schwabe
commented
1 year ago Yes. See the changelog of OpenVPN (https://github.com/OpenVPN/openvpn/blob/release/2.6/Changes.rst):
New control packets flow for data channel offloading on Linux. 2.6.2+ changes the way OpenVPN control packets are handled on Linux when DCO is active, fixing the lockups observed with 2.6.0/2.6.1 under high client connect/disconnect activity. This is an INCOMPATIBLE change and therefore an ovpn-dco kernel module older than v0.2.20230323 (commit ID 726fdfe0fa21) will not work anymore and must be upgraded. The kernel module was renamed to "ovpn-dco-v2.ko" in order to highlight this change and ensure that users and userspace software could easily understand which version is loaded. Attempting to use the old ovpn-dco with 2.6.2+ will lead to disabling DCO at runtime.
joksik
ordex
Hi, in previous versions when I checked a file /var/log/openvpn/openvpn.log my openvpn server started with ovpn-dco. today when i upgrade to latest version 2.6.2 i have in first line this:
2023-03-25 13:52:53 us=217969 Note: Kernel support for ovpn-dco missing, disabling data channel offload. 2023-03-25 13:52:53 us=218083 Current Parameter Settings: 2023-03-25 13:52:53 us=218092 config = '/etc/openvpn/server.conf'
my kernel is: Linux localhost 5.19.0-38-generic #39-Ubuntu SMP PREEMPT_DYNAMIC Fri Mar 17 17:33:16 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
and i have installed two packages: openvpn-dco-dkms and kmod-ovpn-dco
openvpn-dco-dkms is already the newest version (0.0+git20220816-1). kmod-ovpn-dco is already the newest version (0.20220601~git2db65af+jammy).
info about module from modinfo
modinfo ovpn_dco filename: /lib/modules/5.19.0-38-generic/updates/dkms/ovpn-dco.ko alias: net-pf-16-proto-16-family-ovpn-dco alias: rtnl-link-ovpn-dco version: 0.0+git20220816 license: GPL author: (C) 2020-2022 OpenVPN, Inc. description: OpenVPN data channel offload (ovpn-dco) srcversion: D9E21BC3C39384ACEAD8AC5 depends: ip6_udp_tunnel,udp_tunnel retpoline: Y name: ovpn_dco vermagic: 5.19.0-38-generic SMP preempt mod_unload modversions sig_id: PKCS#7 signer: localhost Secure Boot Module Signature key sig_key: 47:32:C1:7B:87:C0:D4:67:82:7F:2F:A8:CF:3A:41:C9:33:32:5C:0A sig_hashalgo: sha512 signature: 79:14:08:E5:AE:AA:04:60:DA:1E:E0:05:BE:9E:92:CC:A0:22:F1:F1: 75:80:6D:F7:FD:43:83:B1:A0:84:98:79:B0:B6:5A:EC:FC:F6:B5:CD: 57:B9:E7:E7:20:06:24:CC:38:32:2C:43:B4:16:CA:6A:52:78:74:31: 78:CD:F2:6A:1B:16:1B:32:31:62:16:26:FB:43:A3:32:CB:53:A2:94: B6:C2:59:42:EF:9A:40:2E:F9:85:21:07:EB:AB:C5:DB:AA:38:E8:44: AB:2A:E4:28:13:FB:D9:EE:7E:F3:61:30:F4:B4:AF:C5:0B:FB:B1:41: 3E:E7:3B:1A:92:9B:D3:34:5B:B8:C8:54:E4:77:0A:55:93:FB:9F:E2: DE:A0:9A:D0:7E:F6:13:43:5F:A2:97:78:1D:74:B7:C5:5A:91:15:3D: D8:EB:28:79:EE:E3:AF:BD:72:85:FF:D1:39:39:B5:38:BD:DB:D3:3E: A7:43:3F:5D:E8:B6:BE:0A:D5:61:13:09:61:79:0D:AA:BB:D9:BF:08: 36:83:66:6D:F1:80:10:40:6E:2D:6B:CE:85:7E:3B:C4:BB:09:1C:DF: 16:ED:C9:C9:F6:BA:07:F6:A2:31:5B:AA:30:BF:87:A6:C9:EB:03:D8: 8A:68:CE:D1:78:D8:7F:6D:9D:08:B6:33:B3:33:E1:52
lsmod | grep ovpn_dco ovpn_dco 73728 0 ip6_udp_tunnel 16384 1 ovpn_dco udp_tunnel 28672 1 ovpn_dco
sudo dkms status ovpn-dco/0.0+git20220816, 5.19.0-37-generic, x86_64: installed ovpn-dco/0.0+git20220816, 5.19.0-38-generic, x86_64: installed
did i miss something in the new version? why dco is disabled when i have all packages in latest version