Originalimoc
Originalimoc
Interesting, have you tried measuring the true end to end latency?
yes, 127.0.0.1:12345 is another tunnel, actual remote route manually bypassed
``` #persist-tun proto udp tun-mtu 1428 remote 127.0.0.1 12345 persist-local-ip explicit-exit-notify 2 connect-retry 1 3 client nobind allow-compression no data-ciphers AES-128-GCM auth-nocache script-security 2 verb 3 route-up /etc/openvpn/route-up.sh route-pre-down /etc/openvpn/route-pre-down.sh...
A very generic config
I'll moving on without persist-remote-ip because remote is not a domain name anyway, but somewhere there is a bug
I don't want ping static interval(avoid some detection), and ping-restart 3600 can be ping-restart 360000 or whatever because it'll almost never get triggered. auth-nocache is for password auth I used...
Yes after DCO this doesn't matter anymore, dco is even multithreaded(?). 12345 is an obfuscation tunnel. Actual remote is 100ms away, works pretty well for 5+ years. I'm not sure...
LOL checked log it did change but it's so fast that I never noticed. Change it after the next maintainance XD.
Are you: first, you get an established tunnel, then send a SIGUSR1 ?
Huh it turns out it's a bad idea to use static local port. Because server is not getting an explicit-exit-notify when client is getting a SIGUSR1, it will wait until...