OpenV$P$N配置后启动服务发生错误排错

Posted 白-胖-子

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了OpenV$P$N配置后启动服务发生错误排错相关的知识,希望对你有一定的参考价值。

  • 脚本写完测试时发现客户端无法连接OpenV P P PN服务器
  • 查看发现服务没有启动
  • 启动服务时报错
[root@C8-194 ~]# cat > /usr/lib/systemd/system/openvpn@.service << SUN
> [Unit]
> Description=OpenVPN Robust And Highly Flexible Tunneling Application On %I
> After=network.target
> [Service]
> Type=notify
> PrivateTmp=true
> ExecStart=/usr/sbin/openvpn --cd /etc/openvpn/ --config %i.conf
> [Install]
> WantedBy=multi-user.target
> SUN
[root@C8-194 ~]# ## 启动OpenVPN服务
[root@C8-194 ~]# systemctl daemon-reload
[root@C8-194 ~]# systemctl enable --now openvpn@server
Job for openvpn@server.service failed because the control process exited with error code.
See "systemctl status openvpn@server.service" and "journalctl -xe" for details.
  • 执行status和-xe查看具体错误
[root@C8-194 ~]# systemctl status openvpn@server.service
● openvpn@server.service - OpenVPN Robust And Highly Flexible Tunneling Application On server
   Loaded: loaded (/usr/lib/systemd/system/openvpn@.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Wed 2021-05-12 02:04:53 CST; 27s ago
  Process: 1411 ExecStart=/usr/sbin/openvpn --cd /etc/openvpn/ --config server.conf (code=exited, status=1/FAI>
 Main PID: 1411 (code=exited, status=1/FAILURE)

May 12 02:04:53 C8-194 systemd[1]: Starting OpenVPN Robust And Highly Flexible Tunneling Application On server>
May 12 02:04:53 C8-194 systemd[1]: openvpn@server.service: Main process exited, code=exited, status=1/FAILURE
May 12 02:04:53 C8-194 systemd[1]: openvpn@server.service: Failed with result 'exit-code'.
May 12 02:04:53 C8-194 systemd[1]: Failed to start OpenVPN Robust And Highly Flexible Tunneling Application On>
[root@C8-194 ~]# journalctl -xe
-- Subject: Unit succeeded
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
-- 
-- The unit systemd-hostnamed.service has successfully entered the 'dead' state.
May 12 02:04:52 C8-194 systemd[1]: Reloading.
May 12 02:04:53 C8-194 systemd[1]: Reloading.
May 12 02:04:53 C8-194 systemd[1]: Starting OpenVPN Robust And Highly Flexible Tunneling Application On server>
-- Subject: Unit openvpn@server.service has begun start-up
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
-- 
-- Unit openvpn@server.service has begun starting up.
May 12 02:04:53 C8-194 systemd[1]: openvpn@server.service: Main process exited, code=exited, status=1/FAILURE
May 12 02:04:53 C8-194 systemd[1]: openvpn@server.service: Failed with result 'exit-code'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
-- 
-- The unit openvpn@server.service has entered the 'failed' state with result 'exit-code'.
May 12 02:04:53 C8-194 systemd[1]: Failed to start OpenVPN Robust And Highly Flexible Tunneling Application On>
-- Subject: Unit openvpn@server.service has failed
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
-- 
-- Unit openvpn@server.service has failed.
-- 
-- The result is failed.
  • 并没有具体的提示
  • 分段执行脚本中函数测试,发现卡在启动服务的函数段
  • 经仔细比对分析,确认启动脚本没有错误
  • 按照以往经验,严重怀疑时配置文件错误
  • 经重新检查发现配置文件中server字段应该填写网段而非服务器IP
[root@C8-194 ~]# cat /etc/openvpn/server.conf 
port 1194
proto tcp
dev tun
ca /etc/openvpn/certs/ca.crt
cert /etc/openvpn/certs/sun.crt
key /etc/openvpn/certs/sun.key # This file should be kept secret
dh /etc/openvpn/certs/dh.pem
server 10.0.0.194 255.255.255.0
push "route 172.66.0.0 255.255.255.0"
keepalive 10 120
cipher AES-256-CBC
compress lz4-v2
push "compress lz4-v2"
max-clients 2048
user openvpn
group openvpn
status /var/log/openvpn/openvpn-status.log
log-append /var/log/openvpn/openvpn.log
verb 3
mute 20

  • 订正错误
server 10.0.0.194 255.255.255.0
  • 修改为
server 10.0.0.0 255.255.255.0

其后服务可以正常启动,故障排除!
在这里插入图片描述
不过正常启动后,openvpn产生的tun0豚骨隧道网段如果和当前网段一样,会产生路由冲突,导致服务器无法访问

  • 修改为
server 10.123.223.0 255.255.255.0

豚骨隧道

以上是关于OpenV$P$N配置后启动服务发生错误排错的主要内容,如果未能解决你的问题,请参考以下文章

openv_p_n客户端相关设置

NFS服务器故障排错日记

openv_n安装

LNMP排错

Spring boot启动后没有生成日志文件问题排错

Apache 安装后Error 403的故障排错方法(linux)