Is a DoS attack taking down my network?

[FriendlyHomeAdmin]

I think my setup's internet connectivity is being shut down by an outside DoS attack.
-I have a netgear r9000 (nighthawk x10) with TCP port 443 open to my pi3's port 1194. The pi3 is on a static IP address.
-I'm running PiHole DNS on my pi3 as well.
-My OpenVPN works great, and so does my internet, but after a few days or hours all of my devices go offline and VPN is no longer accessible from the internet. Pings to my ddns still work, so router is responsive.
-Router admin page is accessible (from private network), and everything looks great except "no internet connectivity".

Router log notes
-Ever since opening port 443, there is a stream of logs similar to this (I presume this is normal): [DoS Attack: ACK Scan] from source: 31.13.76.101, port 443, Tuesday, January 30, 2018 23:22:56
--Other entries look like this: [DoS Attack: SYN/ACK Scan] from source: 61.164.248.35, port 8389, Wednesday, January 31, 2018 05:38:51
--also, plenty of these: [LAN access from remote] from 164.52.6.150:34152 to 192.168.0.250:1194, Tuesday, January 30, 2018 23:08:03

So... where do I start? Are these taking down my pi3 and disabling my network's DNS (even though the router has a Google DNS backup of 8.8.8.8)?

I'm starting with OpenVPN, because that is the use case that I think is causing problems. However, I'm not sure if there is a router bug at play here, config issues with OpenVPN, or something I overlooked in my setup.

Thanks in advance!

[TinCanTech]

What does your openvpn log have to say ?

[FriendlyHomeAdmin]

I can share a sample this evening, but it was filled with repeats of the same error that including something like "this condition could also indicate an active attack..."

[FriendlyHomeAdmin]

Here are my openvpn.log entries just before my router lost internet connectivity (either due to a router problem or DNS, I'm not sure):

Code: Select all

Wed Jan 31 02:17:03 2018 OpenVPN 2.4.0 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 18 2017
Wed Jan 31 02:17:03 2018 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.08
Wed Jan 31 02:17:04 2018 TUN/TAP device tun0 opened
Wed Jan 31 02:17:04 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Wed Jan 31 02:17:04 2018 /sbin/ip link set dev tun0 up mtu 1500
Wed Jan 31 02:17:04 2018 /sbin/ip addr add dev tun0 10.8.0.1/24 broadcast 10.8.0.255
Wed Jan 31 02:17:04 2018 Could not determine IPv4/IPv6 protocol. Using AF_INET
Wed Jan 31 02:17:04 2018 Listening for incoming TCP connection on [AF_INET][undef]:1194
Wed Jan 31 02:17:04 2018 TCPv4_SERVER link local (bound): [AF_INET][undef]:1194
Wed Jan 31 02:17:04 2018 TCPv4_SERVER link remote: [AF_UNSPEC]
Wed Jan 31 02:17:04 2018 GID set to nogroup
Wed Jan 31 02:17:04 2018 UID set to nobody
Wed Jan 31 02:17:04 2018 Initialization Sequence Completed
Wed Jan 31 02:20:00 2018 /sbin/ip addr del dev tun0 10.8.0.1/24
Wed Jan 31 02:20:00 2018 Linux ip addr del failed: external program exited with error status: 2
Wed Jan 31 02:20:00 2018 SIGTERM[hard,] received, process exiting
Wed Jan 31 02:20:12 2018 OpenVPN 2.4.0 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 18 2017
Wed Jan 31 02:20:12 2018 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.08
Wed Jan 31 02:20:12 2018 TUN/TAP device tun0 opened
Wed Jan 31 02:20:12 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Wed Jan 31 02:20:12 2018 /sbin/ip link set dev tun0 up mtu 1500
Wed Jan 31 02:20:12 2018 /sbin/ip addr add dev tun0 10.8.0.1/24 broadcast 10.8.0.255
Wed Jan 31 02:20:12 2018 Could not determine IPv4/IPv6 protocol. Using AF_INET
Wed Jan 31 02:20:12 2018 Listening for incoming TCP connection on [AF_INET][undef]:1194
Wed Jan 31 02:20:12 2018 TCPv4_SERVER link local (bound): [AF_INET][undef]:1194
Wed Jan 31 02:20:12 2018 TCPv4_SERVER link remote: [AF_UNSPEC]
Wed Jan 31 02:20:12 2018 GID set to nogroup
Wed Jan 31 02:20:12 2018 UID set to nobody
Wed Jan 31 02:20:12 2018 Initialization Sequence Completed
Wed Jan 31 03:58:08 2018 /sbin/ip addr del dev tun0 10.8.0.1/24
Wed Jan 31 03:58:08 2018 Linux ip addr del failed: external program exited with error status: 2
Wed Jan 31 03:58:08 2018 SIGTERM[hard,] received, process exiting
Wed Jan 31 03:58:12 2018 OpenVPN 2.4.0 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 18 2017
Wed Jan 31 03:58:12 2018 library versions: OpenSSL 1.0.2l  25 May 2017, LZO 2.08
Wed Jan 31 03:58:12 2018 TUN/TAP device tun0 opened
Wed Jan 31 03:58:12 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Wed Jan 31 03:58:12 2018 /sbin/ip link set dev tun0 up mtu 1500
Wed Jan 31 03:58:12 2018 /sbin/ip addr add dev tun0 10.8.0.1/24 broadcast 10.8.0.255
Wed Jan 31 03:58:12 2018 Could not determine IPv4/IPv6 protocol. Using AF_INET
Wed Jan 31 03:58:12 2018 Listening for incoming TCP connection on [AF_INET][undef]:1194
Wed Jan 31 03:58:12 2018 TCPv4_SERVER link local (bound): [AF_INET][undef]:1194
Wed Jan 31 03:58:12 2018 TCPv4_SERVER link remote: [AF_UNSPEC]
Wed Jan 31 03:58:12 2018 GID set to nogroup
Wed Jan 31 03:58:12 2018 UID set to nobody
Wed Jan 31 03:58:12 2018 Initialization Sequence Completed
Wed Jan 31 04:47:25 2018 TCP connection established with [AF_INET]117.50.7.159:57404
Wed Jan 31 04:47:25 2018 117.50.7.159:57404 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 04:47:25 2018 117.50.7.159:57404 Connection reset, restarting [0]
Wed Jan 31 04:47:25 2018 TCP connection established with [AF_INET]117.50.7.159:57842
Wed Jan 31 04:47:25 2018 117.50.7.159:57842 WARNING: Bad encapsulated packet length from peer (18245), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 04:47:25 2018 117.50.7.159:57842 Connection reset, restarting [0]
Wed Jan 31 04:47:26 2018 TCP connection established with [AF_INET]117.50.7.159:58118
Wed Jan 31 04:47:36 2018 117.50.7.159:58118 Connection reset, restarting [0]
Wed Jan 31 04:47:37 2018 TCP connection established with [AF_INET]117.50.7.159:35250
Wed Jan 31 04:47:37 2018 117.50.7.159:35250 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 04:47:37 2018 117.50.7.159:35250 Connection reset, restarting [0]
Wed Jan 31 04:47:37 2018 TCP connection established with [AF_INET]117.50.7.159:35852
Wed Jan 31 04:47:37 2018 117.50.7.159:35852 WARNING: Bad encapsulated packet length from peer (21843), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 04:47:37 2018 117.50.7.159:35852 Connection reset, restarting [0]
Wed Jan 31 07:07:01 2018 TCP connection established with [AF_INET]164.52.6.150:44459
Wed Jan 31 07:07:02 2018 164.52.6.150:44459 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:02 2018 164.52.6.150:44459 Connection reset, restarting [0]
Wed Jan 31 07:07:02 2018 TCP connection established with [AF_INET]164.52.6.150:50291
Wed Jan 31 07:07:05 2018 164.52.6.150:50291 Connection reset, restarting [-1]
Wed Jan 31 07:07:05 2018 TCP connection established with [AF_INET]164.52.6.150:46198
Wed Jan 31 07:07:05 2018 164.52.6.150:46198 WARNING: Bad encapsulated packet length from peer (18245), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:05 2018 164.52.6.150:46198 Connection reset, restarting [0]
Wed Jan 31 07:07:05 2018 TCP connection established with [AF_INET]164.52.6.150:43984
Wed Jan 31 07:07:05 2018 164.52.6.150:43984 WARNING: Bad encapsulated packet length from peer (49153), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:05 2018 164.52.6.150:43984 Connection reset, restarting [0]
Wed Jan 31 07:07:05 2018 TCP connection established with [AF_INET]164.52.6.150:40160
Wed Jan 31 07:07:08 2018 164.52.6.150:40160 Connection reset, restarting [-1]
Wed Jan 31 07:07:09 2018 TCP connection established with [AF_INET]164.52.6.150:58543
Wed Jan 31 07:07:12 2018 164.52.6.150:58543 WARNING: Bad encapsulated packet length from peer (21843), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:12 2018 164.52.6.150:58543 Connection reset, restarting [0]
Wed Jan 31 07:07:12 2018 TCP connection established with [AF_INET]164.52.6.150:33627
Wed Jan 31 07:07:12 2018 164.52.6.150:33627 WARNING: Bad encapsulated packet length from peer (15423), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:12 2018 164.52.6.150:33627 Connection reset, restarting [0]
Wed Jan 31 07:07:12 2018 TCP connection established with [AF_INET]164.52.6.150:41919
Wed Jan 31 07:07:12 2018 164.52.6.150:41919 WARNING: Bad encapsulated packet length from peer (0), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:12 2018 164.52.6.150:41919 Connection reset, restarting [0]
Wed Jan 31 07:07:12 2018 TCP connection established with [AF_INET]164.52.6.150:38463
Wed Jan 31 07:07:12 2018 164.52.6.150:38463 WARNING: Bad encapsulated packet length from peer (20304), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:12 2018 164.52.6.150:38463 Connection reset, restarting [0]
Wed Jan 31 07:07:13 2018 TCP connection established with [AF_INET]164.52.6.150:35029
Wed Jan 31 07:07:13 2018 164.52.6.150:35029 WARNING: Bad encapsulated packet length from peer (0), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:13 2018 164.52.6.150:35029 Connection reset, restarting [0]
Wed Jan 31 07:07:13 2018 TCP connection established with [AF_INET]164.52.6.150:33327
Wed Jan 31 07:07:13 2018 164.52.6.150:33327 WARNING: Bad encapsulated packet length from peer (41984), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:13 2018 164.52.6.150:33327 Connection reset, restarting [0]
Wed Jan 31 07:07:14 2018 TCP connection established with [AF_INET]164.52.6.150:52893
Wed Jan 31 07:07:17 2018 164.52.6.150:52893 Connection reset, restarting [-1]
Wed Jan 31 07:07:17 2018 TCP connection established with [AF_INET]164.52.6.150:43498
Wed Jan 31 07:07:17 2018 164.52.6.150:43498 WARNING: Bad encapsulated packet length from peer (0), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:17 2018 164.52.6.150:43498 Connection reset, restarting [0]
Wed Jan 31 07:07:17 2018 TCP connection established with [AF_INET]164.52.6.150:44128
Wed Jan 31 07:07:20 2018 164.52.6.150:44128 Connection reset, restarting [-1]
Wed Jan 31 07:07:20 2018 TCP connection established with [AF_INET]164.52.6.150:33638
Wed Jan 31 07:07:20 2018 164.52.6.150:33638 WARNING: Bad encapsulated packet length from peer (17152), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:20 2018 164.52.6.150:33638 Connection reset, restarting [0]
Wed Jan 31 07:07:20 2018 TCP connection established with [AF_INET]164.52.6.150:47109
Wed Jan 31 07:07:20 2018 164.52.6.150:47109 WARNING: Bad encapsulated packet length from peer (18766), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:20 2018 164.52.6.150:47109 Connection reset, restarting [0]
Wed Jan 31 07:07:20 2018 TCP connection established with [AF_INET]164.52.6.150:55426
Wed Jan 31 07:07:20 2018 164.52.6.150:55426 WARNING: Bad encapsulated packet length from peer (12300), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:20 2018 164.52.6.150:55426 Connection reset, restarting [0]
Wed Jan 31 07:07:21 2018 TCP connection established with [AF_INET]164.52.6.150:49642
Wed Jan 31 07:07:21 2018 164.52.6.150:49642 TLS Error: unknown opcode received from [AF_INET]164.52.6.150:49642 op=0
Wed Jan 31 07:07:21 2018 164.52.6.150:49642 Fatal TLS error (check_tls_errors_co), restarting
Wed Jan 31 07:07:21 2018 TCP connection established with [AF_INET]164.52.6.150:45434
Wed Jan 31 07:07:21 2018 164.52.6.150:45434 WARNING: Bad encapsulated packet length from peer (52225), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:21 2018 164.52.6.150:45434 Connection reset, restarting [0]
Wed Jan 31 07:07:21 2018 TCP connection established with [AF_INET]164.52.6.150:53555
Wed Jan 31 07:07:21 2018 164.52.6.150:53555 WARNING: Bad encapsulated packet length from peer (26628), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:21 2018 164.52.6.150:53555 Connection reset, restarting [0]
Wed Jan 31 07:07:21 2018 TCP connection established with [AF_INET]164.52.6.150:57594
Wed Jan 31 07:07:21 2018 164.52.6.150:57594 WARNING: Bad encapsulated packet length from peer (48059), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:21 2018 164.52.6.150:57594 Connection reset, restarting [0]
Wed Jan 31 07:07:22 2018 TCP connection established with [AF_INET]164.52.6.150:34939
Wed Jan 31 07:07:22 2018 164.52.6.150:34939 WARNING: Bad encapsulated packet length from peer (0), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:22 2018 164.52.6.150:34939 Connection reset, restarting [0]
Wed Jan 31 07:07:22 2018 TCP connection established with [AF_INET]164.52.6.150:36904
Wed Jan 31 07:07:25 2018 164.52.6.150:36904 Connection reset, restarting [-1]
Wed Jan 31 07:07:25 2018 TCP connection established with [AF_INET]164.52.6.150:55277
Wed Jan 31 07:07:25 2018 164.52.6.150:55277 WARNING: Bad encapsulated packet length from peer (16466), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:25 2018 164.52.6.150:55277 Connection reset, restarting [0]
Wed Jan 31 07:07:25 2018 TCP connection established with [AF_INET]164.52.6.150:50831
Wed Jan 31 07:07:28 2018 164.52.6.150:50831 Connection reset, restarting [-1]
Wed Jan 31 07:07:28 2018 TCP connection established with [AF_INET]164.52.6.150:54058
Wed Jan 31 07:07:31 2018 164.52.6.150:54058 WARNING: Bad encapsulated packet length from peer (19026), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:31 2018 164.52.6.150:54058 Connection reset, restarting [0]
Wed Jan 31 07:07:32 2018 TCP connection established with [AF_INET]164.52.6.150:35722
Wed Jan 31 07:07:35 2018 164.52.6.150:35722 Connection reset, restarting [-1]
Wed Jan 31 07:07:35 2018 TCP connection established with [AF_INET]164.52.6.150:55253
Wed Jan 31 07:07:35 2018 164.52.6.150:55253 WARNING: Bad encapsulated packet length from peer (26223), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:35 2018 164.52.6.150:55253 Connection reset, restarting [0]
Wed Jan 31 07:07:35 2018 TCP connection established with [AF_INET]164.52.6.150:39297
Wed Jan 31 07:07:35 2018 164.52.6.150:39297 WARNING: Bad encapsulated packet length from peer (29556), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:35 2018 164.52.6.150:39297 Connection reset, restarting [0]
Wed Jan 31 07:07:35 2018 TCP connection established with [AF_INET]164.52.6.150:44442
Wed Jan 31 07:07:35 2018 164.52.6.150:44442 WARNING: Bad encapsulated packet length from peer (25344), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:07:35 2018 164.52.6.150:44442 Connection reset, restarting [0]
Wed Jan 31 07:07:35 2018 TCP connection established with [AF_INET]164.52.6.150:47503
Wed Jan 31 07:07:38 2018 164.52.6.150:47503 Connection reset, restarting [-1]
Wed Jan 31 07:07:40 2018 TCP connection established with [AF_INET]164.52.6.150:35481
Wed Jan 31 07:07:43 2018 164.52.6.150:35481 Connection reset, restarting [0]
Wed Jan 31 07:07:44 2018 TCP connection established with [AF_INET]164.52.6.150:48685
Wed Jan 31 07:07:47 2018 164.52.6.150:48685 Connection reset, restarting [0]
Wed Jan 31 07:07:47 2018 TCP connection established with [AF_INET]164.52.6.150:41934
Wed Jan 31 07:07:50 2018 164.52.6.150:41934 Connection reset, restarting [0]
Wed Jan 31 07:07:50 2018 TCP connection established with [AF_INET]164.52.6.150:34789
Wed Jan 31 07:07:53 2018 164.52.6.150:34789 Connection reset, restarting [0]
Wed Jan 31 07:07:53 2018 TCP connection established with [AF_INET]164.52.6.150:56250
Wed Jan 31 07:07:56 2018 164.52.6.150:56250 Connection reset, restarting [0]
Wed Jan 31 07:07:56 2018 TCP connection established with [AF_INET]164.52.6.150:44107
Wed Jan 31 07:07:59 2018 164.52.6.150:44107 Connection reset, restarting [-1]
Wed Jan 31 07:07:59 2018 TCP connection established with [AF_INET]164.52.6.150:37054
Wed Jan 31 07:08:02 2018 164.52.6.150:37054 Connection reset, restarting [-1]
Wed Jan 31 07:08:02 2018 TCP connection established with [AF_INET]164.52.6.150:36211
Wed Jan 31 07:08:02 2018 164.52.6.150:36211 WARNING: Bad encapsulated packet length from peer (22272), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:08:02 2018 164.52.6.150:36211 Connection reset, restarting [0]
Wed Jan 31 07:08:03 2018 TCP connection established with [AF_INET]164.52.6.150:56136
Wed Jan 31 07:08:03 2018 164.52.6.150:56136 WARNING: Bad encapsulated packet length from peer (63934), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:08:03 2018 164.52.6.150:56136 Connection reset, restarting [0]
Wed Jan 31 07:08:03 2018 TCP connection established with [AF_INET]164.52.6.150:50667
Wed Jan 31 07:08:03 2018 164.52.6.150:50667 WARNING: Bad encapsulated packet length from peer (17517), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:08:03 2018 164.52.6.150:50667 Connection reset, restarting [0]
Wed Jan 31 07:08:03 2018 TCP connection established with [AF_INET]164.52.6.150:34152
Wed Jan 31 07:08:03 2018 164.52.6.150:34152 WARNING: Bad encapsulated packet length from peer (17993), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 07:08:03 2018 164.52.6.150:34152 Connection reset, restarting [0]
Wed Jan 31 09:06:35 2018 TCP connection established with [AF_INET]141.212.122.64:48422
Wed Jan 31 09:06:35 2018 141.212.122.64:48422 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 09:06:35 2018 141.212.122.64:48422 Connection reset, restarting [0]
Wed Jan 31 09:31:16 2018 TCP connection established with [AF_INET]185.217.0.169:57835
Wed Jan 31 09:31:16 2018 185.217.0.169:57835 Connection reset, restarting [0]
Wed Jan 31 09:31:16 2018 TCP connection established with [AF_INET]185.217.0.169:57869
Wed Jan 31 09:31:16 2018 185.217.0.169:57869 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 09:31:16 2018 185.217.0.169:57869 Connection reset, restarting [0]
Wed Jan 31 14:05:21 2018 TCP connection established with [AF_INET]184.105.247.196:50390
Wed Jan 31 14:05:22 2018 184.105.247.196:50390 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
Wed Jan 31 14:05:22 2018 184.105.247.196:50390 Connection reset, restarting [0]

I still have the server running so I can try and diagnose if/when it fails again.

[TinCanTech]

Do you recognise those peer IP addresses as your clients ?

eg:

• Wed Jan 31 04:47:25 2018 TCP connection established with [AF_INET]117.50.7.159:57404

[FriendlyHomeAdmin]

No, none of those IP addresses are my clients. My clients connect successfully each time. Since I'm routing through port 443 on my public address, these are probably mostly scanners and folks attempting to compromise an HTTPS server, but I presume it's also the reason my local network is failing randomly (2x this week so far). I'm struggling to figure out exactly what is failing and how to prevent it, and this is made more difficult that I can't easily reproduce the failure.

[TinCanTech]

FYI:

Wed Jan 31 04:47:25 2018 117.50.7.159:57404 WARNING: Bad encapsulated packet length from peer (5635), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]

Hard to say without details ..

Please take a look at this and fill in the blanks for us. eg: configs.