Hi. Since updating to the latest September release on my Vero 4K+ - which I believe is now Bullseye - I’ve been experiencing network issues with my vpn setup which your team kindly helped me get up and running ages ago (openvpn setup via cli, running a watchdog timer). It’s been solid as a rock for ever now, but this latest update has messed something up.
System info reports operating system/ system uptime/ total uptime as busy every 15 seconds or so. I can’t stream anything online.
curl ipinfo.io via command line normally gives me details of the vpn’s ip address, but now gives me ‘curl: (6) Could not resolve host: ipinfo.io’
If I run the following four commands: [sudo systemctl] stop openvpn/ disable openvpn/ stop openvpn-watchdog.timer/ sudo systemctl disable openvpn-watchdog.timer and reboot, everything seems to be back to normal.
I’m not able to upload any logs while the vpn is turned on. Tried copying to SD card but I can’t find any log there.
I’ve been playing with another box recently so didn’t notice this until a family member, who has an identical setup to me (running osmc, but instead on a rpi4) told me nothing seemed to be working after a recent update.
Any assistance would be greatly appreciated. Thanks.
Thanks for the response. Below is the contents of my vpn.conf file (keys have been removed). Persist-tun was removed on dillthedog’s suggestion which fixed reconnection issues if the network connection was lost. I’ve also included the instructions you sent me that I follow to set up watchdog timer if useful.
I can do a clean install of the previous version of osmc I was running and this setup still works perfectly with it, so not sure what has changed.
Yes, it works now that those two lines have been removed. So it’s a dns resolving issue like you thought? Openresolv currently uses my vpn provider’s secure dns. I suppose I could configure network manually in my osmc and use cloudflare dns for example, but weird that I would need to since it’s never been an issue on the Vero.
Any idea why this doesn’t work with the new osmc update? Or any ideas how to work around this (other than the manual dns option)? Thanks.
I’ve found that openvpn can’t restore the dns settings, with the down script. The issue appears to be with openresolv, but resolvconf doesn’t work well with osmc. So can I get openvpn to start, but as soon as it stopped or restarted it couldn’t connect as my vpn providers dns server was still being used.
One option here is not to use the openvpn providers dns servers, and continue to use the ones set in MyOSMC. If you are concerned about privacy, I would consider cloudflare; they have a reasonable logging policy:
Alternatively I did find a workaround by using connman to restore the the dns servers, with the following script; /etc/openvpn/restore-resolv.conf:
Replace ethernet_xxxxxxxxxxxxx_cable with your actual connection, you can find this with connmanctl services. Replace the dns server’s with your preference. Make it executable with:
sudo chmod u+x /etc/openvpn/update-resolv-conf.sh
update your conf with:
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/restore-resolv.conf
Out of interest, how long have you had these issues with openresolv? I only ask as it’s worked perfectly for me until the latest osmc update, which I figured had to be responsible for these issues as opposed to the issue being with open vpn/openresolv and particularly because, as I mentioned earlier, openresolv still works perfectly when I roll back osmc to a previous version. Possibly an openresolv issue with bullseye?
I believe I’ve created a working script which will allow you to use the dns servers from your VPN provider, with no requirement for on resolvconf or openresolv. I would appreciate it if you were happy to test, before doing so you should probably check out the script; it can be found here:
I notice that each dns server address is now identical to its corresponding vpn ip address, whereas I’m used to seeing the last three digits of the dns address differ. I’m sure that’s not a problem but thought I’d mention it.
This doesn’t sound right, do you mean the IPs that the vero4ks get or the GW IP? Does DNS resolution work, can you ping google.com; when connected to the VPN tunnel? If so I wouldn’t worry about it too much.
Sorry Tom, been a long day and probably shouldn’t be doing this now! What I meant to say was…the dns leak test addon I use reports the vpn’s ip address and dns address as identical. Over the years I’ve been using this addon (and using openresolv to resolve the vpn’s dns), the last few digits of the dns address have always differed to the vpn ip address. Guessing it doesn’t matter.
My Osmc reports the primary dns as the vpn provider’s dns address rather than my normal 192.168.0.1- I’m assuming that’s meant to happen?
Need to test a bit more just to be sure - having some weird speed test issues but could just be the specific server I’m using. I’ll report back tomorrow. Thanks.
Having tested some more, it all seems to be working well. I think what initially threw me is that Kodi’s Speedtester app has stopped working on osmc bullseye (tested with clean install and no vpn to be sure) so I assumed your script was causing some weird issues with download speeds.
Also tried speedtest-cli from command line and was getting the following…