Re: [Openvpn-users] DNS Round-robin-records vs. "Preserving recently used remote address"

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

W dniu 3.04.2024 o 11:31, Ralf Hildebrandt via Openvpn-users pisze:
> Hi!
>
> We're using DNS Round-robin-records with a TTL of 300s for our openvpn
> endpoint servers.
>
> Yet, clients seem to reconnect to the same IP, although the DNS entry
> has expired; the log usually shows something like:
>
> 2024-02-21 11:37:04 TCP/UDP: Preserving recently used remote address: [AF_INET]193.175.73.xxx:1194
>
> Yes, it makes perfect sense to re-use a known IP, especially in the
> VPN context (DNS settings might just be off while dropping out of the
> VPN etc.), but this does really clash with our intentionally low TTL -
> at least when we're removeing one endpoint from the DNS for maintenance.
>
Hello,

in your case setting "explicit-exit-notify 2" on the servers should 
solve the problem.

-- 
Marek Zarychta

Re: [Openvpn-users] DNS Round-robin-records vs. "Preserving recently used remote address"

Robust and flexible VPN network tunnelling

Re: [Openvpn-users] DNS Round-robin-records vs. "Preserving recently used remote address"