Topics

1

20.1 Legacy Series / OpenVPN clogged by client rush

« on: April 06, 2020, 04:10:18 pm »

Looks like restarting VPN server with 200-300 active clients is bad idea. I have such on dual Xeon 3.3GHz.
OpenVPN service gets smashed by all the clients rushing in. As a result, nobody can connect and the service is dead. showing mostly

WARNING: Failed running command (--auth-user-pass-verify): external program exited with error status: 255

in the logs.

I see that it's possible in firewall rule to have SYN rate limiting per IP. But what if the connections are coming each from unique IP?!

So, is there a way of limiting the SYN rate per firewall rule, not per single source IP? For example to have no more than 1 new incoming (SYN) connection per 2 seconds in the fw rule, which allows access to the service.

2

20.1 Legacy Series / Extract OpenVPN server status

« on: March 20, 2020, 06:21:32 am »

Hi guys,
Is there a way to get the status of OpenVPN server with all the clients connected?
API doesn't seem to provide such capability. If I try to socat it from the unix socket (/var/etc/openvpn/server1.sock) it breaks the server and reboot is required. SNMP maybe?

3

17.1 Legacy Series / Not booting after upgrade to the latest 17.x

« on: July 05, 2017, 04:16:11 pm »

Hi all,
Yesterday I have decided to upgrade to the latest 17.x version, I was on the previous v17 build and I the machine didn't came up...
I had similar problems when installing it. I couldn't install v17 because of the same error. What I did was to install v16 and then upgrade to v17. It was working OK since then, until the yesterdays update...
Attached is the screen where the booting process stops.
Did anyone had similar problem or ideas what could be causing it? The server is HP DL380 G5