From patchwork Sun Dec 18 19:58:10 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Selva Nair X-Patchwork-Id: 2925 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:c95:b0:82:e4b3:40a0 with SMTP id p21csp2586123dyk; Sun, 18 Dec 2022 11:59:16 -0800 (PST) X-Google-Smtp-Source: AMrXdXszE28NkdoGmKMVxOjbGj3bkHcf47X+ZZPSk8YYxLvC/3hNNdRl8qjy0LJKu1yextnZQHAw X-Received: by 2002:a17:902:7593:b0:191:1e89:35dd with SMTP id j19-20020a170902759300b001911e8935ddmr2070860pll.12.1671393556755; Sun, 18 Dec 2022 11:59:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1671393556; cv=none; d=google.com; s=arc-20160816; b=AzK9fPkNYaDGMAMv6V3yV5mAhC5BdVnBCa9bodXZ5fxva/lMIlh366mTOJZ3Q4TExs Sr0ErgbG1uUWApz8HGyTe2l9RHfneMwi8ovr78AdYNOPYsCu9bautEAdxUjnE9RNjIzE JAb8jFhXPGEcnRMY3Cox7gRtacwEmRmJZ3yo120Aw8EpguoHslKRA/I5WYA3I/FnwAwn DAHtFnqctMZli9VPVLA6mTqiMtZ1XV6POIprxWK7PGXZvc6yrrHv+v2yTRJSw//Af+Vg 8SftFIYeW66/epHVslheVoInkvoomo82raHoaveN9JHiujONFTy2wSXvINJQaFRb5UIo lMEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:message-id:date:to:from:dkim-signature:dkim-signature :dkim-signature; bh=GqZedBXQRd36RnJqEQ9Geqk7xH6jSkAnbMxpyq678Ds=; b=a7BdKZa2S/htH8e011KKDhqMkunf1u4DUp3nG8kpp3VPiX3Kzh+Eu9PKWi0wVOBEJt /gPs0VoOiFL+HeOKIvVoZfy/RTxMqxSQ7eTNRd7ori2dgr+qreFeWG1TlYbWNUDcIjHt zrqN/X1IV6m/JBOrH7+5iosWGih0fIUKTsA4NkN+cuzSaOoh0cNnEDLS/+Hbm9nELAlM Q7BpV5XLNsMd1mpqVXpDEWrgIQqopfUFoUtWSppqrpr/Ra98tQQ+UDNBo+VjC5eRVI+A BW8wUMqKgr7fh671EgLWKkmbHM3lHQ0QN9iaVwac/0bFEZa8mpInGw2Db3Hk9XE/RKQq poxA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="YS5jz/jR"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=DvNQ8kLF; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20210112 header.b=RfWQTs5h; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id z14-20020a170903018e00b0018c166e2304si8747890plg.299.2022.12.18.11.59.16 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 18 Dec 2022 11:59:16 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="YS5jz/jR"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=DvNQ8kLF; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20210112 header.b=RfWQTs5h; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1p6znk-0007Cs-4F; Sun, 18 Dec 2022 19:58:24 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1p6znj-0007Cm-42 for openvpn-devel@lists.sourceforge.net; Sun, 18 Dec 2022 19:58:23 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=C2fMKLpxcdUHCVqMweL2jYvNHXm0fAAyUxYOsSCRSNg=; b=YS5jz/jRYxr+mKmxyRaH15JNym ybf3BLbRwhcwApQQLABlmw1prxOFpaFbMHfhi8DoEYaSXp6+JtXmh4bFdhiJYDYNaymZaNTFMcwRf pNgU0gMtpJcqbf+YWiHpXT/Z3T7I2hTuzmJ/ZdNZZ77e0Xlr6cbfE6HN3hfA1z/vEg6A=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=C2fMKLpxcdUHCVqMweL2jYvNHXm0fAAyUxYOsSCRSNg=; b=D vNQ8kLFkSEjepo1JnTUJYFI2t3tIQtwdt+4J3REQhA8FY7XXvHetPTb7XtE87srbmG+jsv8stjmuZ /7S+NRdJ6duiluIrchnhwPzIWnIF7OHTIlhn6Y3ufAEnh2NLzqV4IqsnP/l1ON4M/22wl9WS9H8GG ZjI0Kgefcb1zli6Y=; Received: from mail-io1-f44.google.com ([209.85.166.44]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1p6znf-0001uv-3o for openvpn-devel@lists.sourceforge.net; Sun, 18 Dec 2022 19:58:23 +0000 Received: by mail-io1-f44.google.com with SMTP id q190so3746539iod.10 for ; Sun, 18 Dec 2022 11:58:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=C2fMKLpxcdUHCVqMweL2jYvNHXm0fAAyUxYOsSCRSNg=; b=RfWQTs5h8UAiwpm3WE5f2OBNNROoXdRghq+2I+XXIRxYc1BV79Bc9shrVMlyso7NSQ bHZaMUTkqlqGtD9TXMlekN4mCtqy58if5JDMk+VGzSNRNkpak2rI1SNC2bH4iIKa3dOH Sju72oO70gjzFzIeyyOLo+ME8C4sGST27DLCcdvZGnAfFVNtR+crc+oJ7a2Aa5JFV/Rx /yKwefe5mdb73SyKiA/uprEX/n/emGMMnpj4jZYXPSWIzOgHTbFm8lFqkPRCQ3eTrwUj Ob+1UaVRVtzItnZdzURSJdHRO/mWR9o2zq+dLtJAn5dLDt5yJte/0VFqhfgxUc7DpdBS 24kg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=C2fMKLpxcdUHCVqMweL2jYvNHXm0fAAyUxYOsSCRSNg=; b=GMDIF7K5s7Oiogfljix7H0uL7XLRR7MEslV7f9gneeD8IvYdEetZkS3mhRCZHUL8dm EviB8gr6hZiqWORQm/RIs8a12Ili/IQwkUb6sq8vsAg1fYH4FEOj1Iq5gICZmXQw7cTI zj1IHRXWHBtSlY7DP0YDYH+0qw0Ar/xxRN9NVWJkMSHFctGR2Mw92K/oPCoDdnE4Hg1w ETdCpIT92jD9tDjDQj7tmpd13yCF8uY2UmFjhwBVwafwK7yV5MwMO36P4qIkDrA/ln+1 fpvtgYKpUAzBqWvhWS93CtV2UXTrGP8bYk4Ld0W6TSuxkbiueH+zFD8mJZ9ggyzb1c9t cDbg== X-Gm-Message-State: ANoB5pl2X0UZZUMjh0JEpAUV0FRhE8LnpuV5xd1Av7NQIRrSllA+3AH5 3Z0SPnOHM+4LY47VOxQJz9REGzgt39P3yw== X-Received: by 2002:a5d:9496:0:b0:6da:6978:29bd with SMTP id v22-20020a5d9496000000b006da697829bdmr4882784ioj.0.1671393493185; Sun, 18 Dec 2022 11:58:13 -0800 (PST) Received: from uranus.sansel.ca (bras-vprn-tnhlon4053w-lp130-01-70-51-222-66.dsl.bell.ca. [70.51.222.66]) by smtp.gmail.com with ESMTPSA id y16-20020a056638229000b0038aa0e5e9cfsm2673637jas.75.2022.12.18.11.58.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 18 Dec 2022 11:58:12 -0800 (PST) From: selva.nair@gmail.com To: openvpn-devel@lists.sourceforge.net Date: Sun, 18 Dec 2022 14:58:10 -0500 Message-Id: <20221218195810.1216368-1-selva.nair@gmail.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Selva Nair Current value of restart pause is 5 seconds which feels unduly long. Reduce it to 1 second. User can still customize the delay using the first parameter for "--connect-retry". Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.166.44 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.166.44 listed in wl.mailspike.net] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [selva.nair[at]gmail.com] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1p6znf-0001uv-3o Subject: [Openvpn-devel] [PATCH] Reduce default restart pause to 1 second X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1752583170162880463?= X-GMAIL-MSGID: =?utf-8?q?1752583170162880463?= From: Selva Nair Current value of restart pause is 5 seconds which feels unduly long. Reduce it to 1 second. User can still customize the delay using the first parameter for "--connect-retry". Also improve the description of "--connect-retry" in the man page. Signed-off-by: Selva Nair --- Whle reviewing commit 5d429efd9720109b9c9f1265f5d351a75a401942 Arne had suggested this, but I failed to follow up: Quoting from Message ID 11772d2a-4877-0ed0-2484-7ef66e059737@rfc2549.org Btw. if we introduce this backoff mechansim I think it is safe to lower the connect-retry small time from 5 to 1 since the potential for looping very fast through the connection entries is not there anymore. doc/man-sections/client-options.rst | 2 +- src/openvpn/options.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/man-sections/client-options.rst b/doc/man-sections/client-options.rst index 07651479..37d24044 100644 --- a/doc/man-sections/client-options.rst +++ b/doc/man-sections/client-options.rst @@ -138,7 +138,7 @@ configuration. Set ``--verb 6`` for debugging info showing the transformation of src/dest addresses in packets. ---connect-retry n +--connect-retry n [max] Wait ``n`` seconds between connection attempts (default :code:`5`). Repeated reconnection attempts are slowed down after 5 retries per remote by doubling the wait time after each unsuccessful attempt. An diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 4383c953..4442697f 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -815,7 +815,7 @@ init_options(struct options *o, const bool init_gc) o->ce.proto = PROTO_UDP; o->ce.af = AF_UNSPEC; o->ce.bind_ipv6_only = false; - o->ce.connect_retry_seconds = 5; + o->ce.connect_retry_seconds = 1; o->ce.connect_retry_seconds_max = 300; o->ce.connect_timeout = 120; o->connect_retry_max = 0;