[Openvpn-devel] Reduce default restart pause to 1 second

Message ID	20221218195810.1216368-1-selva.nair@gmail.com
State	Superseded
Headers	show Return-Path: <openvpn-devel-bounces@lists.sourceforge.net> Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; From: selva.nair@gmail.com To: openvpn-devel@lists.sourceforge.net Date: Sun, 18 Dec 2022 14:58:10 -0500 Message-Id: <20221218195810.1216368-1-selva.nair@gmail.com> MIME-Version: 1.0 preview: From: Selva Nair Current value of restart pause is 5 seconds which feels unduly long. Reduce it to 1 second. User can still customize the delay using the first parameter for "--connect-retry". Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.166.44 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.166.44 listed in wl.mailspike.net] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [selva.nair[at]gmail.com] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature Subject: [Openvpn-devel] [PATCH] Reduce default restart pause to 1 second Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox
Series	[Openvpn-devel] Reduce default restart pause to 1 second \| expand [Openvpn-devel] Reduce default restart pause to 1 second

Message ID

20221218195810.1216368-1-selva.nair@gmail.com

State

Superseded

Headers

Received-SPF: pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) client-ip=216.105.38.7;
From: selva.nair@gmail.com
To: openvpn-devel@lists.sourceforge.net
Date: Sun, 18 Dec 2022 14:58:10 -0500
Message-Id: <20221218195810.1216368-1-selva.nair@gmail.com>
MIME-Version: 1.0
Subject: [Openvpn-devel] [PATCH] Reduce default restart pause to 1 second
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: openvpn-devel-bounces@lists.sourceforge.net

Series

[Openvpn-devel] Reduce default restart pause to 1 second | expand

Commit Message

Selva Nair Dec. 18, 2022, 7:58 p.m. UTC

From: Selva Nair <selva.nair@gmail.com>

Current value of restart pause is 5 seconds which feels
unduly long. Reduce it to 1 second.

User can still customize the delay using the first parameter for
"--connect-retry".

Also improve the description of "--connect-retry" in the
man page.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
---
Whle reviewing commit 5d429efd9720109b9c9f1265f5d351a75a401942
Arne had suggested this, but I failed to follow up:

Quoting from Message ID 11772d2a-4877-0ed0-2484-7ef66e059737@rfc2549.org
<quote arne@rfc2549.org on 03-07-2016>
Btw. if we introduce this backoff mechansim I think it is safe to lower
the connect-retry small time from 5 to 1 since the potential for looping
very fast through the connection entries is not there anymore.
</quote>

 doc/man-sections/client-options.rst | 2 +-
 src/openvpn/options.c               | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

Comments

Arne Schwabe Dec. 19, 2022, 12:12 p.m. UTC | #1

Am 18.12.22 um 20:58 schrieb selva.nair@gmail.com:
> +--connect-retry n [max]
>     Wait ``n`` seconds between connection attempts (default :code:`5`).

you were close. but forgot to change the 5 in the next line to also say 1.

Arne

Gert Doering Dec. 19, 2022, 12:17 p.m. UTC | #2

Hi,

On Mon, Dec 19, 2022 at 01:12:32PM +0100, Arne Schwabe wrote:
> Am 18.12.22 um 20:58 schrieb selva.nair@gmail.com:
> > +--connect-retry n [max]
> >     Wait ``n`` seconds between connection attempts (default :code:`5`).
> 
> you were close. but forgot to change the 5 in the next line to also say 1.

I can do that on the fly ("not a code change") if you agree to the
change otherwise - since Selva quoted you here... :-)

gert

Frank Lichtenheld Dec. 19, 2022, 12:18 p.m. UTC | #3

On Sun, Dec 18, 2022 at 02:58:10PM -0500, selva.nair@gmail.com wrote:
> From: Selva Nair <selva.nair@gmail.com>
> 
> Current value of restart pause is 5 seconds which feels
> unduly long. Reduce it to 1 second.
> 
> User can still customize the delay using the first parameter for
> "--connect-retry".
> 
> Also improve the description of "--connect-retry" in the
> man page.

Some comments about that part:
 
> diff --git a/doc/man-sections/client-options.rst b/doc/man-sections/client-options.rst
> index 07651479..37d24044 100644
> --- a/doc/man-sections/client-options.rst
> +++ b/doc/man-sections/client-options.rst
> @@ -138,7 +138,7 @@ configuration.
>    Set ``--verb 6`` for debugging info showing the transformation of
>    src/dest addresses in packets.
>  
> ---connect-retry n
> +--connect-retry n [max]

This breaks the formatting, because rst option lists are stupid and
only expect zero or one arguments.
Needs to use the "args" -> "valid syntaxes" pattern seen elsewhere
in the documentation.

>    Wait ``n`` seconds between connection attempts (default :code:`5`).

You didn't actually adapt the default here.

>    Repeated reconnection attempts are slowed down after 5 retries per
>    remote by doubling the wait time after each unsuccessful attempt. An

Regards,

diff --git a/doc/man-sections/client-options.rst b/doc/man-sections/client-options.rst
index 07651479..37d24044 100644
--- a/doc/man-sections/client-options.rst
+++ b/doc/man-sections/client-options.rst
@@ -138,7 +138,7 @@  configuration.
   Set ``--verb 6`` for debugging info showing the transformation of
   src/dest addresses in packets.
 
---connect-retry n
+--connect-retry n [max]
   Wait ``n`` seconds between connection attempts (default :code:`5`).
   Repeated reconnection attempts are slowed down after 5 retries per
   remote by doubling the wait time after each unsuccessful attempt. An
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 4383c953..4442697f 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -815,7 +815,7 @@  init_options(struct options *o, const bool init_gc)
     o->ce.proto = PROTO_UDP;
     o->ce.af = AF_UNSPEC;
     o->ce.bind_ipv6_only = false;
-    o->ce.connect_retry_seconds = 5;
+    o->ce.connect_retry_seconds = 1;
     o->ce.connect_retry_seconds_max = 300;
     o->ce.connect_timeout = 120;
     o->connect_retry_max = 0;

[Openvpn-devel] Reduce default restart pause to 1 second

Commit Message

Comments

Patch