Bug 832788 - openvpn does not start on boot
openvpn does not start on boot
Product: Fedora
Classification: Fedora
Component: openvpn (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Steven Pritchard
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2012-06-17 08:04 EDT by Need Real Name
Modified: 2012-06-18 16:40 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2012-06-18 04:35:05 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Need Real Name 2012-06-17 08:04:58 EDT
Openvpn server does not start on boot with message
cannot bind

but restaring it manually 
systemctl restart openvpn@server.service 
works OK.

if in /etc/openvpn/server.conf
I comment the line

then openvpn server starts on boot OK and listen on 0/0:1194

probably some interaction with Network Manager
Comment 1 David Sommerseth 2012-06-18 04:35:05 EDT
If the network interface which you want OpenVPN to bind to isn't available when OpenVPN tries to start at boot time, this is the expected behaviour.

Generally speaking, any kind of errors like "cannot bind" indicates that there are no network interfaces configured with the given IP address available when OpenVPN started.  By not using the --local option, OpenVPN will listen to any IP addresses; including from IP addresses on network interfaces which was not available when OpenVPN was started.  It is not possible to bind to an not configured IP address.

Closing as NOTABUG.  If you feel this is not the right solution, please re-open this bz and attach a complete log file with verb set to 4 (f.ex using --log /var/tmp/openvpn.log --verb 4).  Otherwise it will be difficult to analyse further what went wrong.
Comment 2 Need Real Name 2012-06-18 16:40:48 EDT
I do have all interfaces configured right, and 
everything is working OK if I start openvpn AFTER boot is done.
The problem is that on boot openvpn is starded by systemd BEFORE 
network interfaces are up.

I think openvpn supposed to wait for network manager to get interfaces up
or scheduled to be started after NewtworkManager.
It SysV it was very clear: start nework on runlevel N
start other program on level N+1. (after N).

Ultimate example - start openvpn before network is up and 
have guaranteed failure.

People from https://bugzilla.redhat.com/show_bug.cgi?id=752774
suggested me the two workarounds, but I think openvpn .service 
script should be adjusted to be started later.

The best solution would be for openvpn to use IP_FREEBIND so that it can bind
to the address evenm if it doesn't exist yet.

A workaround is to enable NetworkManager-wait-online.service so that things
which depend on network.target (like openvpn) only start once NetworkManager
has finished bringing the network up.

Note You need to log in before you can comment on or make changes to this bug.