Browsing fails periodically when connected to VPN.

MajorWarMajorWar
in Linux VPN Setup
Hi!
I created a script in linux that tests the wget command on www.google.at and www.github.com. This is to test when browsing fails and when it's working. I ran the script every 30s and this is the result I got:
Fre Nov  3 22:26:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:27:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:27:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:28:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:28:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:29:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:29:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:30:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:30:31 CET 2017	www.google.at FAIL	www.github.com FAIL
Fre Nov  3 22:31:01 CET 2017	www.google.at FAIL	www.github.com FAIL
Fre Nov  3 22:31:31 CET 2017	www.google.at FAIL	www.github.com FAIL
Fre Nov  3 22:32:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:32:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:33:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:33:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:34:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:34:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:35:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:35:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:36:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:36:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:37:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:37:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:38:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:38:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:39:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:39:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:40:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:40:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:41:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:41:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:42:01 CET 2017	www.google.at FAIL	www.github.com FAIL
Fre Nov  3 22:42:31 CET 2017	www.google.at FAIL	www.github.com FAIL
Fre Nov  3 22:43:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:43:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:44:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:44:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:45:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:45:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:46:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:46:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:47:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:47:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:48:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:48:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:49:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:49:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:50:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:50:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:51:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:51:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:52:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:52:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:53:01 CET 2017	www.google.at FAIL	www.github.com FAIL
Fre Nov  3 22:53:31 CET 2017	www.google.at FAIL	www.github.com FAIL
Fre Nov  3 22:54:01 CET 2017	www.google.at FAIL	www.github.com FAIL
Fre Nov  3 22:54:31 CET 2017	www.google.at FAIL	www.github.com FAIL
Fre Nov  3 22:55:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:55:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:56:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:56:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:57:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 22:57:31 CET 2017	www.google.at FAIL	www.github.com FAIL
Fre Nov  3 22:58:01 CET 2017	www.google.at FAIL	www.github.com FAIL
Fre Nov  3 22:58:31 CET 2017	www.google.at FAIL	www.github.com FAIL
Fre Nov  3 22:59:01 CET 2017	www.google.at FAIL	www.github.com FAIL
Fre Nov  3 22:59:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 23:00:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 23:00:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 23:01:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 23:01:31 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 23:02:01 CET 2017	www.google.at OK	www.github.com OK
Fre Nov  3 23:02:31 CET 2017	www.google.at OK	www.github.com OK
FAIL indicates that wget has failed (which means browsing to that website fails too; meaning the webpage tries to load all the time).
OK indicates that wget works.

When I'm not connected to the vpn, browsing works fine.

The above result indicates that wget fails periodically and I don't know why. I tried it with the "UK London.ovpn" config and the "Netherlands.ovpn" config. Same results. The weird thing is, that some other random websites sometimes work but the above don't, and after some time, every website works.

I'm hoping that you guys could help me. It's pretty frustrating when the internet just breaks in the middle of browsing. By the way, I'm using this command to connect to the VPN:
openvpn --mtu-test --script-security 2 --up /etc/openvpn/update-resolv-conf.sh \
--down /etc/openvpn/update-resolv-conf.sh --cd /etc/openvpn/ --config "UK London.ovpn" --daemon

Here is the script which produces the above output:
#!/bin/bash
gett () {
cd /tmp && wget -q --timeout=5 --tries=1 $1
if [ $? == 0 ]
then
echo -en "$1 OK\t\t" >> /var/log/wget.log
else
echo -en "$1 FAIL\t\t" >> /var/log/wget.log
fi
}
echo -en "$(date)\t" >> /var/log/wget.log
gett www.google.at
gett www.github.com
echo -en "\r\n" >> /var/log/wget.log

The resolv.conf file looks as follows (gets updated each time openvpn starts):
# Generated by resolvconf
nameserver 209.222.18.222
nameserver 209.222.18.218
I suspect this is a DNS issue or something. Tried to put nameserver 8.8.8.8 in /etc/resolv.conf but the issue persists.

This has been going on for a few weeks now and it's getting really annoying. I'm grateful for any help.

Comments

  • martoufmartouf
    edited November 2017
    if it's your DNS, then modifying the script to use IP addresses with gett will illuminate the issue
  • Max-PMax-P
    martouf said:
    if it's your DNS, then modifying the script to use IP addresses with gett will illuminate the issue
    Seconding this. I've had very short temporary blips with PIA's DNS every now and then (I imagine when the MACE list is being refreshed and the DNS service gets restarted for it?), so it would be interesting to see if it's a DNS issue or if the VPN as a whole ends up stalling.

    I would also like to point out that 5 seconds is relatively short for the timeout, as if you have any packet loss that means it won't have enough time to retry the connection. The VPN in itself doesn't account or attempt to recover any loss, it only encrypts and forwards.
  • MajorWarMajorWar
    Hi! Thanks for trying to help me :)

    Ok, that's probably not a DNS issue because I can ping github.com and it correctly translates that to an IP address (I was pinging when I couldn't wget github.com). The nameserver in /etc/resolv.conf was set to 8.8.8.8 at that time.

    Below is the new script with the new results. Also, ran the script every minute since I've increased the timeout.

    #!/bin/bash
    gett () {
    cd /tmp && wget -q --timeout=15 --tries=1 $1 $2
    if [ $? == 0 ]
    then
    echo -en "$1 OK\t\t"
    echo -en "$1 OK\t\t" >> /var/log/wget.log
    else
    echo -en "$1 FAIL\t\t"
    echo -en "$1 FAIL\t\t" >> /var/log/wget.log
    fi
            rm /tmp/index.html*
    }
    echo -en "$(date)\t" >> /var/log/wget.log
    gett www.google.at
    gett www.github.com
    gett 192.30.253.113 --no-check-certificate # IP of github.com
    echo -en "\r\n" >> /var/log/wget.log
    echo -en "\r\n"

    Tue Nov  7 19:47:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Tue Nov  7 19:48:02 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Tue Nov  7 19:49:01 CET 2017 www.google.at OK www.github.com FAIL 192.30.253.113 FAIL
    Tue Nov  7 19:50:01 CET 2017 www.google.at OK www.github.com FAIL 192.30.253.113 FAIL
    Tue Nov  7 19:51:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Tue Nov  7 19:52:02 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Tue Nov  7 19:53:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Tue Nov  7 19:54:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Tue Nov  7 19:55:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Tue Nov  7 19:56:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Tue Nov  7 19:57:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Tue Nov  7 19:58:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Tue Nov  7 19:59:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Tue Nov  7 20:00:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Tue Nov  7 20:01:02 CET 2017 www.google.at OK www.github.com FAIL 192.30.253.113 FAIL
    Tue Nov  7 20:02:01 CET 2017 www.google.at OK www.github.com FAIL 192.30.253.113 FAIL
    Tue Nov  7 20:03:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Tue Nov  7 20:04:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Tue Nov  7 20:05:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK

    I'm out of ideas of what to try to make sense of the problem :(

  • martoufmartouf
    oooh! route flap, perhaps.

    if FAIL, then traceroute -n -w 2 192.30.253.113
  • MajorWarMajorWar
    During FAIL:
    > traceroute -n -w 2 192.30.253.113
    traceroute to 192.30.253.113 (192.30.253.113), 30 hops max, 60 byte packets
     1  10.41.10.1  29.796 ms  33.614 ms  33.669 ms
     2  46.166.188.254  40.491 ms  41.774 ms  41.869 ms
     3  81.20.64.113  39.533 ms  39.630 ms 81.20.72.17  39.583 ms
     4  129.250.6.162  138.536 ms 129.250.4.69  44.040 ms  44.946 ms
     5  129.250.6.162  137.731 ms 129.250.2.22  137.802 ms 129.250.2.133  137.629 ms
     6  129.250.2.22  129.647 ms 129.250.5.194  137.184 ms 129.250.2.22  109.183 ms
     7  129.250.5.182  115.274 ms 128.241.3.22  107.290 ms 129.250.5.214  120.866 ms
     8  128.241.3.30  120.768 ms  119.997 ms *
     9  * * *
    10  * 192.30.253.113  116.689 ms *

    During OK:
    > traceroute -n -w 2 192.30.253.113
    traceroute to 192.30.253.113 (192.30.253.113), 30 hops max, 60 byte packets
     1  10.44.10.1  39.296 ms  39.297 ms  39.303 ms
     2  46.166.188.254  39.310 ms  39.316 ms  39.323 ms
     3  81.20.72.17  50.203 ms 81.20.64.113  40.164 ms  41.239 ms
     4  129.250.4.69  41.294 ms  41.298 ms 129.250.6.162  135.366 ms
     5  129.250.2.22  135.378 ms  138.286 ms  138.304 ms
     6  129.250.2.22  132.040 ms 129.250.5.188  118.688 ms 129.250.2.22  126.593 ms
     7  129.250.5.188  118.961 ms  126.535 ms 129.250.5.194  135.077 ms
     8  * 128.241.3.30  127.260 ms *
     9  * * *
    10  * 192.30.253.113  133.509 ms *

  • martoufmartouf
    look at the first hop carefully:  10.41.10.1 vs 10.44.10.1

    how many active network interfaces do you have there?  and how many of them route offsite?
  • MajorWarMajorWar
    I think I didn't run these two commands during the same VPN session. That's why the first hop is different from the other. Each time I disconnect and reconnect to the VPN I get a different first hop. Here are the two commands that are in the same VPN session. Sorry for the inconvenience.

    During OK:
    > traceroute -n -w 2 192.30.253.113
    traceroute to 192.30.253.113 (192.30.253.113), 30 hops max, 60 byte packets
     1  10.2.10.1  34.143 ms  39.085 ms  39.192 ms
     2  109.201.154.254  39.224 ms  39.298 ms  39.232 ms
     3  81.20.64.113  39.353 ms 81.20.72.17  39.292 ms 81.20.64.113  39.359 ms
     4  129.250.6.162  131.253 ms 129.250.4.69  39.371 ms  39.336 ms
     5  129.250.6.162  131.060 ms  131.164 ms  130.924 ms
     6  129.250.5.188  117.651 ms 129.250.2.22  121.428 ms 129.250.2.133  125.260 ms
     7  128.241.3.30  124.782 ms  133.892 ms 129.250.5.194  139.458 ms
     8  * * 128.241.3.30  133.663 ms
     9  * * *
    10  * * 192.30.253.113  129.849 ms

    During FAIL:
    > traceroute -n -w 2 192.30.253.113
    traceroute to 192.30.253.113 (192.30.253.113), 30 hops max, 60 byte packets
     1  10.2.10.1  39.311 ms  45.488 ms  45.571 ms
     2  109.201.154.254  45.598 ms  45.620 ms  45.643 ms
     3  81.20.64.113  45.761 ms  45.820 ms 81.20.72.17  45.649 ms
     4  129.250.6.162  137.833 ms  135.947 ms 129.250.4.69  45.842 ms
     5  129.250.6.162  137.864 ms  135.975 ms  129.067 ms
     6  129.250.5.214  133.722 ms 129.250.2.133  128.790 ms 129.250.2.22  113.805 ms
     7  129.250.5.194  140.642 ms 128.241.3.30  125.825 ms 129.250.5.182  135.019 ms
     8  * 128.241.3.30  138.181 ms 128.241.3.22  136.739 ms
     9  * * *
    10  192.30.253.113  129.540 ms  130.390 ms *

    By the way, I only have these network interfaces:
    > ifconfig
    lo        Link encap:Local Loopback  
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
              UP LOOPBACK RUNNING  MTU:65536  Metric:1
              RX packets:1735 errors:0 dropped:0 overruns:0 frame:0
              TX packets:1735 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1 
              RX bytes:193507 (193.5 KB)  TX bytes:193507 (193.5 KB)
    tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
              inet addr:10.2.10.6  P-t-P:10.2.10.5  Mask:255.255.255.255
              UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
              RX packets:19478 errors:0 dropped:0 overruns:0 frame:0
              TX packets:23302 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:100 
              RX bytes:13481614 (13.4 MB)  TX bytes:2269896 (2.2 MB)
    wlp2s0    Link encap:Ethernet  HWaddr c4:85:08:34:89:24  
              inet addr:192.168.0.4  Bcast:192.168.0.255  Mask:255.255.255.0
              inet6 addr: 2a02:8388:1807:4e00:440:dd3d:b2e4:4fa3/64 Scope:Global
              inet6 addr: fe80::4a72:efef:530a:6d59/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:4740061 errors:0 dropped:13237 overruns:0 frame:0
              TX packets:3869889 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000 
              RX bytes:4953670650 (4.9 GB)  TX bytes:3140467334 (3.1 GB)
  • Omnibus_IVOmnibus_IV
    Just curious, but are you going through the PIA Proxy?
  • martoufmartouf
    okay, no, it doesn't look like some flappy routing problem.

    would you please provide an excerpt from the openvpn log matching the timeframe of one of the OK -> FAIL transitions and then again on the subsequent FAIL -> OK transition?
  • MajorWarMajorWar
    Hi!

    I don't use a proxy, this is my config file for Netherlands.ovpn:
    client
    dev tun
    proto udp
    remote nl.privateinternetaccess.com 1198
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    cipher aes-128-cbc
    auth sha1
    tls-client
    remote-cert-tls server
    auth-user-pass /etc/openvpn/pass
    comp-lzo
    verb 5
    reneg-sec 0
    crl-verify /etc/openvpn/crl.rsa.2048.pem
    ca /etc/openvpn/ca.rsa.2048.crt
    disable-occ
    Maybe I need to change something here?

    I also changed the verbosity to level 5 (previously it was on 3) and I ran the openvpn command with the above config and I got the following log:

    ...
    Sun Nov 12 08:52:30 2017 us=718288 TUN/TAP TX queue length set to 100
    Sun Nov 12 08:52:30 2017 us=718353 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
    Sun Nov 12 08:52:30 2017 us=718436 /sbin/ip link set dev tun0 up mtu 1500
    Sun Nov 12 08:52:30 2017 us=722183 /sbin/ip addr add dev tun0 local 10.58.10.6 peer 10.58.10.5
    Sun Nov 12 08:52:30 2017 us=727962 /sbin/ip route add 104.238.169.88/32 via 192.168.0.1
    Sun Nov 12 08:52:30 2017 us=732884 /sbin/ip route add 0.0.0.0/1 via 10.58.10.5
    Sun Nov 12 08:52:30 2017 us=735863 /sbin/ip route add 128.0.0.0/1 via 10.58.10.5
    Sun Nov 12 08:52:30 2017 us=740177 /sbin/ip route add 10.58.10.1/32 via 10.58.10.5
    Sun Nov 12 08:52:30 2017 us=742540 Initialization Sequence Completed
    Sun Nov 12 08:52:45 2017 us=696039 PID_ERR replay-window backtrack occurred [3] [SSL-0] [0_0_000044444__6___666_6_____>__>>>>>>>>>>>>>>>] 0:47 0:44 t=1510473165[0] r=[0,64,15,3,1] sl=[17,47,64,528]
    Sun Nov 12 08:52:54 2017 us=616416 PID_ERR replay-window backtrack occurred [6] [SSL-0] [0__0_0_000000007777777777777777777777777777777777777777777777777] 0:172 0:166 t=1510473174[0] r=[0,64,15,6,1] sl=[20,64,64,528]
    Sun Nov 12 08:54:02 2017 us=923356 PID_ERR replay-window backtrack occurred [12] [SSL-0] [00___________000000000000000000000111111113334444444444444444444] 0:870 0:858 t=1510473242[0] r=[-4,64,15,12,1] sl=[26,64,64,528]
    Sun Nov 12 08:57:51 2017 us=11554 PID_ERR replay-window backtrack occurred [19] [SSL-0] [0___________________11111111111111111118889999999999999999999999] 0:3127 0:3108 t=1510473471[0] r=[-1,64,15,19,1] sl=[9,64,64,528]

    and the corresponding FAIL log:

    Sun Nov 12 08:52:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 08:53:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 08:54:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 08:55:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 08:56:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 08:57:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 08:58:02 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 08:59:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 09:00:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 09:01:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 09:02:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 09:03:01 CET 2017 www.google.at OK www.github.com FAIL 192.30.253.113 FAIL
    Sun Nov 12 09:04:01 CET 2017 www.google.at OK www.github.com FAIL 192.30.253.113 FAIL
    Sun Nov 12 09:05:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 09:06:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 09:07:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 09:08:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 09:09:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 09:10:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 09:11:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 09:12:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 09:13:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 09:14:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 09:15:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 09:16:01 CET 2017 www.google.at OK www.github.com FAIL 192.30.253.113 FAIL
    Sun Nov 12 09:17:01 CET 2017 www.google.at OK www.github.com FAIL 192.30.253.113 FAIL
    Sun Nov 12 09:18:01 CET 2017 www.google.at OK www.github.com FAIL 192.30.253.113 FAIL
    Sun Nov 12 09:19:01 CET 2017 www.google.at OK www.github.com FAIL 192.30.253.113 OK
    Sun Nov 12 09:20:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 09:21:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK
    Sun Nov 12 09:22:01 CET 2017 www.google.at OK www.github.com OK 192.30.253.113 OK

    I'm not sure what this PID_ERR is (apparently it has something to do with packet congestion) but these don't occur with FAILs so I don't think it has anything to do with the issue.

    I also get RwRwRwRwrWrWrWrWrWrWrWR... messages that are shown because of "verb 5" in the config but these aren't really helpful.

    Oh and I also changed the script a bit (the wget command) so that it doesn't constantly create files:

    #!/bin/bash
    gett () {
    wget -qO- --timeout=15 --tries=1 $1 $2 > /dev/null
    if [ $? == 0 ]
    then
    echo -en "$1 OK\t\t"
    echo -en "$1 OK\t\t" >> /var/log/wget.log
    else
    echo -en "$1 FAIL\t\t"
    echo -en "$1 FAIL\t\t" >> /var/log/wget.log
    fi
            #rm /tmp/index.html*
    }
    echo -en "$(date)\t" >> /var/log/wget.log
    gett www.google.at
    gett www.github.com
    gett 192.30.253.113 --no-check-certificate
    echo -en "\r\n" >> /var/log/wget.log
    echo -en "\r\n"

    I think this issue started about a month ago. I also don't think I changed anything in the config files in a long time.

    Again, thank you guys for trying to help.

  • martoufmartouf
    edited November 2017
    but your openvpn log excerpt stops at 08:57 and the "interesting" timeframe would be the openvpn log from (for example) 09:15 to 09:20 .. especially the OK -> FAIL transition at 09:15 to 09:17 and then the FAIL->OK transition at 09:18 to 09:20. understand?

    yes, "replay window backtrack" indicates out-of-order or delayed packets arriving. a bit of that from time to time is not concerning.
  • MajorWarMajorWar
    I know what you mean, but the openvpn log didn't output anything after 08:57, it just stops there after initialization. It didn't output anything during the FAIL -> OK transition or the OK -> FAIL transition.

    Unless, I have to increase the verbosity to 6, but then it shows me only this after initialization, which I don't think is useful (for example):

    ...
    Mon Nov 13 17:33:43 2017 us=923399 TUN READ [64]
    Mon Nov 13 17:33:43 2017 us=923570 UDPv4 WRITE [117] to [AF_INET]46.166.190.189:1198: P_DATA_V1 kid=0 DATA len=116
    Mon Nov 13 17:33:43 2017 us=923818 TUN READ [52]
    Mon Nov 13 17:33:43 2017 us=924129 UDPv4 WRITE [101] to [AF_INET]46.166.190.189:1198: P_DATA_V1 kid=0 DATA len=100
    ...

    But I will try to capture this log during the FAIL -> OK and OK -> FAIL transition if it helps. Maybe there is something interesting there.
  • martoufmartouf
    use lsof to see for certain what files a process has open

    the snippet above might indicate a hiccup at your end of the tunnel. hmm
  • MajorWarMajorWar
    Sorry for the late response.

    This is what I get from lsof. I don't really understand what this means though:

    > sudo lsof | grep openvpn
    openvpn   18379             root  cwd       DIR                8,6      4096     524385 /home/user
    openvpn   18379             root  rtd       DIR                8,6      4096          2 /
    openvpn   18379             root  txt       REG                8,6    690464     277666 /usr/sbin/openvpn
    openvpn   18379             root  mem       REG                8,6    101200     918094 /lib/x86_64-linux-gnu/libresolv-2.23.so
    openvpn   18379             root  mem       REG                8,6     27000     918065 /lib/x86_64-linux-gnu/libnss_dns-2.23.so
    openvpn   18379             root  mem       REG                8,6     10480     929527 /lib/x86_64-linux-gnu/libnss_mdns4_minimal.so.2
    openvpn   18379             root  mem       REG                8,6     47600     918067 /lib/x86_64-linux-gnu/libnss_files-2.23.so
    openvpn   18379             root  mem       REG                8,6     80496     918033 /lib/x86_64-linux-gnu/libgpg-error.so.0.17.0
    openvpn   18379             root  mem       REG                8,6    456632     918083 /lib/x86_64-linux-gnu/libpcre.so.3.13.2
    openvpn   18379             root  mem       REG                8,6    919168     918031 /lib/x86_64-linux-gnu/libgcrypt.so.20.0.5
    openvpn   18379             root  mem       REG                8,6    137400     918043 /lib/x86_64-linux-gnu/liblzma.so.5.0.0
    openvpn   18379             root  mem       REG                8,6     31712     918096 /lib/x86_64-linux-gnu/librt-2.23.so
    openvpn   18379             root  mem       REG                8,6    130224     918100 /lib/x86_64-linux-gnu/libselinux.so.1
    openvpn   18379             root  mem       REG                8,6   1868984     918003 /lib/x86_64-linux-gnu/libc-2.23.so
    openvpn   18379             root  mem       REG                8,6     14608     918017 /lib/x86_64-linux-gnu/libdl-2.23.so
    openvpn   18379             root  mem       REG                8,6   2361856     925067 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
    openvpn   18379             root  mem       REG                8,6    428384     925066 /lib/x86_64-linux-gnu/libssl.so.1.0.0
    openvpn   18379             root  mem       REG                8,6    113472     277658 /usr/lib/x86_64-linux-gnu/libpkcs11-helper.so.1.0.0
    openvpn   18379             root  mem       REG                8,6    138696     918090 /lib/x86_64-linux-gnu/libpthread-2.23.so
    openvpn   18379             root  mem       REG                8,6    137256     924911 /lib/x86_64-linux-gnu/liblzo2.so.2.0.0
    openvpn   18379             root  mem       REG                8,6    162632     917979 /lib/x86_64-linux-gnu/ld-2.23.so
    openvpn   18379             root  mem       REG                8,6    536520     930450 /lib/x86_64-linux-gnu/libsystemd.so.0.14.0
    openvpn   18379             root    0u      CHR              136,1       0t0          4 /dev/pts/1
    openvpn   18379             root    1u      CHR              136,1       0t0          4 /dev/pts/1
    openvpn   18379             root    2u      CHR              136,1       0t0          4 /dev/pts/1
    openvpn   18379             root    3u     IPv4             156120       0t0        UDP *:33011 
    openvpn   18379             root    4u      CHR             10,200     0t194        135 /dev/net/tun


  • martoufmartouf
    try again, please.  first identify the PID of the openvpn process
    (it was 18379 in the log you provided), then sudo lsof -p PID

    the output is the listing of every file the process has open. program binary, shared libraries, sockets, and (hopefully) the location of the log file.

    to dig down to the ongoing issue, it may be necessary to use just openvpn itself and one of the PIA-prepared ovpn files, in order to give you complete control over the logging verbosity.
  • MajorWarMajorWar
    I ran the command below and the output is the same as above (obviously I had to restart openvpn since it's cumbersome to bowse the internet with the FAILs, that's why the PID is different).

    > sudo lsof -p 17612
    COMMAND   PID USER   FD   TYPE DEVICE SIZE/OFF   NODE NAME
    openvpn 17612 root  cwd    DIR    8,6     4096 524385 /home/user
    openvpn 17612 root  rtd    DIR    8,6     4096      2 /
    openvpn 17612 root  txt    REG    8,6   690464 277666 /usr/sbin/openvpn
    openvpn 17612 root  mem    REG    8,6   101200 918094 /lib/x86_64-linux-gnu/libresolv-2.23.so
    openvpn 17612 root  mem    REG    8,6    27000 918065 /lib/x86_64-linux-gnu/libnss_dns-2.23.so
    openvpn 17612 root  mem    REG    8,6    10480 929527 /lib/x86_64-linux-gnu/libnss_mdns4_minimal.so.2
    openvpn 17612 root  mem    REG    8,6    47600 918067 /lib/x86_64-linux-gnu/libnss_files-2.23.so
    openvpn 17612 root  mem    REG    8,6    80496 918033 /lib/x86_64-linux-gnu/libgpg-error.so.0.17.0
    openvpn 17612 root  mem    REG    8,6   456632 918083 /lib/x86_64-linux-gnu/libpcre.so.3.13.2
    openvpn 17612 root  mem    REG    8,6   919168 918031 /lib/x86_64-linux-gnu/libgcrypt.so.20.0.5
    openvpn 17612 root  mem    REG    8,6   137400 918043 /lib/x86_64-linux-gnu/liblzma.so.5.0.0
    openvpn 17612 root  mem    REG    8,6    31712 918096 /lib/x86_64-linux-gnu/librt-2.23.so
    openvpn 17612 root  mem    REG    8,6   130224 918100 /lib/x86_64-linux-gnu/libselinux.so.1
    openvpn 17612 root  mem    REG    8,6  1868984 918003 /lib/x86_64-linux-gnu/libc-2.23.so
    openvpn 17612 root  mem    REG    8,6    14608 918017 /lib/x86_64-linux-gnu/libdl-2.23.so
    openvpn 17612 root  mem    REG    8,6  2361856 925067 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
    openvpn 17612 root  mem    REG    8,6   428384 925066 /lib/x86_64-linux-gnu/libssl.so.1.0.0
    openvpn 17612 root  mem    REG    8,6   113472 277658 /usr/lib/x86_64-linux-gnu/libpkcs11-helper.so.1.0.0
    openvpn 17612 root  mem    REG    8,6   138696 918090 /lib/x86_64-linux-gnu/libpthread-2.23.so
    openvpn 17612 root  mem    REG    8,6   137256 924911 /lib/x86_64-linux-gnu/liblzo2.so.2.0.0
    openvpn 17612 root  mem    REG    8,6   162632 917979 /lib/x86_64-linux-gnu/ld-2.23.so
    openvpn 17612 root  mem    REG    8,6   536520 930450 /lib/x86_64-linux-gnu/libsystemd.so.0.14.0
    openvpn 17612 root    0u   CHR  136,1      0t0      4 /dev/pts/1
    openvpn 17612 root    1u   CHR  136,1      0t0      4 /dev/pts/1
    openvpn 17612 root    2u   CHR  136,1      0t0      4 /dev/pts/1
    openvpn 17612 root    3u  IPv4 369354      0t0    UDP *:49864 
    openvpn 17612 root    4u   CHR 10,200     0t76    135 /dev/net/tun

    There is no log file listed in lsof until I redirect the output of the openvpn command. Like this:
    sudo openvpn --config /etc/openvpn/Netherlands.ovpn > openvpn.log

    Now the log file shows in lsof:

    COMMAND   PID USER   FD   TYPE DEVICE SIZE/OFF   NODE NAME
openvpn 24876 root  cwd    DIR    8,6     4096 524385 /home/user
openvpn 24876 root  rtd    DIR    8,6     4096      2 /
openvpn 24876 root  txt    REG    8,6   690464 277666 /usr/sbin/openvpn
openvpn 24876 root  mem    REG    8,6   101200 918094 /lib/x86_64-linux-gnu/libresolv-2.23.so
openvpn 24876 root  mem    REG    8,6    27000 918065 /lib/x86_64-linux-gnu/libnss_dns-2.23.so
openvpn 24876 root  mem    REG    8,6    10480 929527 /lib/x86_64-linux-gnu/libnss_mdns4_minimal.so.2
openvpn 24876 root  mem    REG    8,6    47600 918067 /lib/x86_64-linux-gnu/libnss_files-2.23.so
openvpn 24876 root  mem    REG    8,6    80496 918033 /lib/x86_64-linux-gnu/libgpg-error.so.0.17.0
openvpn 24876 root  mem    REG    8,6   456632 918083 /lib/x86_64-linux-gnu/libpcre.so.3.13.2
openvpn 24876 root  mem    REG    8,6   919168 918031 /lib/x86_64-linux-gnu/libgcrypt.so.20.0.5
openvpn 24876 root  mem    REG    8,6   137400 918043 /lib/x86_64-linux-gnu/liblzma.so.5.0.0
openvpn 24876 root  mem    REG    8,6    31712 918096 /lib/x86_64-linux-gnu/librt-2.23.so
openvpn 24876 root  mem    REG    8,6   130224 918100 /lib/x86_64-linux-gnu/libselinux.so.1
openvpn 24876 root  mem    REG    8,6  1868984 918003 /lib/x86_64-linux-gnu/libc-2.23.so
openvpn 24876 root  mem    REG    8,6    14608 918017 /lib/x86_64-linux-gnu/libdl-2.23.so
openvpn 24876 root  mem    REG    8,6  2361856 925067 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
openvpn 24876 root  mem    REG    8,6   428384 925066 /lib/x86_64-linux-gnu/libssl.so.1.0.0
openvpn 24876 root  mem    REG    8,6   113472 277658 /usr/lib/x86_64-linux-gnu/libpkcs11-helper.so.1.0.0
openvpn 24876 root  mem    REG    8,6   138696 918090 /lib/x86_64-linux-gnu/libpthread-2.23.so
openvpn 24876 root  mem    REG    8,6   137256 924911 /lib/x86_64-linux-gnu/liblzo2.so.2.0.0
openvpn 24876 root  mem    REG    8,6   162632 917979 /lib/x86_64-linux-gnu/ld-2.23.so
openvpn 24876 root  mem    REG    8,6   536520 930450 /lib/x86_64-linux-gnu/libsystemd.so.0.14.0
openvpn 24876 root    0u   CHR  136,1      0t0      4 /dev/pts/1
openvpn 24876 root    1w   REG    8,6    22705 533672 /home/user/openvpn.log
openvpn 24876 root    2u   CHR  136,1      0t0      4 /dev/pts/1
openvpn 24876 root    3u  IPv4 444759      0t0    UDP *:34171 
openvpn 24876 root    4u   CHR 10,200     0t76    135 /dev/net/tun
    This logfile is the same logfile I provided in an earlier post. As far as I know there aren't any other logfiles.

    Also, I'm not sure what you mean by your last sentence. I've always been using a config file to start the VPN and this is the same config file I provided above (Netherlands.ovpn).

    If you mean the original file that PIA provides here: https://www.privateinternetaccess.com/openvpn/openvpn.zip
    Then yes, I also tried this and it didn't work. The FAILs still occur. The original config files is the same as mine (aside from verbosity which in PIAs case is 1 and mine is 5).

  • martoufmartouf
    my last sentence was written in case you were using some program or driver which manages openvpn for you, instead of using openvpn directly. i couldn't remember if you'd mentioned the way you're activating/deactivating the VPN. okay, you're basically using the PIA-prepared ovpn (config) file - delta the verbosity. that's perfect.

    thanks for running lsof again. i now have complete confidence you captured every scrap of info available from it. I/O handle #1 (stdout) in the first lsof dump is going to /dev/pts/1 which presumably is one end of a pipe or the terminal where openvpn was executed.

    in the second lsof dump, it clearly shows stdout going to your openvpn.log file but stderr (I/O handle #2) is still going to /dev/pts/1 which means any stderr messages aren't being captured in the log file.

    try
    sudo openvpn --config /etc/openvpn/Netherlands.ovpn > openvpn.log 2>&1

    you should be able to confirm with lsof that both stdout and stderr are going to the log file

    <fingerscrossed>new data may be captured</fingerscrossed>


  • MajorWarMajorWar
    Had my fingers crossed too! But the only result I get from the log file is this:

    Sat Nov 18 21:43:13 2017 us=167728 TUN/TAP TX queue length set to 100
    Sat Nov 18 21:43:13 2017 us=167786 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
    Sat Nov 18 21:43:13 2017 us=167858 /sbin/ip link set dev tun0 up mtu 1500
    Sat Nov 18 21:43:13 2017 us=170946 /sbin/ip addr add dev tun0 local 10.14.10.6 peer 10.14.10.5
    Sat Nov 18 21:43:13 2017 us=176066 /sbin/ip route add 46.166.188.204/32 via 192.168.0.1
    Sat Nov 18 21:43:13 2017 us=181522 /sbin/ip route add 0.0.0.0/1 via 10.14.10.5
    Sat Nov 18 21:43:13 2017 us=187534 /sbin/ip route add 128.0.0.0/1 via 10.14.10.5
    Sat Nov 18 21:43:13 2017 us=190815 /sbin/ip route add 10.14.10.1/32 via 10.14.10.5
    Sat Nov 18 21:43:13 2017 us=193179 Initialization Sequence Completed
    Sat Nov 18 21:43:16 2017 us=230976 PID_ERR replay-window backtrack occurred [4] [SSL-0] [0000_01111113] 0:13 0:9 t=1511037796[0] r=[-3,64,15,4,1] sl=[51,13,64,528]
    Sat Nov 18 21:46:02 2017 us=981123 PID_ERR replay-window backtrack occurred [9] [SSL-0] [0_0_0_0_0_000000000000000111115>EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE] 0:253 0:244 t=1511037962[0] r=[0,64,15,9,1] sl=[3,64,64,528]
    Sat Nov 18 21:46:05 2017 us=159701 PID_ERR replay-window backtrack occurred [11] [SSL-0] [0000_000000_0000000001110001110111111111111111111111111111122222] 0:365 0:354 t=1511037965[0] r=[-3,64,15,11,1] sl=[19,64,64,528]
    Sat Nov 18 21:47:02 2017 us=703138 PID_ERR replay-window backtrack occurred [12] [SSL-0] [0__________0_00_000000000000000000000000111111111111133333666677] 0:456 0:444 t=1511038022[0] r=[-1,64,15,12,1] sl=[56,64,64,528]
    Sat Nov 18 21:47:02 2017 us=805231 PID_ERR replay-window backtrack occurred [17] [SSL-0] [00000000000000000_0000000000000000000000001111111111111333336666] 0:458 0:441 t=1511038022[0] r=[-1,64,15,17,1] sl=[54,64,64,528]
    Sat Nov 18 21:52:04 2017 us=955644 PID_ERR replay-window backtrack occurred [19] [SSL-0] [0000000000000000000_00000000000000000000000000000000000000000111] 0:1487 0:1468 t=1511038324[0] r=[0,64,15,19,1] sl=[49,64,64,528]
    Sat Nov 18 21:54:02 2017 us=939753 PID_ERR replay-window backtrack occurred [37] [SSL-0] [0000_000_0___000000000000000000000000_0_000000000000000000000000] 0:2553 0:2516 t=1511038442[0] r=[-4,64,15,37,1] sl=[7,64,64,528]
    Sat Nov 18 21:54:02 2017 us=940097 PID_ERR replay-window backtrack occurred [39] [SSL-0] [0000_000_0___00000000000000000000000000_000000000000000000000000] 0:2553 0:2514 t=1511038442[0] r=[-4,64,15,39,1] sl=[7,64,64,528]
    Sat Nov 18 21:54:03 2017 us=93508 PID_ERR replay-window backtrack occurred [63] [SSL-0] [00000_00000_0_000000000000000000000000_00000_00000000000000000__] 0:2645 0:2582 t=1511038443[0] r=[0,64,15,63,1] sl=[43,64,64,528]
    Sat Nov 18 22:36:38 2017 us=87577 PID_ERR replay-window backtrack occurred [98] [SSL-0] [000000000000000000_000000000000000000000000000000000000000000000] 0:25771 0:25673 t=1511040998[0] r=[-2,64,15,98,1] sl=[21,64,64,528]
    Sat Nov 18 22:36:38 2017 us=87674 PID_ERR large diff [98] [SSL-0] [000000000000000000_000000000000000000000000000000000000000000000] 0:25771 0:25673 t=1511040998[0] r=[-2,64,15,98,1] sl=[21,64,64,528]
    Sat Nov 18 22:36:38 2017 us=87692 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #25673 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Sat Nov 18 22:36:38 2017 us=258249 PID_ERR large diff [83] [SSL-0] [00_0000000000000000000000000000000000000000000000000000000000000] 0:25916 0:25833 t=1511040998[0] r=[-2,64,15,98,1] sl=[4,64,64,528]
    Sat Nov 18 22:36:38 2017 us=258304 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #25833 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings

    This is the corresponding FAIL log.

    Sat Nov 18 22:07:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:08:01 CET 2017	www.google.at OK		www.github.com FAIL		192.30.253.113 FAIL
    Sat Nov 18 22:09:01 CET 2017	www.google.at OK		www.github.com FAIL		192.30.253.113 FAIL
    Sat Nov 18 22:10:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:11:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:12:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:13:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:14:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:15:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:16:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:17:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:18:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:19:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:20:01 CET 2017	www.google.at OK		www.github.com FAIL		192.30.253.113 FAIL
    Sat Nov 18 22:21:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:22:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:23:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:24:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:25:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:26:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:27:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:28:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:29:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:30:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:31:01 CET 2017	www.google.at OK		www.github.com FAIL		192.30.253.113 FAIL
    Sat Nov 18 22:32:01 CET 2017	www.google.at OK		www.github.com FAIL		192.30.253.113 OK
    Sat Nov 18 22:33:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:34:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:35:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:36:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:37:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:38:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK
    Sat Nov 18 22:39:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK

    And this the lsof command:
    > sudo lsof -p 3459
    COMMAND  PID USER   FD   TYPE DEVICE SIZE/OFF   NODE NAME
    openvpn 3459 root  cwd    DIR    8,6     4096 524385 /home/user
    openvpn 3459 root  rtd    DIR    8,6     4096      2 /
    openvpn 3459 root  txt    REG    8,6   690464 277666 /usr/sbin/openvpn
    openvpn 3459 root  mem    REG    8,6   101200 918094 /lib/x86_64-linux-gnu/libresolv-2.23.so
    openvpn 3459 root  mem    REG    8,6    27000 918065 /lib/x86_64-linux-gnu/libnss_dns-2.23.so
    openvpn 3459 root  mem    REG    8,6    10480 929527 /lib/x86_64-linux-gnu/libnss_mdns4_minimal.so.2
    openvpn 3459 root  mem    REG    8,6    47600 918067 /lib/x86_64-linux-gnu/libnss_files-2.23.so
    openvpn 3459 root  mem    REG    8,6    80496 918033 /lib/x86_64-linux-gnu/libgpg-error.so.0.17.0
    openvpn 3459 root  mem    REG    8,6   456632 918083 /lib/x86_64-linux-gnu/libpcre.so.3.13.2
    openvpn 3459 root  mem    REG    8,6   919168 918031 /lib/x86_64-linux-gnu/libgcrypt.so.20.0.5
    openvpn 3459 root  mem    REG    8,6   137400 918043 /lib/x86_64-linux-gnu/liblzma.so.5.0.0
    openvpn 3459 root  mem    REG    8,6    31712 918096 /lib/x86_64-linux-gnu/librt-2.23.so
    openvpn 3459 root  mem    REG    8,6   130224 918100 /lib/x86_64-linux-gnu/libselinux.so.1
    openvpn 3459 root  mem    REG    8,6  1868984 918003 /lib/x86_64-linux-gnu/libc-2.23.so
    openvpn 3459 root  mem    REG    8,6    14608 918017 /lib/x86_64-linux-gnu/libdl-2.23.so
    openvpn 3459 root  mem    REG    8,6  2361856 925067 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
    openvpn 3459 root  mem    REG    8,6   428384 925066 /lib/x86_64-linux-gnu/libssl.so.1.0.0
    openvpn 3459 root  mem    REG    8,6   113472 277658 /usr/lib/x86_64-linux-gnu/libpkcs11-helper.so.1.0.0
    openvpn 3459 root  mem    REG    8,6   138696 918090 /lib/x86_64-linux-gnu/libpthread-2.23.so
    openvpn 3459 root  mem    REG    8,6   137256 924911 /lib/x86_64-linux-gnu/liblzo2.so.2.0.0
    openvpn 3459 root  mem    REG    8,6   162632 917979 /lib/x86_64-linux-gnu/ld-2.23.so
    openvpn 3459 root  mem    REG    8,6   536520 930450 /lib/x86_64-linux-gnu/libsystemd.so.0.14.0
    openvpn 3459 root    0u   CHR  136,0      0t0      3 /dev/pts/0
    openvpn 3459 root    1w   REG    8,6    25742 533672 /home/user/openvpn.log
    openvpn 3459 root    2w   REG    8,6    25742 533672 /home/user/openvpn.log
    openvpn 3459 root    3u  IPv4 491592      0t0    UDP *:40980 
    openvpn 3459 root    4u   CHR 10,200     0t76    135 /dev/net/tun

    Nothing new really :( thanks for trying though.

    I contacted PIA support long ago, but they are really slow to respond (two answers since the 1st of November).

    I tried the same command with the same config on a raspberry pi I had laying around, and the same thing happens. So it can't really be on my end, can it? The interesting thing is that on both machines (laptop and raspberry pi) the FAILs happen literally at the same time and they start to work again at the same time, even with different configs (e.g. laptop -> Netherlands.ovpn; RPI -> Norway.ovpn).

  • MajorWarMajorWar
    And it's kinda weird that some sites work and some don't. Google sites like google search, youtube, gmail are working but github and stackoverflow don't work.
  • MajorWarMajorWar
    OK, this is kinda interesting. I didn't notice this because internet without VPN always worked. Actually, PIA support gave me this idea: I stopped the openvpn process and this is what I get with my normal internet:

    Sun Nov 19 09:18:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:19:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:20:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:21:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:22:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:23:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:24:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:25:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:26:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:27:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:28:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:29:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 FAIL		
    Sun Nov 19 09:30:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:31:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:32:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:33:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:34:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:35:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:36:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:37:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 FAIL		
    Sun Nov 19 09:38:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:39:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:40:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:41:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:42:02 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:43:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:44:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:45:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:46:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:47:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:48:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:49:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:50:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:51:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:52:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:53:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:54:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:55:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:56:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:57:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:58:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 09:59:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 10:00:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 10:01:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 10:02:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 10:03:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK		
    Sun Nov 19 10:04:01 CET 2017	www.google.at OK		www.github.com OK		192.30.253.113 OK


    For some reason, FAIL is occurring only for the IP of the github website and it seems that occurs in the same interval as when FAILs happen with openvpn running (in the beginning, at least). But my internet works fine without VPN, I can browse to anywhere and there are no hiccups.

    My theory is that maybe there is a small, unnoticeable hiccup that I can't pick up while browsing. So when this hiccup happens, the VPN connection suddenly breaks down and it takes a few minutes to reestablish the connection to the PIA server again.

    But if that's the case, then why doesn't the log show anything? Shouldn't it say, reestablishing connection or something?

    Another thing I tested is the following: On my normal connection without openvpn, I tested downloading a large file (1GB) with a speed of 4MB/s. It took around 5-6min. I thought that maybe because of too much traffic these things occur, but this wasn't the case. During the download, the fail-log always showed OK.

  • martoufmartouf
    edited November 2017
    it's looking to me (given the new information about the issue being site-specific) like it's a problem between your CPE (router/modem/thingy) and the sites -- which means it's in ISP-land somewhere. bad QoS implementation? VLAN hopping?  if you want to keep chewing at this bone, i have a couple ideas on how you might collect evidence.

    the VPN can put up with network switch cable changing and other random brief interruptions and recover without the link being 'broken'. i don't recall exactly what the timeout is on that, but it's more than a few seconds.

    ps: dear readers -- the post above by "muza25" looks spammy. don't click the link, okay? the link expands to https://gclub^snbbet^com/gclub-download^html   ^=.
  • MajorWarMajorWar
    That's kind of a bummer... I was hoping at least that it's somehow my fault. It seems that I have to fight with my ISP now to fix this, which is annoying since they are pretty... hard to deal with.

    I am interested in your ideas though. I really don't want to cancel my PIA subscription but with this problem present, it's really annoying to keep using it. Most of the time, I turn it off because it's incredibly inconvenient. Might as well not have it...

    I would be thankful for any comment you might have. Thanks!
Sign In or Register to comment.