When connected using wintun driver dns names are not resolved first 3-5 seconds

OpenVPN / openvpn

OpenVPN is an open source VPN daemon

http://openvpn.net

Other

10.92k stars 3.01k forks source link

When connected using wintun driver dns names are not resolved first 3-5 seconds #439

Open kudroma1 opened 1 year ago

kudroma1 commented 1 year ago

Describe the bug When using wintun OpenVPN reports that connection was established but actually there is no connection during next 3-5 seconds.

To Reproduce Write command ping <some_domain_name> in command line. Then connect using wintun driver on Windows (I am connecting from GUI in tray). Try to ping just after connection was set up. The error that domain name can't be resolved is shown first 1-5 seconds. Then all starts to work.

Expected behavior If OpenVPN says that connection was successfully established then connection should be available immediatly.

Version information (please complete the following information):

OS: Windows 11
OpenVPN version: Tried 2.6.1 and 2.6.3.

Additional context I saw the log and investigated the code. It looks like that there is no any tests on connectivity when wintun is used.

kudroma1 commented 1 year ago

Config that is used (with removed secrets). conf.txt

What I see then trying to ping after connection succeeded.

selvanair commented 1 year ago

Are you setting DNS sever on the wintun interface (via the config file or pushed by sever)? Post logs with verb 4 and output of ipconfig /all when connected.

kudroma1 commented 1 year ago

I don't do anything special with wintun. I simply installed openvpn and provided the config above.

Windscribe-StaticIP.log

kudroma1 commented 1 year ago

I would like to add that tested this behavior on two different laptops. The result is the same. First 3-5 seconds there is no connection.

selvanair commented 1 year ago

I misread your post and missed this crucial part:

The error that domain name can't be resolved is shown first 1-5 seconds. Then all starts to work.

This short delay appears to be Windows "feature" when routing is changed. For a related discussion see #343 and scroll down for a way to emulate the same behaviour as seen with tap-windows driver.

lstipakov commented 1 year ago

Completely different thing, but why do you use wintun? If you remove ncp-ciphers, cipher and windows-driver from the .ovpn profile, you might get the benefits of the new DCO driver.

kudroma1 commented 1 year ago

Completely different thing, but why do you use wintun? If you remove ncp-ciphers, cipher and windows-driver from the .ovpn profile, you might get the benefits of the new DCO driver.

I will use DCO instead wintun soon. But as #343 states the same delay exists for DCO too. So I think problem is connected with routes change on Windows.

BringerOD commented 1 year ago

I have this same issue, its with the new client as well. Did not have it before, not sure what version I was using before, due to a reinstall.

When I connect it does this

Also, this repeats every few minutes, say 5 minutes, I have not timed it though.