8

I'm trying to create a high-availability environment for my OpenVPN servers. I do this by having two identical VPN servers and in my client config specify multiple remote's:

# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote vpn1 1194
remote vpn2 1194

remote-random

This seem to work. I have a Vagrant environment with two VPN servers and two clients. Once the network runs and I stop OpenVPN on one of the VPN server the other server takes over.

However, before the other server takes over there is a long time before it actually does this. If my clients ping each other it takes about 3 minutes before the pinging continues. My guess is that the clients are trying to reconnect and that the time out is the issue here.

In my OpenVPN client.conf I have played with the following settings but it doesn't seem to make any difference (yes, I restart OpenVPN on the clients after changing the config):

connect-retry 2
connect-retry-max 2

How can I adjust the connect time out on the clients to make them switch faster to a different OpenVPN server?

Luke
  • 3,826
  • 8
  • 36
  • 40

1 Answers1

9

The keepalive directive controls this:

# The keepalive directive causes ping-like
# messages to be sent back and forth over
# the link so that each side knows when
# the other side has gone down.
# Ping every 10 seconds, assume that remote
# peer is down if no ping received during
# a 120 second time period.
keepalive 10 120
Dennis Jacobfeuerborn
  • 146
  • 3
  • Great. For those wondering, it's in the `server.conf`. I didn't spot it until now. Thanks! – Luke Jun 13 '15 at 02:51