Can "up" option be used for detecting e2e connection establishment?

How to customize and extend your OpenVPN installation.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
hitochan777
OpenVpn Newbie
Posts: 3
Joined: Wed Mar 30, 2022 12:46 am

Can "up" option be used for detecting e2e connection establishment?

Post by hitochan777 » Wed Mar 30, 2022 2:55 am

Hi everyone.
I am trying to detect if OpenVPN connection is established on the client side and notify other application that is running on the same machine.
I checked several posts on this forum and found that using --up option may be a good approach.

According to the reference (https://openvpn.net/community-resources ... envpn-2-4/),
--up options is used to "Run command cmd after successful TUN/TAP device open".
Does successful TUN/TAP device open mean end-to-end connection over openvpn is established?
Or might it be the case that it does not necessarily mean the connection is not established?

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Can "up" option be used for detecting e2e connection establishment?

Post by TinCanTech » Wed Mar 30, 2022 11:41 am

In this case, the VPN itself is not ready to pass data but everything else is ready.

Once the --up script completes then, for security reasons, the VPN will pass data.

Some people claim they can get data over the VPN before the --up completes ..

hitochan777
OpenVpn Newbie
Posts: 3
Joined: Wed Mar 30, 2022 12:46 am

Re: Can "up" option be used for detecting e2e connection establishment?

Post by hitochan777 » Wed Mar 30, 2022 12:34 pm

Thank you for your reply.

> In this case, the VPN itself is not ready to pass data but everything else is ready.

So do you mean when --up script is run, it does not guarantee that data can be passed over the VPN?
If so, what about --up-delay? The reference says it delays "--up script execution until after TCP/UDP connection establishment with peer".

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Can "up" option be used for detecting e2e connection establishment?

Post by TinCanTech » Wed Mar 30, 2022 1:32 pm

I am told that the VPN will not pass data until all scripts complete, as it says in the manual.

Some people believe they can get around it ..

Try it for yourself.

hitochan777
OpenVpn Newbie
Posts: 3
Joined: Wed Mar 30, 2022 12:46 am

Re: Can "up" option be used for detecting e2e connection establishment?

Post by hitochan777 » Wed Mar 30, 2022 2:07 pm

I confirmed that I cannot pass data inside --up script nor inside --route-up script.
But I think the fact that "the VPN itself is not ready to pass data but everything else is ready" when --up script is run is already enough for my usecase.
Thank you so much for your help.

Post Reply