Home / server / Questions / 698730
Accepted
Luke
Asked: 2015-06-13 18:16:21 +0800 CST

OpenVPN timeout to reconnect on fail takes a long time

  • 772

I'm trying to create a high-availability environment for my OpenVPN servers. I do this by having two identical VPN servers and in my client config specify multiple remote's:

# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote vpn1 1194
remote vpn2 1194

remote-random

This seem to work. I have a Vagrant environment with two VPN servers and two clients. Once the network runs and I stop OpenVPN on one of the VPN server the other server takes over.

However, before the other server takes over there is a long time before it actually does this. If my clients ping each other it takes about 3 minutes before the pinging continues. My guess is that the clients are trying to reconnect and that the time out is the issue here.

In my OpenVPN client.conf I have played with the following settings but it doesn't seem to make any difference (yes, I restart OpenVPN on the clients after changing the config):

connect-retry 2
connect-retry-max 2

How can I adjust the connect time out on the clients to make them switch faster to a different OpenVPN server?

openvpn

1 Answers

  1. Best Answer

    The keepalive directive controls this:

    # The keepalive directive causes ping-like
# messages to be sent back and forth over
# the link so that each side knows when
# the other side has gone down.
# Ping every 10 seconds, assume that remote
# peer is down if no ping received during
# a 120 second time period.
keepalive 10 120
    • 9