.uchicago.edu: Connection timed out
Failed to reconnect to host cvpn.uchicago.edu: Connection timed out
Failed to reconnect to host cvpn.uchicago.edu: Connection timed out
Reconnect failed
RTNETLINK answers: No such process
Unknown error; exiting.
> The source code of dtls.c suggests that the bad packets may be due to
> bugs in particular versions of OpenSSL. It looks like the default
> Gentoo packages build with GnuTLS instead, however
Yes, this is built with gnutls. There is that message above that DTLS
failed and tried to fall back to SSL. Is that an issue?
--
Stuart Luppescu
Chief Psychometrician (ret.)
UChicago Consortium on School Research
http://consortium.uchicago.edu
More information about the openconnect-devel
mailing list