Jump to content
Not connected, Your IP: 3.135.211.71

Recommended Posts

i thought i had this issue figured out and was closed

 

https://airvpn.org/topic/16427-high-latency-lost-connection-durring-hourly-tls-rekeying/?do=findComment&comment=35775

 

But, i have not had any issue for the last 7 month and have happily forgot the problems i had. But suddenly is it a issue again.

 

I am loosing connection every hour during the TLS-rekeying where there is a drop in my connection for up to 6-10sec. I thought i was a issue with my router RT-ac66u with lack of CPU power. But the last 7-8 month hasnt there been any problems. So i can only conclude it isnt a client issue?!

 

i have attached my log file during the TLS rekeying. see the timestamps 21.26.10 - 21.26.16 the 6 sec difference is a drop in connection.

 

Jul 31 21:26:10 openvpn[11656]: TLS: soft reset sec=0 bytes=894520/-1 pkts=7903/0
Jul 31 21:26:10 openvpn[11656]: VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
Jul 31 21:26:10 openvpn[11656]: Validating certificate key usage
Jul 31 21:26:10 openvpn[11656]: ++ Certificate has key usage  00a0, expects 00a0
Jul 31 21:26:10 openvpn[11656]: VERIFY KU OK
Jul 31 21:26:10 openvpn[11656]: Validating certificate extended key usage
Jul 31 21:26:10 openvpn[11656]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Jul 31 21:26:10 openvpn[11656]: VERIFY EKU OK
Jul 31 21:26:10 openvpn[11656]: VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org
Jul 31 21:26:16 openvpn[11656]: Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Jul 31 21:26:16 openvpn[11656]: Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Jul 31 21:26:16 openvpn[11656]: Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA

 

Any ideas?

Share this post


Link to post

To whom it might be of interest...

 

Problem is solved. Got a AC86U with 1.8Ghz dual core CPU and AES instruction set and the latency problem is gone.

 

openvpn / openssl does shut down datalink during tls rekeying on slow cpu.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...