Hello!
I have to add a very large number of subnets to the server routes.
For example, AWS has over 8 thousand subnets of IP addresses. I combined them as much as possible, it turned out to be about 600, but this is still too much for Pritunl.
I increased all the options in mongo, which contain the word timeout, which are in settings/vpn.py (pritunl/pritunl/settings/vpn.py at master · pritunl/pritunl · GitHub), and the server really does not crash, but there is an Error
“Failed to start the server, server error occurred.” But the server is still Online and continues to do Push route. In reality, there is a Warning
“Stopping duplicate instance, check date time sync” and Push route starts over.
Is there a setting that will increase the OpenVPN server start time and will not force the server to restart?
Run sudo pritunl set vpn.lib_iptables true to use lib iptables which will add iptables rules faster. Run sudo pritunl set vpn.startup_timeout 600 to increase the server startup timeout. Additionally the Restrict Routing option can be disabled to reduce the number of rules needed.
This may be an issue with the server performance. I have a test server with 950 NAT routes that will start without lib iptables and without an increased timeout.
For AWS public ranges, AWS publishes a list of subnet ranges. There is a script in repository at pritunl/tools/add_aws_ranges.py to use the API to add all these ranges.
Thanks for your reply!
Unfortunately this didn’t help…
I did as you said, but no
Of course, I have 1500 routes registered
I thought maybe if I made the VM more powerful it would help, but that’s not the case either.
It’s stupid that startup_timeout is 600 seconds, but after 60 seconds the server starts to restart. In this case, the server status remains Online.
Yes, I used the link from this script to get a list of AWS subnets
For anyone who encountered this and doesn’t understand what’s going on, try disabling the output of debug logs in the server settings.
If you disable it, the server starts almost instantly, despite the number of routes.
