OpenVPN Support Forum

Hello Everyone,
I enabled Cluster on my OpenVPN Access Server and running just one node.
The goal is to minimize downtime during server maintenance/upgrades by adding/replacing cluster nodes.

My question is about server updates.
When I make a change in the UI, it is not clear if it will always impact/terminate active user sessions.
The same issue for sacli updated.

Is there a list of changes that require full server restart/drop connections versus in-line, no user impact.

Any recommendations on how to provide 24/7 support with minimal downtime for an international team?

Hello esimeon,

Basically any change that requires that routes are changed on the client side, such as adding/removing access rules that affect this user, will trigger the need to have the client reconnect when you apply the change. They'll get a signal to reconnect, usually takes a few seconds to reconnect.

The same goes for changes to DNS settings. That requires the client to reconnect too.

Since access control and DNS are the main things that you generally configure on Access Server, you can consider almost any setting to have an effect on the client when you change things. But it only requires a client to reconnect if there is something that affects them. So changing an access rule for user A doesn't mean user B has to reconnect.

Kind regards,
Johan

Johan,
Thank you for the detailed response.

I will also welcome some community feedback on best practices for rolling upgrades.