-
Notifications
You must be signed in to change notification settings - Fork 227
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
openvpn client not work #272
Comments
up |
I'm following |
I have the same problem Help me please |
Same issue! |
Hi everyone, I have made some progress, I load the firmware, openvpn starts, but the connection on UDP is not stable, it falls constantly and stops. On TCP does not work, any ideas? Please help me!!!!! |
After several modifications I could build the OpenVPN client and do some testing. I have an OpenVPN server that I use since a long time, so that part is tested and working.
There's several issues that I see:
@jolivepetrus I guess that's expected as you documented this in 707d754:
|
Btw: Please be aware that the OpenVPN client consumes a huge amount of memory...
|
make sure you also apply #282 which fixes some memory leaks that occur when the client re-connects to the server - which can happen more often than you might think |
also apply #283 which fixes a crash when reconnecting but it's still losing memory: this means still about 640 bytes are lost on each auto-reconnect |
the small memory "leaks" seem come from the fact that openvpn, when auto-reconnecting keeps it's list of options and only adds the push-options - that it receives from the server each time it connects - to the end of that options-list. out of that options-list it assigns the values to it's pointers. that is bad for us because it uses precious memory, but it seems that's not what takes 6k of memory each time but rather a few hundred bytes. the fact that the missing heap memory is not shown might be caused by it being allocated by some other component that's used by the openvpn thread. looking into mbedtls might be a good guess. after having stopped the openvpn thread - that had done one reconnect - when it's done with cleanup and has exited, there's 15 blocks of heap with a total of 7100 bytes that's lost. |
Thanks for your answers, I also thought the problem was this. Today I tried to do some tests, but I still can't load the firmware well. Do you think that using a sd card the vpv client works well? |
Hi @ciccio88fcrlab |
I flash the board but reboot. To load the firmare the first time, I had to make some changes to the code in some files, it wasn't enough to clone the project. I think a SD-card improve the situation if I can use it how an expansion of internal memory for the esp |
@the0ne This is my actual issue, solve the first error (change my python version in config menu): |
@ciccio88fcrlab the error looks like you enabled (external) spi ram in your menuconfig despite your hardware has none. |
I would suggest turn the logging back to level 3 or max 8. |
First you should turn the logging up to 3. Then you should see a server PUSH and that PUSH should include the gw address. |
Btw: the gw setting is also an issue in my testing scenario. But it seems different in your environment. Problematic place in my testing is around here: components/openvpn/src/openvpn/tun.c around line 548
The broadcast (which is later used to set the gateway) is assigned the result of generate_ifconfig_broadcast_addr which only returns The interesting thing is that tun is false because the topology has the value 'subnet'. So in my case broadcast (and later gw) is set to 10.8.0.255 instead of - what I would have expected - the server's vpn endpoint IP of 10.8.0.1. But even in case that is correct it won't help anything to circumvent the known restriction** from 707d754:
|
@the0ne Thanks so much, I identified the problem, apparently there is a problem with address management, perhaps it also depends on the configuration of the vpn server. My open vpn server is https://github.com/kylemanna/docker-openvpn. I statically set the gw, the problem however is the tun, for me the tolopogy is 'net30', so I tried to adjust the code that you suggested me. Even if I set the gw statically, however, I can't ping the gw itself. Do you have any idea? Do you think the difficulties of reaching the subnet are related to memory problems in some way? |
It's probably the known restriction from 707d754:
|
@jolivepetrus do you think the following might be needed additionally to the existing patch?
i believe this should be changed either way, looks like it was just forgotten:
I additionally stumbled upon that this might need to be enabled in lwipopts.h Might it be we need to use something similar to NAPT? |
added the above diffs as 66c87f1 resp. #328 @jolivepetrus what do you think about IP_FORWARD resp. NAPT? |
Hi all, I was trying to use Lua RTSO on ESP32 by enabling open vpn client. I cannot finish the compilation phase. I can finish it by modifying some files that give me an error during the compilation phase, but the flashing stops.
Can someone help me? Have you already used open vpn clients ?
Thank you
The text was updated successfully, but these errors were encountered: