Hi.
The first connection after starting the service shows the correct time.
Every next connection shows the wrong time.
Time runs out by about 30 minutes every 2 hours.
This is not a php parsing error or something. If I connect to management socket it shows the same wrong time.
example:
openvpn log:
2020-08-06T09:04:59 openvpn: user '*****' authenticated using 'DC1'
connection status:
connected since: 2020-08-06 13:11:33
What hardware do you use?
Is NTP setup and working?
Its Hyper-V VM.
NTP is working.
All other logs shows right time with right time zone
Additional info: turn verb 4 on and log shows something like:
2020-08-06T11:42:44 openvpn[35212]: user/ip.ip.ip.ip:55798 PID_ERR replay
- [SSL-2] [0111112222222333333344445555556666666777777788889999999>>>>>>>>>] 0:17186 0:17186 t=1596704916[1552] r=[1551,64,15,16,1] sl=[30,64,64,528]
so, OpenVPN put timestamp in epoch with some correction?
t=1596704916 is wrong timestamp
but if we subtract [1552] second from timestamp..that is exact right time
1596703364 -> 2020-08-06T11:42:44 in my time zone.
where did the correction come from?
why correction is not used in status?
banym, thanks for the hint!
I disable clock sync from host to VM (VM host unsynced and it was constant 2min difference with ntp servers) and clock drift in verbose log now is always (3 hours at this moment) "[ 0 ]" and "Connected Since" shows the correct time!
i still don't understand why clock drift continued to grow in OpenVPN with Hyper-V clock-sync turned on.
And why clock drift is considered in logging and not considered in status.
But this is not opnsense problem )
Thanks!
Thank you very much for sharing the solution and information! You are welcome.
If you could mark the first post as solved this helps others to find your solution. Have fun with your firewall!