On Sun, Nov 3, 2013 at 9:22 PM, Kevin Cernekee <cernekee at gmail.com> wrote: > The modified ics-openvpn Android app has been tested on ARMv7, x86, and > MIPS devices. It is able to connect to ocserv and ping through the VPN on > all architectures. Thanks for the app it is really useful. > I sometimes see intermittent errors logged on the ocserv side: > ocserv[25459]: [main] DTLS record version: 1.0 > ocserv[25459]: [main] DTLS hello version: 220.94 > ocserv[25459]: [main] unexpected DTLS content type: 23 > ocserv[25459]: [main] could not determine the owner of received UDP packet Do you have an idea of when this is received? Is it after a client has terminated? In ocserv the main process receives the first DTLS packet (client hello) and forwards it to the relevant process (in a complex process - as connecting on UDP cannot be handled as nicely as TCP). The error that you see means that the main process received a DTLS packet that isn't a client hello (23 is application data), which was probably intended to be delivered to a worker process. Thus either you received a duplicate/delayed packet after a worker has disconnected, or the UDP socket connection to a worker process was lost for some reason and UDP packets are being forwarded to the main process instead. > It isn't clear whether these are related to my ocserv installation, Is it ocserv 0.2.0? regards, Nikos
