On 2020-04-13 at 20:59, Daniel Lenski wrote: > On Mon, Apr 13, 2020 at 5:12 PM The Wanderer <wanderer@xxxxxxxxxxx> > wrote: > >> On 2020-04-13 at 19:50, Daniel Lenski wrote: >>> This particular one has already been reported; we still don't >>> understand what it means, but it's very common. ¯\_(ツ)_/¯ >> >> I saw some of those discussions in looking at the archives before >> I reported this. If I get a chance to figure out what that means, >> I'll be sure to pass any (visibly) potentially relevant information >> along. > > Sounds good. One of the main *interesting* mysteries concerns IPv6. I can nearly 100% guarantee that I am not using IPv6, at either end of the connection. Whether it's involved anywhere in the middle is outside of my scope to determine. >>> Run it with `openconnect -vvvv --dump --timestamp`, and save that >>> to a file. The log size may be huge after ~3 hours, but it'll >>> give you precise timestamps for all messages. >> >> How huge are we talking about? A few hundred megabytes? A few >> gigabytes? > > ¯\_(ツ)_/¯ > > Depends how much you use it. It will print one log line for every > incoming and outgoing packet over the VPN. So, lots and lots, then. I connected it and left it with no follow-up traffic (not intentionally triggered, anyway), and it was already 30k after a matter of seconds; I've connected the RDP session and checked after a minute or two, and it was over 500k with little or no actual cross-RDP activity. I'm trying a way involving leaving it up overnight, in the hopes that it will exhibit the same behavior even without the continual traffic. If that doesn't work out, though, I can still capture the RDP session's first-drop log tomorrow. Would a repeating ping over the VPN tunnel (one every 30 seconds, more a keepalive than anything else) be enough to qualify as traffic for this purpose, or would I need to keep something else (e.g. the RDP session) going? I hope it's OK if I process the resulting file to strip out identifying information - organization names, not IP addresses et cetera; I'm not entirely sure what is and isn't OK to let out, here, but I know we're told not to share the GlobalProtect portal address and I can see that in the logs already. -- The Wanderer The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore all progress depends on the unreasonable man. -- George Bernard Shaw
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
