correct usage of connection profiles and connect-retry-max (connect-retry)

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
pi-2007
OpenVpn Newbie
Posts: 4
Joined: Wed Mar 15, 2023 1:29 pm

correct usage of connection profiles and connect-retry-max (connect-retry)

Post by pi-2007 » Wed Mar 22, 2023 3:15 pm

Hello,

in my client ovpn profile I have 2 connection profiles. One for UDP, the other for TCP.

Code: Select all

connect-retry-max
and

Code: Select all

connect-retry
can be configured inside a connection profile. Reading the documentation I understand that both can be used outside a connection block (and would be applied as if they are in all connection blocks), or inside a connection block (in which case these parameters would be applied only inside the connection block).

However, this doesn't work for me. No matter where I put e.g.

Code: Select all

connect-retry-max
, when e.g. the server is unreachable via UDP, the client will go immediately to trying a connection via TCP. if that fails, it goes back to UDP.

What I want to achieve is that the client tries e.g. 3 times UDP, and then moves to TCP.

below client config should try via UDP 3 times, and then move on to TCP and try 10 times.

Code: Select all

... 
connect-retry 3 10
reneg-sec 30

<connection>
remote openvpn.servery.org 1194 udp
connect-retry-max 3
</connection>
    
<connection>
remote openvpn.servery.org 443 tcp
connect-retry-max 10
</connection>
However, if TCP doesn't work either, it will go on forever and never fail (which is very confusing for users)


this client config should try a connection profile 3 times, then move on to the next (as per documentation). However, it tries 4 times: UDP, TCP, UDP, UDP and then giving up.

Code: Select all

... 
connect-retry 3 10
reneg-sec 30
connect-retry-max 3

<connection>
remote openvpn.servery.org 1194 udp
</connection>
    
<connection>
remote openvpn.servery.org 443 tcp
</connection>
can somebody explain how I can tell the client to try 3 times UDP, and 10 times TCP, and then giving up?

Post Reply