История изменений
Исправление andrey7690, (текущая версия) :
Сервер(выступает исключительно сервером ovpn)
Цикличный кусок лога:
Sun Mar 22 18:34:09 2020 us=212659 SCHEDULE: schedule_find_least wakeup=[Sun Mar 22 18:34:11 2020 us=135843] pri=267344810
Sun Mar 22 18:34:09 2020 us=212680 PO_CTL rwflags=0x0001 ev=8 arg=0x55c47669e168
Sun Mar 22 18:34:09 2020 us=212701 PO_CTL rwflags=0x0001 ev=7 arg=0x55c47669e068
Sun Mar 22 18:34:09 2020 us=212725 I/O WAIT TR|Tw|SR|Sw [1/136498]
Sun Mar 22 18:34:10 2020 us=349899 event_wait returned 0
Sun Mar 22 18:34:10 2020 us=349946 I/O WAIT status=0x0020
Sun Mar 22 18:34:10 2020 us=350421 MULTI: REAP range 240 -> 256
Sun Mar 22 18:34:10 2020 us=350453 **.***.**.**:44533 TIMER: coarse timer wakeup 1 seconds
Sun Mar 22 18:34:10 2020 us=350492 **.***.**.**:44533 TLS: tls_multi_process: i=0 state=S_PRE_START, mysid=3ed7a5da 75f3b067, stored-sid=7d49fd1b 15882a54, stored-ip=[AF_INET]**.***.**.**:445$
Sun Mar 22 18:34:10 2020 us=350516 **.***.**.**:44533 TLS: tls_process: chg=0 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800
Sun Mar 22 18:34:10 2020 us=350540 **.***.**.**:44533 ACK reliable_can_send active=1 current=0 : [1] 0
Sun Mar 22 18:34:10 2020 us=350576 **.***.**.**:44533 ACK reliable_send_timeout 16 [1] 0
Sun Mar 22 18:34:10 2020 us=350598 **.***.**.**:44533 TLS: tls_process: timeout set to 14
Sun Mar 22 18:34:10 2020 us=350626 **.***.**.**:44533 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=83162bd8 97e3e1f4, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC]
Sun Mar 22 18:34:10 2020 us=350654 **.***.**.**:44533 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC]
Sun Mar 22 18:34:10 2020 us=350689 **.***.**.**:44533 SCHEDULE: schedule_add_modify wakeup=[Sun Mar 22 18:34:12 2020 us=135843] pri=267344810
Sun Mar 22 18:34:10 2020 us=350722 SCHEDULE: schedule_find_least wakeup=[Sun Mar 22 18:34:12 2020 us=135843] pri=1508855979
Sun Mar 22 18:34:10 2020 us=350743 PO_CTL rwflags=0x0001 ev=8 arg=0x55c47669e168
Sun Mar 22 18:34:10 2020 us=350764 PO_CTL rwflags=0x0001 ev=7 arg=0x55c47669e068
Sun Mar 22 18:34:10 2020 us=350788 I/O WAIT TR|Tw|SR|Sw [1/136498]
Sun Mar 22 18:34:11 2020 us=487963 event_wait returned 0
Sun Mar 22 18:34:11 2020 us=487999 I/O WAIT status=0x0020
Sun Mar 22 18:34:11 2020 us=488022 MULTI: REAP range 0 -> 16
Sun Mar 22 18:34:11 2020 us=488045 **.***.**.**:44533 TIMER: coarse timer wakeup 1 seconds
Sun Mar 22 18:34:11 2020 us=488078 **.***.**.**:44533 SCHEDULE: schedule_add_modify wakeup=[Sun Mar 22 18:34:13 2020 us=135843] pri=1508855979
Sun Mar 22 18:34:11 2020 us=488110 SCHEDULE: schedule_find_least wakeup=[Sun Mar 22 18:34:13 2020 us=14289] pri=1890505480
Конфиг:
port 1194
proto udp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key # This file should be kept secret
dh /etc/openvpn/dh2048.pem
server 10.9.0.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
push "route 10.4.31.0 255.255.255.0"
client-to-client
keepalive 10 120
tls-auth /etc/openvpn/ta.key 0 # This file is secret
key-direction 0
cipher AES-128-CBC
auth SHA256
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
verb 9
explicit-exit-notify 1
Cервер(который выступает как сервер ovpn и клиентом первого сервера)
Конфиг клиента:
client
dev tun
proto udp
remote (**.***.**.** 1194
pull-filter ignore redirect-gateway
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
remote-cert-tls server
tls-auth ta.key 1
cipher AES-128-CBC
auth SHA256
key-direction 1
verb 9
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
Лог:
Исправление andrey7690, :
Сервер(выступает исключительно сервером ovpn)
Цикличный кусок лога:
Sun Mar 22 18:34:09 2020 us=212659 SCHEDULE: schedule_find_least wakeup=[Sun Mar 22 18:34:11 2020 us=135843] pri=267344810
Sun Mar 22 18:34:09 2020 us=212680 PO_CTL rwflags=0x0001 ev=8 arg=0x55c47669e168
Sun Mar 22 18:34:09 2020 us=212701 PO_CTL rwflags=0x0001 ev=7 arg=0x55c47669e068
Sun Mar 22 18:34:09 2020 us=212725 I/O WAIT TR|Tw|SR|Sw [1/136498]
Sun Mar 22 18:34:10 2020 us=349899 event_wait returned 0
Sun Mar 22 18:34:10 2020 us=349946 I/O WAIT status=0x0020
Sun Mar 22 18:34:10 2020 us=350421 MULTI: REAP range 240 -> 256
Sun Mar 22 18:34:10 2020 us=350453 **.***.**.**:44533 TIMER: coarse timer wakeup 1 seconds
Sun Mar 22 18:34:10 2020 us=350492 **.***.**.**:44533 TLS: tls_multi_process: i=0 state=S_PRE_START, mysid=3ed7a5da 75f3b067, stored-sid=7d49fd1b 15882a54, stored-ip=[AF_INET]**.***.**.**:445$
Sun Mar 22 18:34:10 2020 us=350516 **.***.**.**:44533 TLS: tls_process: chg=0 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800
Sun Mar 22 18:34:10 2020 us=350540 **.***.**.**:44533 ACK reliable_can_send active=1 current=0 : [1] 0
Sun Mar 22 18:34:10 2020 us=350576 **.***.**.**:44533 ACK reliable_send_timeout 16 [1] 0
Sun Mar 22 18:34:10 2020 us=350598 **.***.**.**:44533 TLS: tls_process: timeout set to 14
Sun Mar 22 18:34:10 2020 us=350626 **.***.**.**:44533 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=83162bd8 97e3e1f4, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC]
Sun Mar 22 18:34:10 2020 us=350654 **.***.**.**:44533 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC]
Sun Mar 22 18:34:10 2020 us=350689 **.***.**.**:44533 SCHEDULE: schedule_add_modify wakeup=[Sun Mar 22 18:34:12 2020 us=135843] pri=267344810
Sun Mar 22 18:34:10 2020 us=350722 SCHEDULE: schedule_find_least wakeup=[Sun Mar 22 18:34:12 2020 us=135843] pri=1508855979
Sun Mar 22 18:34:10 2020 us=350743 PO_CTL rwflags=0x0001 ev=8 arg=0x55c47669e168
Sun Mar 22 18:34:10 2020 us=350764 PO_CTL rwflags=0x0001 ev=7 arg=0x55c47669e068
Sun Mar 22 18:34:10 2020 us=350788 I/O WAIT TR|Tw|SR|Sw [1/136498]
Sun Mar 22 18:34:11 2020 us=487963 event_wait returned 0
Sun Mar 22 18:34:11 2020 us=487999 I/O WAIT status=0x0020
Sun Mar 22 18:34:11 2020 us=488022 MULTI: REAP range 0 -> 16
Sun Mar 22 18:34:11 2020 us=488045 **.***.**.**:44533 TIMER: coarse timer wakeup 1 seconds
Sun Mar 22 18:34:11 2020 us=488078 **.***.**.**:44533 SCHEDULE: schedule_add_modify wakeup=[Sun Mar 22 18:34:13 2020 us=135843] pri=1508855979
Sun Mar 22 18:34:11 2020 us=488110 SCHEDULE: schedule_find_least wakeup=[Sun Mar 22 18:34:13 2020 us=14289] pri=1890505480
Конфиг:
port 1194
proto udp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key # This file should be kept secret
dh /etc/openvpn/dh2048.pem
server 10.9.0.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
push "route 10.4.31.0 255.255.255.0"
client-to-client
keepalive 10 120
tls-auth /etc/openvpn/ta.key 0 # This file is secret
key-direction 0
cipher AES-128-CBC
auth SHA256
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
verb 9
explicit-exit-notify 1
Cервер(который выступает как сервер ovpn и клиентом первого сервера)
Конфиг клиента:
client
dev tun
proto udp
remote 91.122.221.112 1194
pull-filter ignore redirect-gateway
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
remote-cert-tls server
tls-auth ta.key 1
cipher AES-128-CBC
auth SHA256
key-direction 1
verb 9
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
Лог:
Исходная версия andrey7690, :
Сервер(выступает исключительно сервером ovpn)
Цикличный кусок лога:
Sun Mar 22 18:34:09 2020 us=212659 SCHEDULE: schedule_find_least wakeup=[Sun Mar 22 18:34:11 2020 us=135843] pri=267344810
Sun Mar 22 18:34:09 2020 us=212680 PO_CTL rwflags=0x0001 ev=8 arg=0x55c47669e168
Sun Mar 22 18:34:09 2020 us=212701 PO_CTL rwflags=0x0001 ev=7 arg=0x55c47669e068
Sun Mar 22 18:34:09 2020 us=212725 I/O WAIT TR|Tw|SR|Sw [1/136498]
Sun Mar 22 18:34:10 2020 us=349899 event_wait returned 0
Sun Mar 22 18:34:10 2020 us=349946 I/O WAIT status=0x0020
Sun Mar 22 18:34:10 2020 us=350421 MULTI: REAP range 240 -> 256
Sun Mar 22 18:34:10 2020 us=350453 **.***.**.**:44533 TIMER: coarse timer wakeup 1 seconds
Sun Mar 22 18:34:10 2020 us=350492 **.***.**.**:44533 TLS: tls_multi_process: i=0 state=S_PRE_START, mysid=3ed7a5da 75f3b067, stored-sid=7d49fd1b 15882a54, stored-ip=[AF_INET]**.***.**.**:445$
Sun Mar 22 18:34:10 2020 us=350516 **.***.**.**:44533 TLS: tls_process: chg=0 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800
Sun Mar 22 18:34:10 2020 us=350540 **.***.**.**:44533 ACK reliable_can_send active=1 current=0 : [1] 0
Sun Mar 22 18:34:10 2020 us=350576 **.***.**.**:44533 ACK reliable_send_timeout 16 [1] 0
Sun Mar 22 18:34:10 2020 us=350598 **.***.**.**:44533 TLS: tls_process: timeout set to 14
Sun Mar 22 18:34:10 2020 us=350626 **.***.**.**:44533 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=83162bd8 97e3e1f4, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC]
Sun Mar 22 18:34:10 2020 us=350654 **.***.**.**:44533 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC]
Sun Mar 22 18:34:10 2020 us=350689 **.***.**.**:44533 SCHEDULE: schedule_add_modify wakeup=[Sun Mar 22 18:34:12 2020 us=135843] pri=267344810
Sun Mar 22 18:34:10 2020 us=350722 SCHEDULE: schedule_find_least wakeup=[Sun Mar 22 18:34:12 2020 us=135843] pri=1508855979
Sun Mar 22 18:34:10 2020 us=350743 PO_CTL rwflags=0x0001 ev=8 arg=0x55c47669e168
Sun Mar 22 18:34:10 2020 us=350764 PO_CTL rwflags=0x0001 ev=7 arg=0x55c47669e068
Sun Mar 22 18:34:10 2020 us=350788 I/O WAIT TR|Tw|SR|Sw [1/136498]
Sun Mar 22 18:34:11 2020 us=487963 event_wait returned 0
Sun Mar 22 18:34:11 2020 us=487999 I/O WAIT status=0x0020
Sun Mar 22 18:34:11 2020 us=488022 MULTI: REAP range 0 -> 16
Sun Mar 22 18:34:11 2020 us=488045 **.***.**.**:44533 TIMER: coarse timer wakeup 1 seconds
Sun Mar 22 18:34:11 2020 us=488078 **.***.**.**:44533 SCHEDULE: schedule_add_modify wakeup=[Sun Mar 22 18:34:13 2020 us=135843] pri=1508855979
Sun Mar 22 18:34:11 2020 us=488110 SCHEDULE: schedule_find_least wakeup=[Sun Mar 22 18:34:13 2020 us=14289] pri=1890505480
Конфиг:
port 1194
proto udp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key # This file should be kept secret
dh /etc/openvpn/dh2048.pem
server 10.9.0.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
push "route 10.4.31.0 255.255.255.0"
client-to-client
keepalive 10 120
tls-auth /etc/openvpn/ta.key 0 # This file is secret
key-direction 0
cipher AES-128-CBC
auth SHA256
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
verb 9
explicit-exit-notify 1
Cервер(который выступает как сервер ovpn и клиентом первого сервера)
Конфиг клиента:
client
dev tun
proto udp
remote 91.122.221.112 1194
pull-filter ignore redirect-gateway
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
remote-cert-tls server
tls-auth ta.key 1
cipher AES-128-CBC
auth SHA256
key-direction 1
verb 9
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
Лог:
[Лог](https://drive.google.com/open?id=1KEfGiCLOmJZowdp27CgoTZgUiGNSQ01c)