Community discussions

MikroTik App
 
21a1ss3
just joined
Topic Author
Posts: 2
Joined: Sat Jan 25, 2020 6:56 am

[ROS 7b4] OpenVPN UDP leaves dead tunnel

Sat Jan 25, 2020 7:19 am

Hey.

Recently I deployed OpenVPN with UDP on RouterOS 7 [beta4] with using UDP and client on Android 8 (https://play.google.com/store/apps/deta ... kt.openvpn).

All works perfect, but sometimes OpenVPN leaves dead tunnel with 0 incoming bytes rate (0 packet in per second), but ROS still send traffic over this tunnel. Then when client reconnected ROS create new one dynamic interfaces and over this interface I can see that traffic comes to router, but router still respond over dead tunnel.

As workaround I wrote script which monitor amount off traffic received from last check time and if last 7 deltas equal to 0 kill tunnel. Then schedule this script run even 10 seconds. So as result if no one byte was received over the tunnel within 70 seconds tunnel will killed. This parameter can be adjusted

Version info:
ROS: RouterOS beta 4
Device: RB433GL

So script here:
####################
#   Parameters     #
####################
:local checksTreshold 	7;

######################

#info per one connection:
# 1 - id (key)
# 2 - prev Rx amount
# 3 - deltas (array)

:global oVPNstat;

:local actualIfs [/interface ovpn-server find];
:local actualIfStats [ :toarray "" ];
:local oldInfo;
:local cInfo;
:local newStat [ :toarray "" ];
:local newDelta;
:local nonZeroActivity;


#loading ifs stats
:foreach ifId in=$actualIfs  do={
	:set ($actualIfStats->([:tostr $ifId])) [/interface get number=$ifId];
};

:foreach ifStrId,ifInfo in=$actualIfStats  do={
	:set oldInfo ($oVPNstat->$ifStrId);
	:set cInfo [ :toarray "" ];
	:set ($cInfo->"Rx") ($ifInfo->"rx-byte");	
	:set ($cInfo->"deltas") [ :toarray "" ];
	
	
	
	:if ([:len $oldInfo] = 0) do={
		#This mean that we are neeeded to create new frame	
		:set ($newStat->$ifStrId) $cInfo;
	}	else={
		:set $newDelta  (($cInfo ->"Rx") - ($oldInfo ->"Rx"));

	
		:if ([:len ($oldInfo->"deltas")] < $checksTreshold) do={
			:set ($cInfo->"deltas") (($oldInfo->"deltas"), $newDelta);
			:set ($newStat->$ifStrId) $cInfo;
		} else={
			:for i from=1 to=($checksTreshold-1) do={			
				:set ($cInfo->"deltas") (($cInfo->"deltas"), (($oldInfo->"deltas")->$i));
			};
			
			:set ($cInfo->"deltas") (($cInfo->"deltas"), $newDelta);
			:set nonZeroActivity false;
			
			:for i from=0 to=($checksTreshold-1) do={
				:if ((($cInfo->"deltas")->$i) > 0) do={
					:set nonZeroActivity true;
				};
			};
			
			
			:if ($nonZeroActivity = false) do={
				/interface/ovpn-server/remove numbers=[:toid $ifStrId];
			} else={
				:set ($newStat->$ifStrId) $cInfo;
			}
			
		};
	};	
};

:set oVPNstat $newStat;
[code]

May be it will helpful to someone

Thanks
 
rizwan602
Frequent Visitor
Frequent Visitor
Posts: 53
Joined: Thu Jun 28, 2012 5:15 am

Re: [ROS 7b4] OpenVPN UDP leaves dead tunnel

Fri Dec 31, 2021 4:40 pm

Hello!

I have the same problem. I used your script and it worked! It deleted "dead" connections.

Have you made any improvements/modifications to this script?

Thank you so much!
 
zvekyf
just joined
Posts: 21
Joined: Thu Sep 29, 2016 1:29 am

Re: [ROS 7b4] OpenVPN UDP leaves dead tunnel

Thu Nov 03, 2022 10:19 pm

ver 7.6
We also have enabled [only one] on profile.
when we see problem, we kill interface and active connection.
 
gigx205
just joined
Posts: 6
Joined: Wed Nov 02, 2011 11:43 am

Re: [ROS 7b4] OpenVPN UDP leaves dead tunnel

Wed Feb 22, 2023 1:15 pm

Runing 7.7 stable and problem is still here with the OpenVPN over udp.
Tried the script, working ok but it does not fit with me.
I did a test , it works the same like parameter session timeout.
I just want to session to be terminated when the client disconnects, not if it is idle. If the connection is idle, the script terminates the connection.

Who is online

Users browsing this forum: No registered users and 2 guests