Perte de connexion régulière VPNClient

Bonjour, j’ai les mêmes soucis de “perte” de la connexion VPN, en redemarrant la brique ça refonctionne. J’ai tenté le :

yunohost app upgrade -u https://github.com/YunoHost-Apps/vpnclient_ynh/tree/testing vpnclient

mais ça ne change rien, toujours le même problème qui survient une fois par jour.

Ça ne semble pas être le même soucis.
Au bout de combien de temps perds tu la connexion ?

Quel est ton fournisseur de VPN ?

Quand tu n’as plus le réseau, est-ce que tu peux tester :

ping wikipedia.org
ping 9.9.9.9
iptables-save

Merci pour la rédaction de ce nouveau sujet, en effet le problème est différent. Je perd la connexion chaque jour, je n’arrive pas à savoir si c’est à la même heure. mon fournisseur de VPN est FDN. Je vais essayer de tester ces commandes à la prochaine coupure et je mettrais le résultat dans la réponse.

Voilà ce jour, perte de la connexion VPN vers 13h
sur l’interface d’administration :

ynh-vpnclient Tunnels the internet traffic through a VPN
failed depuis il y a 1 minute

journalctl

-- Logs begin at Fri 2021-11-26 14:04:10 CET, end at Sat 2021-11-27 13:09:42 CET. --
Nov 27 13:07:13 ntpd[21417]: Listen normally on 9 wlan0 [fe80::3a:35ff:feb0:4300%3]:123
Nov 27 13:07:13 ntpd[21417]: Listening on routing socket on fd #26 for interface updates
Nov 27 13:07:20 ntpd[21417]: Soliciting pool server 5***
Nov 27 13:07:21 ntpd[21417]: ntpd: time slew -0.015651 s
Nov 27 13:07:21 ynh-vpnclient[21238]: [INFO] Now actually starting OpenVPN client...
Nov 27 13:07:21 ynh-vpnclient[21238]: [INFO] OpenVPN client started ... waiting for tun0 interface to show up
Nov 27 13:07:43 ynh-vpnclient[21238]: [FAIL] Tun0 interface did not show up ... most likely an issue happening in OpenVPN client ... below is an extract of the log that might be relevant to pinpoint the issue
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 12:57:31 2021 UDP link local: (not bound)
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 12:57:31 2021 UDP link remote: [AF_INET6]2001:910:800::104:1194
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 12:57:53 2021 event_wait : Interrupted system call (code=4)
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 12:57:53 2021 SIGTERM received, sending exit notification to peer
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 12:57:54 2021 SIGTERM[soft,exit-with-notification] received, process exiting
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 13:02:22 2021 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 28 2021
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 13:02:22 2021 library versions: OpenSSL 1.1.1d  10 Sep 2019, LZO 2.10
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 13:02:22 2021 TCP/UDP: Preserving recently used remote address: [AF_INET6]2001:910:800::108:1194
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 13:02:22 2021 Socket Buffers: R=[163840->163840] S=[163840->163840]
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 13:02:22 2021 UDP link local: (not bound)
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 13:02:22 2021 UDP link remote: [AF_INET6]2001:910:800::108:1194
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 13:02:44 2021 event_wait : Interrupted system call (code=4)
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 13:02:44 2021 SIGTERM received, sending exit notification to peer
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 13:02:45 2021 SIGTERM[soft,exit-with-notification] received, process exiting
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 13:07:21 2021 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 28 2021
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 13:07:21 2021 library versions: OpenSSL 1.1.1d  10 Sep 2019, LZO 2.10
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 13:07:21 2021 TCP/UDP: Preserving recently used remote address: [AF_INET6]2001:910:800::57:1194
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 13:07:21 2021 Socket Buffers: R=[163840->163840] S=[163840->163840]
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 13:07:21 2021 UDP link local: (not bound)
Nov 27 13:07:43 ynh-vpnclient[21238]: Sat Nov 27 13:07:21 2021 UDP link remote: [AF_INET6]2001:910:800::57:1194
Nov 27 13:07:43 ynh-vpnclient[21238]: [INFO] Stopping OpenVPN service
Nov 27 13:07:44 ynh-vpnclient[21238]: [CRIT] Failed to start OpenVPN client : tun0 interface did not show up
Nov 27 13:07:44 systemd[1]: ynh-vpnclient.service: Main process exited, code=exited, status=1/FAILURE
Nov 27 13:07:44 systemd[1]: ynh-vpnclient.service: Failed with result 'exit-code'.
Nov 27 13:07:44 systemd[1]: Failed to start YunoHost VPN Client..
 /var/log/ynh-vpnclient.log

Sat Nov 27 12:57:14 2021 SIGTERM[soft,exit-with-notification] received, process exiting
Sat Nov 27 12:57:31 2021 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 28 2021
Sat Nov 27 12:57:31 2021 library versions: OpenSSL 1.1.1d  10 Sep 2019, LZO 2.10
Sat Nov 27 12:57:31 2021 TCP/UDP: Preserving recently used remote address: [AF_INET6]2001:910:800::104:1194
Sat Nov 27 12:57:31 2021 Socket Buffers: R=[163840->163840] S=[163840->163840]
Sat Nov 27 12:57:31 2021 UDP link local: (not bound)
Sat Nov 27 12:57:31 2021 UDP link remote: [AF_INET6]2001:910:800::104:1194
Sat Nov 27 12:57:53 2021 event_wait : Interrupted system call (code=4)
Sat Nov 27 12:57:53 2021 SIGTERM received, sending exit notification to peer
Sat Nov 27 12:57:54 2021 SIGTERM[soft,exit-with-notification] received, process exiting
Sat Nov 27 13:02:22 2021 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 28 2021
Sat Nov 27 13:02:22 2021 library versions: OpenSSL 1.1.1d  10 Sep 2019, LZO 2.10
Sat Nov 27 13:02:22 2021 TCP/UDP: Preserving recently used remote address: [AF_INET6]2001:910:800::108:1194
Sat Nov 27 13:02:22 2021 Socket Buffers: R=[163840->163840] S=[163840->163840]
Sat Nov 27 13:02:22 2021 UDP link local: (not bound)
Sat Nov 27 13:02:22 2021 UDP link remote: [AF_INET6]2001:910:800::108:1194
[INFO] Stopping OpenVPN service
[CRIT] Failed to start OpenVPN client : tun0 interface did not show up
[INFO] Retrieving Yunohost settings... 
[ OK ] Settings retrieved
[INFO] [vpnclient] Starting...
[INFO] Cleaning vpnclient custom rules from the firewall
[INFO] Restarting yunohost firewall...
[ OK ] Firewall restarted!
[INFO] Now synchronizing time using ntp...
[INFO] Now actually starting OpenVPN client...
[INFO] OpenVPN client started ... waiting for tun0 interface to show up
[FAIL] Tun0 interface did not show up ... most likely an issue happening in OpenVPN client ... below is an extract of the log that might be relevant to pinpoint the issue
Sat Nov 27 12:57:31 2021 UDP link local: (not bound)
Sat Nov 27 12:57:31 2021 UDP link remote: [AF_INET6]2001:910:800::104:1194
Sat Nov 27 12:57:53 2021 event_wait : Interrupted system call (code=4)
Sat Nov 27 12:57:53 2021 SIGTERM received, sending exit notification to peer
Sat Nov 27 12:57:54 2021 SIGTERM[soft,exit-with-notification] received, process exiting
Sat Nov 27 13:02:22 2021 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 28 2021
Sat Nov 27 13:02:22 2021 library versions: OpenSSL 1.1.1d  10 Sep 2019, LZO 2.10
Sat Nov 27 13:02:22 2021 TCP/UDP: Preserving recently used remote address: [AF_INET6]2001:910:800::108:1194
Sat Nov 27 13:02:22 2021 Socket Buffers: R=[163840->163840] S=[163840->163840]
Sat Nov 27 13:02:22 2021 UDP link local: (not bound)
Sat Nov 27 13:02:22 2021 UDP link remote: [AF_INET6]2001:910:800::108:1194
Sat Nov 27 13:02:44 2021 event_wait : Interrupted system call (code=4)
Sat Nov 27 13:02:44 2021 SIGTERM received, sending exit notification to peer
Sat Nov 27 13:02:45 2021 SIGTERM[soft,exit-with-notification] received, process exiting
Sat Nov 27 13:07:21 2021 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 28 2021
Sat Nov 27 13:07:21 2021 library versions: OpenSSL 1.1.1d  10 Sep 2019, LZO 2.10
Sat Nov 27 13:07:21 2021 TCP/UDP: Preserving recently used remote address: [AF_INET6]2001:910:800::57:1194
Sat Nov 27 13:07:21 2021 Socket Buffers: R=[163840->163840] S=[163840->163840]
Sat Nov 27 13:07:21 2021 UDP link local: (not bound)
Sat Nov 27 13:07:21 2021 UDP link remote: [AF_INET6]2001:910:800::57:1194
[INFO] Stopping OpenVPN service
[CRIT] Failed to start OpenVPN client : tun0 interface did not show up

l’interface tun0 semble avoir disparu.

sur la brique :
#systemctl restart networking.service

#journalctl -xe

nov. 27 13:18:01 home.freegum.fr ifup[22927]: ifup: failed to bring up usb0
– The unit networking.service has entered the ‘failed’ state with result ‘exit-code’.
nov. 27 13:18:01 home.freegum.fr systemd[1]: Failed to start Raise network interfaces.
– Subject: L’unité (unit) networking.service a échoué

→ redemarrage de la brique.

apres redemarrage :

ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether *** brd ff:ff:ff:ff:ff:ff
    inet ***/24 brd *** scope global dynamic eth0
       valid_lft 42954sec preferred_lft 42954sec
    inet6 ***/64 scope global dynamic mngtmpaddr 
       valid_lft 86151sec preferred_lft 86151sec
    inet6 ***/128 scope link 
       valid_lft forever preferred_lft forever
    inet6 ***/64 scope link 
       valid_lft forever preferred_lft forever
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether *** brd ff:ff:ff:ff:ff:ff
    inet ***/24 scope global wlan0
       valid_lft forever preferred_lft forever
    inet6 ***/64 scope global 
       valid_lft forever preferred_lft forever
    inet6 ***/64 scope link 
       valid_lft forever preferred_lft forever
4: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
    link/none 
    inet ***/22 brd ***.255 scope global tun0
       valid_lft forever preferred_lft forever
    inet6 ***/128 scope global 
       valid_lft forever preferred_lft forever
    inet6 ***/64 scope global 
       valid_lft forever preferred_lft forever
    inet6 ***/64 scope link stable-privacy 
       valid_lft forever preferred_lft forever

tun0 apparait bien … Je ne comprend pas pourquoi tun0 “disparait” sans raison apparente.

Et mon test ??? /o\

Voilà, là je n’ai plus de réseau, je suis logué directement sur ma brique et voici les commandes et leurs résultats :

ping wikipedia.org
PING wikipedia.org (91.198.174.192) 56(84) bytes of data.
64 bytes from text-lb.esams.wikimedia.org (91.198.174.192): icmp_seq=1 ttl=60 time=16.2 ms
ping 9.9.9.9
PING 9.9.9.9 (9.9.9.9) 56(84) bytes of data.
64 bytes from 9.9.9.9: icmp_seq=1 ttl=60 time=11.6 ms
64 bytes from 9.9.9.9: icmp_seq=2 ttl=60 time=11.3 ms
iptables-save 
# Generated by xtables-save v1.8.2 on Sun Nov 28 17:56:39 2021
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 587 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5222 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5269 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p udp -m udp --dport 5353 -j ACCEPT
-A INPUT -p udp -m udp --dport 587 -j ACCEPT
-A INPUT -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmp -j ACCEPT
COMMIT
# Completed on Sun Nov 28 17:56:39 2021
# Generated by xtables-save v1.8.2 on Sun Nov 28 17:56:39 2021
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Sun Nov 28 17:56:39 2021

Tiens, une mise à jour du méchant client VPN :

Applications

VPN Client (vpnclient) de 2.0.2~ynh4 à 2.0.2~ynh5

→ non toujours pareil pas de connexion VPN …

Voici comment j’ai pu relancer le VPN :
root@home:~# systemctl start ynh-vpnclient.service
Job for ynh-vpnclient.service failed because the control process exited with error code.
See “systemctl status ynh-vpnclient.service” and “journalctl -xe” for details.

En arretant le hotpspot :
root@home:~# systemctl stop ynh-hotspot.service

Le VPN se relance :
root@home:~# systemctl start ynh-vpnclient.service

Et je relance le hotspot ensuite :
root@home:~# systemctl start ynh-hotspot.service

ça fonctionne …

Bizarre car tes résultats de commandes sans réseau montre que justement ta brique a du réseau…

Tu veux dire que c’est ton ordinateur connecté au hotspot wifi de la brique qui n’a plus de réseau ?

Quand le VPN tombe, je n’ai plus accès à internet depuis mes machines connecté à l’AP wifi de la brique (mais j’accède aux machines locales depuis leurs adresses IP), depuis la brique, je ne passe plus par le VPN mais j’accède à internet directement via la connexion de mon FAI.

Depuis l’extérieur, comme mon nom de domaine est basé sur la connexion VPN, je n’ai plus accès à ma brique quand le VPN tombe.

ce matin je regarde l’état de mes services,

systemctl status networking.service 
● networking.service - Raise network interfaces
   Loaded: loaded (/lib/systemd/system/networking.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Sat 2021-11-27 13:22:28 CET; 2 days ago
     Docs: man:interfaces(5)
 Main PID: 302 (code=exited, status=1/FAILURE)

Pourtant je suis bien connecté sur ma brique, et ip a me donne bien :


1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
[...]
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
[...]
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
[...]
5: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
[...]

J’ai du réseau, le VPN fonctionne et pourtant le service networking ne tourne pas …

j’ai remarqué également dans le dmesg :


[   10.583388] systemd[1]: Configuration file /etc/systemd/system/ynh-vpnclient-checker.service is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.
[   10.606546] systemd[1]: Configuration file /etc/systemd/system/ynh-vpnclient.service is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.
[   10.628586] systemd[1]: Configuration file /etc/systemd/system/ynh-hotspot.service is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.

Mais je ne sais pas si ça pose un problème.

J’ai les droits suivants sur les fichiers dans /etc/systemd/system :


-rw-r----- 1 hotspot   hotspot    262 nov.  16 07:51 ynh-hotspot.service
-rw-r----- 1 vpnclient vpnclient  184 nov.  28 18:02 ynh-vpnclient-checker.service
-rw-r--r-- 1 root      root       124 nov.  28 18:02 ynh-vpnclient-checker.timer
-rw-r----- 1 vpnclient vpnclient  308 nov.  28 18:02 ynh-vpnclient.service
-rw-r--r-- 1 root      root       222 nov.   7 11:49 yunomdns.service
-rw-r--r-- 1 root      root       238 févr.  2  2021 yunoprompt.service

Note: nous sommes en train de tester un refactoring de hotspot_ynh (branche testing) peut être que ça t’intéresse, même si je ne suis pas du tout sûr que ça corrige ton soucis.

1 Like

dès qu’une nouvelle version testing sera dispo je veux bien l’essayer. Merci d’avance :slight_smile:

Oui elle est disponible et devrait être relativement stable et fonctionelle (on a pas mal joué avec la semaine dernière)

Tu peux tester de mettre à jour avec:

sudo yunohost app upgrade hotspot -u https://github.com/YunoHost-Apps/hotspot_ynh/tree/testing
1 Like