Package: openvpn
Version: 2.0.7-1
Severity: normal
I've found that if I'm running multiple tunnels using the "mlock" option,
OpenVPN dies with an "Out of Memory" error, but only if it's started on
boot-up (logging in and running /etc/init.d/openvpn restart makes the
problem mysteriously go away).
An strace of the process reveals output similar to:
http://openvpn.net/archive/openvpn-users/2005-12/msg00013.html
The problem is that apparently, on bootup, "ulimit -l" (RLIMIT_MEMLOCK)
defaults 32, which, as far as I can tell, means 32 *KiB*, which is way too
small for the entire openvpn process space.
Putting "ulimit -l 16384" into /etc/default/openvpn makes the problem go
away, though I'm not really sure what an appropriate value for the rlimit
would be.
In any case, if OpenVPN isn't going to handle setting the resource limit
itself, this should at least be mentioned in the man page, and a reasonable
ulimit command should be placed (commented out or otherwise) into
/etc/defaults/openvpn.
Cheers,
- Dwayne
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16.29-xenU
Locale: LANG=C, LC_CTYPE=C (charmap=UTF-8) (ignored: LC_ALL set to en_CA.UTF-8)
Versions of packages openvpn depends on:
ii debconf [debconf-2.0] 1.5.3 Debian configuration management sy
ii libc6 2.3.6.ds1-4 GNU C Library: Shared libraries
ii liblzo1 1.08-3 data compression library (old vers
ii libssl0.9.8 0.9.8c-3 SSL shared libraries
openvpn recommends no packages.
-- debconf information:
openvpn/change_init: true
* openvpn/create_tun: true
openvpn/change_init2: true
* openvpn/stop2upgrade: false
openvpn/default_port:
--
Dwayne C. Litzenberger <[EMAIL PROTECTED]>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
