Hello,
I think there is a failure in the manuals on openvpn.org.
They write there, that the pings are send over the control channel:
*--ping n*
Ping remote over the TCP/UDP control channel if no packets have been
sent for at least *n* seconds (
but there are some reasons why the pings are send over the data channel:
-p2p mode dont has a control channel:
Packet opcode/key_id (8 bits) -- TLS only, not used in
* pre-shared secret mode.
-both sites must send the ping. if it would be send over control channel, the sender would get an ACK and so the other peer dont have to send the ping too.
- in the logs the pings come in P_DATA_V1, there is no P_CONTROL_ACK or something. There is no op code for a ping. I think it comes on the data channel with a speciale bit sequence.
What do you say ?
Regards
Tobias
failure in the manual of OpenVPN + question about float
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
tobias
- OpenVpn Newbie
- Posts: 4
- Joined: Sun Sep 14, 2008 7:20 pm
-
tobias
- OpenVpn Newbie
- Posts: 4
- Joined: Sun Sep 14, 2008 7:20 pm
-
krzee
- Forum Team
- Posts: 728
- Joined: Fri Aug 29, 2008 5:42 pm
Here was Jan's response to you on the mail list:
-----------------
I saw the question the first time but filed it away as I didn't have a
clue. I must confess that I still don't have a clue. Perhaps someone on
the openvpn-devel list can answer this question?
All I can say is that 'p2p' mode vs 'client/server' mode shows the
history of openvpn a bit: p2p mode was the first mode that was supported
(openvpn v1) and 'client/server' mode came with openvpn 2.0 . There are
quite a few options available in the client/server set up that do more
or less the same thing in p2p mode. The 'ping' flag seems to be one of
them.
Remember that in p2p mode you have predefined endpoints , which are
completely useless for the purpose that you originally looked at Openvpn.
cheers,
JJK
-----------------
So it seems this could be left-over from the days of p2p mode. They should be more careful to be correct when they say how the internals work, but otherwise I dont see that this effects anything.
-krzee
-----------------
I saw the question the first time but filed it away as I didn't have a
clue. I must confess that I still don't have a clue. Perhaps someone on
the openvpn-devel list can answer this question?
All I can say is that 'p2p' mode vs 'client/server' mode shows the
history of openvpn a bit: p2p mode was the first mode that was supported
(openvpn v1) and 'client/server' mode came with openvpn 2.0 . There are
quite a few options available in the client/server set up that do more
or less the same thing in p2p mode. The 'ping' flag seems to be one of
them.
Remember that in p2p mode you have predefined endpoints , which are
completely useless for the purpose that you originally looked at Openvpn.
cheers,
JJK
-----------------
So it seems this could be left-over from the days of p2p mode. They should be more careful to be correct when they say how the internals work, but otherwise I dont see that this effects anything.
-krzee