Connection error when using ipv6

Mikki · June 20, 2024, 7:33am

(IPv6 is replaced with RFC 3849 - Documentation prefix)
Client Version: v1.3.3883.60

Getting errors in my pritunl service log on my Mac M1 (ARM) not sure if it is the problem syncing the profile or the SSO when connecting…

It have this info: “dial tcp: address [[2001:db8:::2]]:443: missing port in address” but i do not understand why it have dual “[[” “]]” normally it is “just” [2001:db8:::2]:443 that is used

[2024-06-20 09:23:19][INFO] ▶ profile: Connecting ◆ device_auth=true ◆ disable_dns=false ◆ disable_gateway=false ◆ dynamic_firewall=false ◆ force_dns=true ◆ mode="ovpn" ◆ profile_id="<profile_id>" ◆ reconnect=true ◆ sso_auth=true
[2024-06-20 09:23:22][WARN] ▶ profile: Request ovpn connection error ◆ host="vpn.example.com"
profile: Server is offline
ORIGINAL STACK TRACE:
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).reqOvpn
	/Users/apple/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:2401 +0x100f1b574
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).reqOvpn
	/Users/apple/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:2440 +0x100f1bc0f
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).openOvpn
	/Users/apple/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:1975 +0x100f191f7
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).startOvpn
	/Users/apple/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:1381 +0x100f1600b
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).Start
	/Users/apple/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:1364 +0x100f15e37
github.com/pritunl/pritunl-client-electron/service/profile.SyncSystemProfiles.func1
	/Users/apple/go/src/github.com/pritunl/pritunl-client-electron/service/profile/utils.go:413 +0x100f27493
runtime.goexit
	/opt/homebrew/Cellar/go/1.22.2/libexec/src/runtime/asm_arm64.s:1222 +0x1009da303
[2024-06-20 09:23:24][WARN] ▶ profile: Request ovpn connection error ◆ host="2001:db8:::2"
profile: Request put error
Post "https://[[2001:db8:::2]]/key/ovpn_wait/<id_A>/<id_B>/<id_C>": dial tcp: address [[2001:db8:::2]]:443: missing port in address
ORIGINAL STACK TRACE:
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).reqOvpn
	/Users/apple/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:2365 +0x100f1b64c
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).reqOvpn
	/Users/apple/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:2440 +0x100f1bc0f
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).openOvpn
	/Users/apple/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:1995 +0x100f19463
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).startOvpn
	/Users/apple/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:1381 +0x100f1600b
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).Start
	/Users/apple/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:1364 +0x100f15e37
github.com/pritunl/pritunl-client-electron/service/profile.SyncSystemProfiles.func1
	/Users/apple/go/src/github.com/pritunl/pritunl-client-electron/service/profile/utils.go:413 +0x100f27493
runtime.goexit
	/opt/homebrew/Cellar/go/1.22.2/libexec/src/runtime/asm_arm64.s:1222 +0x1009da303

VPN node ip: 2001:db8:::2 and 192.168.1.2
vpn.example.com ip: 2001:db8:::3 192.168.1.3

zach · June 24, 2024, 4:22am

The first server offline error indicates the request was sent to a host that was online but not running the server. The second error will be fixed in the next release. This can be avoided by using DNS domains for all the hosts.

Also verify the connection single sign-on domain in the top right settings is correctly set to either a load balancer or a domain for one of the online hosts.

Mikki · July 1, 2024, 7:18am

I added DNS to the servers and that removed the post error.

But what do you mean by

So vpn.example.com is the load balancer DNS so yes it is not running any VPN servers.
So i have 3 nodes, vpnnode01 and vpnnode02 is running the same openvpn servers in a replica set and vpnnode03 is running some others

So vpnnode01, vpnnode02

openvpn server 01
openvpn server 02

vpnnode03

openvpn server 03
openvpn server 04

If client A want to use “openvpn server 01” and login using proxy server vpn.example.com for SAML and then hits the server “vpnnode03” do it then end in offline error?

Mikki · July 1, 2024, 8:18am

In out HAProxy config have we tried to change “balance roundrobin” to “source” we will do some more test but the error looks to be gone.

Mikki · July 1, 2024, 8:20am

Related to Pritunl Client open multiple SSO login bowser windows