some days ago some clients start to complain that connection frozes every 5 second for a moment (we use openvpn for a "real time application" and we need a fluent connection). We are using OpenVPN 2.3.10
We tries some ping and found that evey (5-10) stables pings there was one with a higher value (normal ones where about 45ms and the higher about 650ms). This happened in all clients connected without any traffic inside the vpn.
After some research we found a correlation between the tries from old removed users to start a vpn and the higher pings. Every time a removed user tried to login, all the connections to the clients had a little hold or downtime or...
To authenticate the users we use the options:
options
auth-user-pass-optional
auth-user-pass-verify /some/path/script.py via-env
This script (/some/path/script.py) validates if the user can open a new vpn or not
We tried to remove this two options from our vpn (we have certificates validation) and the problem disapears.
Now the old clients fails to create a vpn but for another reason (we use a file for extra configuration that we remove when the clients is removed and when this file is missing the vpn connection fails).
Can this be happening? The process of validate new connections can be affecting the traffic of the vpns?
There is any way to solve it? We "need" an extra external check to validate the user and create a new vpn with this options or any others.
Thanks for all the help,
Roger