Hi, we are using vmware inside a windows server machine to run OpenVPN. This setup has worked for over two years.
Lately (the past 3 weeks) our VM networking stops responding and requires a reboot to fix. We need to do this several times a day. After troubleshooting with OpenVPN support, we think the issue is with our vmware setup. The DNS seems to be failing on the VM.
We haven't had any system upgrades or changes during that time, so this problem seems to be coming out of the blue. Unfortunately there is no way to contact vmware support without a paid service, so I'm really hoping someone in the community could help us troubleshoot this problem.
I will post some of the tests we did with OpenVPN below.
Any help is greatly appreciated.
***
We tried disabling the cleanup and daily activities
We provided them with our recent logs from our access server:
-Syslog under /var/log
Our logs had this error:
2022-04-25T05:49:14-0700 [stdout#info] License Manager renewal exception: japicli: E_RESOLVE HTTPCore Asio resolve_callback: Host not found (non-authoritative), try again later
We tried a DNS test and we had some problems here. We looked through our firewall rules and there was nothing conflicting there.
dig asb.sts.openvpn.net
dig asb.sts.openvpn.net +norec @dave.ns.cloudflare.com.
dig asb.sts.openvpn.net +norec @emma.ns.cloudflare.com.
The result was this:
; <<>> DiG 9.11.3-1ubuntu1.17-Ubuntu <<>> asb.sts.openvpn.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37497
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;asb.sts.openvpn.net. IN A
;; ANSWER SECTION:
asb.sts.openvpn.net. 37 IN A 104.19.235.45
asb.sts.openvpn.net. 37 IN A 104.19.236.45
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Thu Apr 28 10:41:48 PDT 2022
;; MSG SIZE rcvd: 80
dig asb.sts.openvpn.net +norec @dave.ns.cloudflare.com.
; <<>> DiG 9.11.3-1ubuntu1.17-Ubuntu <<>> asb.sts.openvpn.net +norec @dave.ns.cloudflare.com.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19440
;; flags: qr aa; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;asb.sts.openvpn.net. IN A
;; ANSWER SECTION:
asb.sts.openvpn.net. 300 IN A 104.19.236.45
asb.sts.openvpn.net. 300 IN A 104.19.235.45
;; Query time: 9 msec
;; SERVER: 173.245.59.109#53(173.245.59.109)
;; WHEN: Thu Apr 28 10:41:57 PDT 2022
;; MSG SIZE rcvd: 80
dig asb.sts.openvpn.net +norec @emma.ns.cloudflare.com.
; <<>> DiG 9.11.3-1ubuntu1.17-Ubuntu <<>> asb.sts.openvpn.net +norec @emma.ns.cloudflare.com.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35086
;; flags: qr aa; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;asb.sts.openvpn.net. IN A
;; ANSWER SECTION:
asb.sts.openvpn.net. 300 IN A 104.19.235.45
asb.sts.openvpn.net. 300 IN A 104.19.236.45
;; Query time: 9 msec
;; SERVER: 173.245.58.112#53(173.245.58.112)
;; WHEN: Thu Apr 28 10:42:03 PDT 2022
;; MSG SIZE rcvd: 80
This is our default values for the vm for the access server
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 8.8.8.8
8.8.4.4
We tried resolvectl status
;;<<>> DiG 9.11.3-1ubuntu1.17-Ubuntu <<>> asb.sts.openvpn.net
;; global options: +cmd
;; connection timed out; no servers could be reached
The results from
ping -c3 8.8.8.8
ping -c3 8.8.4.4
Were
root@openvpnas2:~# ping -c3 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=114 time=20.4 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=114 time=20.2 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=114 time=20.2 ms
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 20.208/20.297/20.408/0.184 ms
root@openvpnas2:~# ping -c3 8.8.4.4
PING 8.8.4.4 (8.8.4.4) 56(84) bytes of data.
64 bytes from 8.8.4.4: icmp_seq=1 ttl=114 time=20.3 ms
64 bytes from 8.8.4.4: icmp_seq=2 ttl=114 time=20.2 ms
64 bytes from 8.8.4.4: icmp_seq=3 ttl=114 time=21.5 ms
--- 8.8.4.4 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 20.274/20.747/21.579/0.601 ms
