On Sun, 2010-08-08 at 22:24 -0500, Matthew Kitchin (public/usenet) wrote: > > How does it handle failed network connections? Does it try and > reconnect, or should I put in a cron job that checks a ping and then > restarts the connection if it is down? It'll detect a broken connection, for both CSTP (HTTP/TCP) and DTLS (UDP) connections. Usually it has *both* open at the same time, and will be passing data over the latter while the former is *only* doing keepalives. Whenever it hasn't heard anything from the server for 30 seconds? on a given connection, it'll send a Dead Peer Detection (DPD) frame. If it doesn't receive a response within another 30 seconds, it'll tear down the connection and reconnect. It can reconnect as many times as it likes, even from different IP addresses (if you suspend, move somewhere else and resume, etc.). It doesn't need to reauthenticate, because the HTTP 'webvpn' cookie remains valid for the lifetime of the session and can just be reused. See the --reconnect-interval and --reconnect-timeout options to tweak the way it responds to network outages. By default, it'll try to reconnect the CSTP connection every 10 seconds, and give up completely after 5 minutes. If it's the DTLS connection which gets lost, it just falls back to passing traffic over the CSTP connection while it attempts to connect DTLS. -- dwmw2 ? That number is taken from your server configuration, which you showed when you posted the debug log.
