Bug 832788

Summary: openvpn does not start on boot
Product: [Fedora] Fedora Reporter: Need Real Name <mal>
Component: openvpnAssignee: Steven Pritchard <steve>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 17CC: davids, gwync, huzaifas, steve
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-06-18 08:35:05 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Need Real Name 2012-06-17 12:04:58 UTC 
Openvpn server does not start on boot with message
cannot bind 1.1.1.1:1194

but restaring it manually 
systemctl restart openvpn 
works OK.

if in /etc/openvpn/server.conf
I comment the line
local 1.1.1.1

then openvpn server starts on boot OK and listen on 0/0:1194

probably some interaction with Network Manager
Comment 1 David Sommerseth 2012-06-18 08:35:05 UTC 
If the network interface which you want OpenVPN to bind to isn't available when OpenVPN tries to start at boot time, this is the expected behaviour.

Generally speaking, any kind of errors like "cannot bind 1.1.1.1:1194" indicates that there are no network interfaces configured with the given IP address available when OpenVPN started.  By not using the --local option, OpenVPN will listen to any IP addresses; including from IP addresses on network interfaces which was not available when OpenVPN was started.  It is not possible to bind to an not configured IP address.

Closing as NOTABUG.  If you feel this is not the right solution, please re-open this bz and attach a complete log file with verb set to 4 (f.ex using --log /var/tmp/openvpn.log --verb 4).  Otherwise it will be difficult to analyse further what went wrong.
Comment 2 Need Real Name 2012-06-18 20:40:48 UTC 
I do have all interfaces configured right, and 
everything is working OK if I start openvpn AFTER boot is done.
The problem is that on boot openvpn is starded by systemd BEFORE 
network interfaces are up.

I think openvpn supposed to wait for network manager to get interfaces up
or scheduled to be started after NewtworkManager.
It SysV it was very clear: start nework on runlevel N
start other program on level N+1. (after N).

Ultimate example - start openvpn before network is up and 
have guaranteed failure.

People from https://bugzilla.redhat.com/show_bug.cgi?id=752774
suggested me the two workarounds, but I think openvpn .service 
script should be adjusted to be started later.

-----QUOTE
The best solution would be for openvpn to use IP_FREEBIND so that it can bind
to the address evenm if it doesn't exist yet.

A workaround is to enable NetworkManager-wait-online.service so that things
which depend on network.target (like openvpn) only start once NetworkManager
has finished bringing the network up.
----END OF QUOTE