Ubuntu
network-manager package

openvpn stops on reconnect

Bug #620411 reported by hpdkrl70
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
network-manager (Ubuntu)
New
Undecided
Unassigned

Bug Description

Binary package hint: network-manager

I use openvpn via NetworkManager
connection type is password

This behavior can be seen in Kubuntu 10.4 and debian 6 unstable.
googeling about the problem I found something about different environment variables on connect and reconnect???
Please see line 2010-08-19 14:11:19. after reconnect a ping is not responding.
If the vpn was stoped and started via the gui it will work again.

2010-08-19 14:06:16 goli NetworkManager <info> VPN connection 'ISH VPN' (IP Config Get) complete.
2010-08-19 14:06:16 goli NetworkManager <info> (tun0): writing resolv.conf to /sbin/resolvconf
2010-08-19 14:06:16 goli NetworkManager <info> Policy set 'ISH VPN' (tun0) as default for routing and DNS.
2010-08-19 14:06:16 goli NetworkManager <info> VPN plugin state changed: 4
2010-08-19 14:06:16 goli nm-dispatcher.action Script '/etc/NetworkManager/dispatcher.d/01ifupdown' exited with error status 1.
2010-08-19 14:11:19 goli nm-openvpn[13200] Connection reset, restarting [0]
2010-08-19 14:11:19 goli nm-openvpn[13200] SIGUSR1[soft,connection-reset] received, process restarting
2010-08-19 14:11:24 goli nm-openvpn[13200] WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
2010-08-19 14:11:24 goli nm-openvpn[13200] NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2010-08-19 14:11:24 goli nm-openvpn[13200] Re-using SSL/TLS context
2010-08-19 14:11:24 goli nm-openvpn[13200] LZO compression initialized

If openvpn is used standalone than there is no such problem.

I use Kubuntu 10.04, amd64

Regards, Thomas
-------------------------------
apt-cache policy openvpn
openvpn:
  Installed: 2.1.0-1ubuntu1.1
  Candidate: 2.1.0-1ubuntu1.1
  Version table:
 *** 2.1.0-1ubuntu1.1 0
        500 http://de.archive.ubuntu.com/ubuntu/ lucid-updates/main Packages
        100 /var/lib/dpkg/status
     2.1.0-1ubuntu1 0
        500 http://de.archive.ubuntu.com/ubuntu/ lucid/main Packages
-----------------------------
apt-cache policy network-manager
network-manager:
  Installed: 0.8-0ubuntu3
  Candidate: 0.8-0ubuntu3
  Version table:
 *** 0.8-0ubuntu3 0
        500 http://de.archive.ubuntu.com/ubuntu/ lucid/main Packages
        100 /var/lib/dpkg/status
apt-cache policy network-manager-kde
network-manager-kde:
  Installed: 1:0.9~svn1112085-0ubuntu4
  Candidate: 1:0.9~svn1112085-0ubuntu4
  Version table:
 *** 1:0.9~svn1112085-0ubuntu4 0
        500 http://de.archive.ubuntu.com/ubuntu/ lucid/main Packages
        100 /var/lib/dpkg/status

Revision history for this message
hpdkrl70 (lively801-launchpad) wrote :

Please provide steps to debug. I have that error each time.
Regards, Thomas

Revision history for this message
hpdkrl70 (lively801-launchpad) wrote :

I made the following to reproduce the problem:
see@ http://live.gnome.org/NetworkManager/Debugging
* killall -TERM nm-openvpn-service
* in a root terminal, run

OPENVPN_DEBUG=1 /usr/lib/network-manager-openvpn/nm-openvpn-service

* start your VPN connection
* reproduce the problem

The last lines are:
Fri Aug 20 13:57:08 2010 us=885890 ACK reliable_send_timeout 604800 [11]
Fri Aug 20 13:57:08 2010 us=887092 TLS: tls_process: timeout set to 57
Fri Aug 20 13:57:08 2010 us=889075 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=df00f944 a2c6a523, stored-sid=00000000 00000000, stored-ip=[undef]
Fri Aug 20 13:57:08 2010 us=889376 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[undef]
Fri Aug 20 13:57:08 2010 us=889707 PUSH: Received control message: 'PUSH_REPLY,route 10.0.10.1 255.255.255.255,redirect-gateway,dhcp-option DOMAIN ad.mynetwork.net,dhcp-option DNS 10.0.87.27,dhcp-option DNS 10.0.87.5,dhcp-option DNS 195.110.60.1,dhcp-option WINS 10.0.87.10,dhcp-option WINS 10.0.87.6,dhcp-option NBT 2,ifconfig 10.0.10.14 10.0.10.13'
Fri Aug 20 13:57:08 2010 us=890088 OPTIONS IMPORT: --ifconfig/up options modified
Fri Aug 20 13:57:08 2010 us=890266 OPTIONS IMPORT: route options modified
Fri Aug 20 13:57:08 2010 us=890429 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Aug 20 13:57:08 2010 us=890593 Preserving previous TUN/TAP instance: tun0
Fri Aug 20 13:57:08 2010 us=890820 /usr/lib/network-manager-openvpn/nm-openvpn-service-openvpn-helper tun0 1500 1544 10.0.10.14 10.0.10.13 restart
Fri Aug 20 13:57:08 2010 us=891928 PKCS#11: __pkcs11h_forkFixup entry pid=14201, activate_slotevent=1
Fri Aug 20 13:57:08 2010 us=892290 PKCS#11: __pkcs11h_forkFixup return
Fri Aug 20 13:57:08 2010 us=913352 MANAGEMENT: Client disconnected
Fri Aug 20 13:57:08 2010 us=913439 script failed: external program exited with error status: 1
Fri Aug 20 13:57:08 2010 us=913469 Exiting

in similar debug sessions it says: invalid IP adress
but the connection string is the same like the reconnection:
Fri Aug 20 13:55:58 2010 us=844754 PUSH: Received control message: 'PUSH_REPLY,route 10.0.10.1 255.255.255.255,redirect-gateway,dhcp-option DOMAIN ad.mynetwork.net,dhcp-option DNS 10.0.87.27,dhcp-option DNS 10.0.87.5,dhcp-option DNS 195.110.60.1,dhcp-option WINS 10.0.87.10,dhcp-option WINS 10.0.87.6,dhcp-option NBT 2,ifconfig 10.0.10.14 10.0.10.13'

see attachment for the full output

Revision history for this message
hpdkrl70 (lively801-launchpad) wrote :

it looks that i facing the following bug: https://bugzilla.gnome.org/show_bug.cgi?id=556134
details also here: https://bugs.launchpad.net/network-manager/+bug/280160

Revision history for this message
hpdkrl70 (lively801-launchpad) wrote :

I have now a new Kubuntu 11.04 installation. The problem described above persists, but only for TCP connections.
Now I am using UDP and it works.

Revision history for this message
Colan Schwartz (colan) wrote :

Please mark the original bug as affecting you.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.