Internet connection drops randomly when using VPN

ntoxeg · March 12, 2024, 4:38pm

I have an issue with lack of internet access when connecting to the VPN.
I work on an Intel Mac, internet access does work if I disable the DNS and the gateway but that doesn’t allow me to access anything inside.

The original issue actually was that using the VPN would initially work fine but after a while I would lose internet access. I can’t connect to anything besides a few machines, DNS also being inaccessible.
I tried switching to TCP but it doesn’t work at all and using keepalive instead of ping but it didn’t help.

Moreover, after restarting the VPN multiple times I start getting socket errors that I can only make go away by restarting the whole computer (restarting the service does not help):

RequestError: Request:  Client error method=GET path=/sprofile
Error: connect ENOENT /var/run/pritunl.sock
Error: connect ENOENT /var/run/pritunl.sock
    at __node_internal_captureLargerStackTrace (node:internal/errors:497:5)
    at __node_internal_exceptionWithHostPort (node:internal/errors:672:12)
    at PipeConnectWrap.afterConnect [as oncomplete] (node:net:1595:16)

That causes all connectivity to be lost.

The profile log looks like this:

2024-03-12 17:20:04 Opened utun device utun7
2024-03-12 17:20:04 /sbin/ifconfig utun7 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2024-03-12 17:20:04 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2024-03-12 17:20:04 /sbin/ifconfig utun7 192.168.237.6 192.168.237.6 netmask 255.255.255.0 mtu 1500 up
route: writing to routing socket: File exists
add net 192.168.237.0: gateway 192.168.237.6: File exists
2024-03-12 17:20:04 /tmp/pritunl/5a78abed73f05431-block.sh utun7 1500 0 192.168.237.6 255.255.255.0 init
add net 109.232.29.29: gateway 192.168.0.1
add net 0.0.0.0: gateway 192.168.237.1
add net 128.0.0.0: gateway 192.168.237.1
add net 1.1.1.1: gateway 192.168.237.1
dhcp-option DNS 1.1.1.1
2024-03-12 17:20:04 Initialization Sequence Completed
2024-03-12 17:20:04 Data Channel: cipher 'AES-128-GCM', peer-id: 2, compression: 'stub'
2024-03-12 17:20:04 NOTE: --mute triggered…

I talked to the person managing the VPN but they don’t have these issues, it seems to be just me.

ntoxeg · March 12, 2024, 4:49pm

Just to clarify so that this does not get overcomplicated — if I do nothing and just connect as-is, everything works for a while but eventually I lose internet access, that’s the main issue. I tried to investigate as much as I could and tinker with it to solve the problem but it just makes things worse, it seems…

ntoxeg · March 12, 2024, 5:12pm

It seems that forcing single DNS option might be it — I did it before but it was after the socket broke, I’m not 100% sure it’s fine yet though.

ntoxeg · March 13, 2024, 1:51pm

Sadly, that was not it, I don’t know what to do anymore, I have to periodically reconnect to the VPN.

ntoxeg · March 13, 2024, 2:11pm

Here’s a new log that I captured just after the connection broke:

2024-03-13 14:52:37 Initialization Sequence Completed
2024-03-13 14:52:37 Data Channel: cipher 'AES-128-GCM', peer-id: 1, compression: 'stub'
2024-03-13 14:52:37 NOTE: --mute triggered...
2024-03-13 14:53:49 2 variation(s) on previous 3 message(s) suppressed by --mute
2024-03-13 14:53:49 AEAD Decrypt error: bad packet ID (may be a replay): [ #8199 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
2024-03-13 14:53:49 NOTE: --mute triggered…