Message ID | 20221224194253.3202231-9-arne@rfc2549.org |
---|---|
State | Accepted |
Headers | show |
Series | Various patches to improve DCO behaviour | expand |
Acked-by: Gert Doering <gert@greenie.muc.de> This looks like a good change - only log the "this is not really relevant" messages if we're interested (verb 6), and also add more details. Run on Linux-DCO client/server testbed, and I see quite a number of them... Dec 25 19:22:01 ubuntu2004 tun-udp-p2mp-topology-subnet[1965839]: Received packet for peer-id unknown to OpenVPN: -1, type 0, reason 2 Dec 25 19:22:01 ubuntu2004 tun-udp-p2mp[1965830]: Received packet for peer-id unknown to OpenVPN: -1, type 0, reason 0 Dec 25 19:22:01 ubuntu2004 tun-tcp-p2mp[1965819]: Received packet for peer-id unknown to OpenVPN: -1, type 0, reason 1 Dec 25 19:22:01 ubuntu2004 tun-udp-p2mp-topology-subnet[1965839]: Received packet for peer-id unknown to OpenVPN: -1, type 0, reason 2 Dec 25 19:22:01 ubuntu2004 tun-udp-p2mp[1965830]: Received packet for peer-id unknown to OpenVPN: -1, type 0, reason 0 Dec 25 19:22:01 ubuntu2004 tun-tcp-p2mp[1965819]: Received packet for peer-id unknown to OpenVPN: -1, type 0, reason 1 .. though I can't claim to understand what is happening here... Why is the kernel sending packets for "peer-id -1"? Why are these being sent to all OpenVPN instances at the same moment? Even if we're ignoring these messages, they leave me with an uneasy feeling... (type = 0 is "CMD_UNSPEC", reason 0/1/2 would be TEARDOWN, USERSPACE, EXPIRED - shouldn't these be DEL_PEER messages, so type=3?) Your patch has been applied to the master and release/2.6 branch. commit 8516b4b3665aa94d3114194f33fbb9c34119ab71 (master) commit 5d47df8d69c73629eccc1e443b3dfedbb9e8fd2d (release/2.6) Author: Arne Schwabe Date: Sat Dec 24 20:42:52 2022 +0100 Improve logging when seeing a message for an unkown peer Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20221224194253.3202231-9-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25793.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index d29b7efe3..6c6385c6e 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -3283,7 +3283,17 @@ multi_process_incoming_dco(struct multi_context *m) } else { - msg(D_DCO, "Received packet for peer-id unknown to OpenVPN: %d", peer_id); + int msglevel = D_DCO; + if (dco->dco_message_type == OVPN_CMD_DEL_PEER + && dco->dco_del_peer_reason == OVPN_DEL_PEER_REASON_USERSPACE) + { + /* we get notified after we kill the peer ourselves and probably + * have already forgotten about it. This is expected */ + msglevel = D_DCO_DEBUG; + } + msg(msglevel, "Received packet for peer-id unknown to OpenVPN: %d, " + "type %d, reason %d", peer_id, dco->dco_message_type, + dco->dco_del_peer_reason); /* Also clear the buffer if this was incoming packet for a dropped peer */ buf_init(&dco->dco_packet_in, 0); }
Signed-off-by: Arne Schwabe <arne@rfc2549.org> --- src/openvpn/multi.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-)