Hi,
Few days ago we got an issue with two users connected to the same vpn server which got same ip address.
In pritunl log I found this error:
[restless-meadow-4875][2025-02-10 09:31:04,453][ERROR] User missing ip address
server_id = "6759c47c583258e4095740bc"
instance_id = "67912f685bcc0074770402f3"
user_id = "6798937a5bcc0074775d34ff"
multi_device = false
network = "10.248.11.96/27"
user_count = 10
multiple devices is deactivated.
I’m having a look to the code and database and I found that each user in the organization have a reserved static ip address in each server, no matter if user has access to the server or not. I also found sort of hidden users which also have reserved IP address.
When the issue occurs we have a total of 21 users in the organization and the server was configured with a /27 network with 29 available ip. I wonder why we can get this User missing ip address with 29 available ip addresses for 21 users… Is there an issue with those hidden users ?
As a workaround we set the virtual network to a /25 and it solves the issue.
In the future we expect 1000 active users spread into 50 servers (each user has only access to one server). If my understanding is correct we need to set a virtual network subnet large enough for 1000 users in each server, am I right ? Sounds like over-consuming ip addresses…
I suppose I could spread users in multiple organizations to reduce virtual subnet size but as we’re using Google Authentication I can’t.
Is there any way to ensure pritunl allocate users’ static ip adress only for server he has access and not every servers ?
what is the purpose of those hidden users and is there a way to configure it or even deactivate them if we don’t need it ?
Thanks