Continuously check status of OpenVPN connection
You do not need to do that, but you can still do it by means of checking your apparent external IP address: the following command
wget 216.146.38.70:80
queries checkip.dyndns.org for your external IP. You should be able to recognize the current status of your connection that way.
Alternatively, you may check your routing table:
$ ip route show
0.0.0.0/1 via 10.8.0.17 dev tun0
default via 192.168.73.1 dev eth0 proto static
10.8.0.0/24 via 10.8.0.17 dev tun0
10.8.0.17 dev tun0 proto kernel scope link src 10.8.0.18
128.0.0.0/1 via 10.8.0.17 dev tun0
192.168.73.0/24 dev eth0 proto kernel scope link src 192.168.73.74 metric 1
IP.Address.Of.Your.OpenVPN.server via 192.168.73.1 dev eth0
(this is for a routed OpenVPN, but this does not matter). The important line is the last one: if you have anything like this, your packets will be routed through the OpenVPN.
You can also use an instrument like mtr
which pings
and traceroutes
simultaneously (and continuously!!) a given ip address, for instance:
mtr www.debian.org
If the OpenVPN is up, you will see the packets routed through the tunnel (tun0
or tap0
), not through your regular gateway.
As I said at the beginning, though, you do not need to do this: OpenVPN provides you with a mechanism to continuously check the status of the connection, and to restart it if need be:
--keepalive n m
A helper directive designed to simplify the expression of --ping and --ping-restart in server mode configurations. For example, --keepalive 10 60 expands as follows:
if mode server:
ping 10
ping-restart 120
push "ping 10"
push "ping-restart 60"
else
ping 10
ping-restart 60
You may use either keepalive
or any suitable combination of ping
, ping-restart
, ping-exit
, to control automatically the status of the connection.