Opened 4 years ago

Closed 4 years ago

#1347 closed Bug / Defect (notabug)

max-clients not respected

Reported by: fkooman Owned by:
Priority: major Milestone:
Component: Generic / unclassified Version: OpenVPN 2.5.0 (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc:

Description

When using max-clients in the server it is not respected. When using _n_ for max-clients, only _n_-1 clients are allowed to connect...

max-clients 5
server 10.236.241.0 255.255.255.248

Network: 10.236.241.0/29
Netmask: 255.255.255.248 = 29
Broadcast: 10.236.241.7

Address space: Private Use
HostMin?: 10.236.241.1
HostMax?: 10.236.241.6
Hosts/Net?: 6

The IP space has enough room for 5 clients (+1 IP for the "gateway").

Change History (4)

comment:1 Changed 4 years ago by Pippin

sipcalc 10.236.241.0/29
-[ipv4 : 10.236.241.0/29] - 0

[CIDR]
Host address            - 10.236.241.0
Host address (decimal)  - 183300352
Host address (hex)      - AECF100
Network address         - 10.236.241.0
Network mask            - 255.255.255.248
Network mask (bits)     - 29
Network mask (hex)      - FFFFFFF8
Broadcast address       - 10.236.241.7
Cisco wildcard          - 0.0.0.7
Addresses in network    - 8
Network range           - 10.236.241.0 - 10.236.241.7
Usable range            - 10.236.241.1 - 10.236.241.6

For topology subnet it is:
10.236.241.0 = Network
10.236.241.6 = DHCP
10.236.241.7 = Broadcast
+1 for the server

So:
Addresses in network - 4 = number of clients

comment:2 Changed 4 years ago by tct

10.236.241.6 = DHCP

The address you have designated as DHCP is still a usable IP address.

@fkooman, I have also experienced the exact same issue. The server evaluates --max-clients N to be N - 1. I did not raise a ticket (that I can find) before because I was not sure of the cause, IE. It could have been something I caused myself.

Last edited 4 years ago by tct (previous) (diff)

comment:3 Changed 4 years ago by fkooman

Actually, max-clients *is* respected, the problem is simply that I was expecting that my /29 would allow 5 clients to get an IP from this range and thus I set max-clients to 5. This indeed allows 5 clients to connect, the 5th one will simply not get an IPv4 address, which broke my client-connect script that assumes a valid IPv4 address is presented in the environment variable ifconfig_pool_remote_ip.

comment:4 Changed 4 years ago by tct

Resolution: notabug
Status: newclosed
Note: See TracTickets for help on using tickets.