On Sat, 2014-11-29 at 13:54 +0000, David Woodhouse wrote: > On Sat, 2014-11-29 at 08:29 +0100, Nikos Mavrogiannopoulos wrote: > > When connecting to an IP which is dynamic, it may often change and > > require a reconnection. However, cstp_reconnect() will attempt to > > connect to the cached IP and never fallback. The attached patch fixes > > the issue for me, but what would be the best approach? > > 1. Don't cache the IP at all > > Hm, the problem with this is that you may now be using a DNS server *on* > the VPN. So it's unlikely that the DNS lookup will succeed. And even if > it *does* work because you still have a live DTLS connection, if you > have schizoDNS you might find that the hostname either doesn't exist in > the internal view or resolves to something different. Well, at that point I don't have VPN. The CSTP reconnection occurs when the TCP connection part of the VPN is closed. That can only occur if the server is down, thus the UDP part is also off. Are there servers which forcefully close the CSTP connection but expect the DTLS connection to remain active? regards, Nikos