stage env is down

mellerdaniel · May 27, 2020, 12:01pm

Ethernet, i’ve reset the entire network, it seems ok now.

but it makes little sense to me, since a device connected to the same switch was working just fine, same board type, same version (both os and app)

georgiats · May 27, 2020, 1:16pm

Hi there, what is the total amount of devices you use for testing? We highly recommend switching from the staging environment to the production BalenaCloud app, since there are no guarantees for the staging and it may well at any point be broken or even removed.

xginn8 · June 10, 2020, 6:30pm

Hi there,

I wanted to circle back and mention that even if you are using the staging environment to test new OS images, you can typically use balena-cli's join and leave commands to move that device after provisioning back to the production balenaCloud. This is the workflow we heavily recommend, as staging can become unresponsive at any time. Moving back to production helps to eliminate variables and sources of confusion. You can read more about that process here: https://github.com/balena-io/balena-cli-advanced-masterclass#22-moving-devices-between-environments.

Please let us know if we can help in any way.

mellerdaniel · June 15, 2020, 6:36am

Hi there.

for some reason i still encounter issues of connectivity, we moved to production, i have 1 system that is Heartbeat only, although when i connect with our debug i can ping google and looks like its online.
root@7649a5d:~# journalctl --no-pager --no-hostname -n 200 -a -u "openvpn*"journalctl --no-pager --no-hostname -n 200 -a -u “openvpn*”

– Logs begin at Mon 2020-06-15 06:22:41 UTC, end at Mon 2020-06-15 06:33:48 UTC. –

Jun 15 06:28:35 openvpn[2433]: Mon Jun 15 06:28:35 2020 /sbin/ip addr del dev resin-vpn local 10.240.25.89 peer 52.4.252.97

Jun 15 06:28:35 openvpn[2433]: ip: RTNETLINK answers: Operation not permitted

Jun 15 06:28:35 openvpn[2433]: Mon Jun 15 06:28:35 2020 Linux ip addr del failed: external program exited with error status: 2

Jun 15 06:28:35 openvpn[2433]: Mon Jun 15 06:28:35 2020 /etc/openvpn-misc/downscript.sh resin-vpn 1500 1555 10.240.25.89 52.4.252.97 init

Jun 15 06:28:36 openvpn[2433]: Mon Jun 15 06:28:36 2020 ROUTE_GATEWAY 10.0.0.138/255.255.255.0 IFACE=eth0 HWADDR=f8:dc:7a:3e:3a:23

Jun 15 06:28:36 openvpn[2433]: Mon Jun 15 06:28:36 2020 ERROR: Cannot ioctl TUNSETIFF resin-vpn: Operation not permitted (errno=1)

Jun 15 06:28:36 openvpn[2433]: Mon Jun 15 06:28:36 2020 Exiting due to fatal error

Jun 15 06:28:36 systemd[1]: e[0;1;39me[0;1;31me[0;1;39mopenvpn.service: Main process exited, code=exited, status=1/FAILUREe[0m

Jun 15 06:28:36 systemd[1]: e[0;1;39me[0;1;31me[0;1;39mopenvpn.service: Failed with result ‘exit-code’.e[0m

Jun 15 06:28:46 openvpn[2573]: Mon Jun 15 06:28:46 2020 WARNING: file ‘/var/volatile/vpn-auth’ is group or others accessible

Jun 15 06:28:46 openvpn[2573]: Mon Jun 15 06:28:46 2020 OpenVPN 2.4.7 aarch64-poky-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTI
NFO] [AEAD] built on Apr 13 2020

Jun 15 06:28:46 openvpn[2573]: Mon Jun 15 06:28:46 2020 library versions: OpenSSL 1.0.2p 14 Aug 2018, LZO 2.10

Jun 15 06:28:46 openvpn[2573]: Mon Jun 15 06:28:46 2020 NOTE: the current --script-security setting may allow this configuration to call
user-defined scripts

Jun 15 06:28:46 openvpn[2573]: Mon Jun 15 06:28:46 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]35.169.89.252:443

Jun 15 06:28:46 openvpn[2573]: Mon Jun 15 06:28:46 2020 Socket Buffers: R=[87380->87380] S=[16384->16384]

Jun 15 06:28:46 openvpn[2573]: Mon Jun 15 06:28:46 2020 Attempting to establish TCP connection with [AF_INET]35.169.89.252:443 [nonblock]

Jun 15 06:28:47 openvpn[2573]: Mon Jun 15 06:28:47 2020 TCP connection established with [AF_INET]35.169.89.252:443

Jun 15 06:28:47 openvpn[2573]: Mon Jun 15 06:28:47 2020 TCP_CLIENT link local: (not bound)

Jun 15 06:28:47 openvpn[2573]: Mon Jun 15 06:28:47 2020 TCP_CLIENT link remote: [AF_INET]35.169.89.252:443

Jun 15 06:28:47 openvpn[2573]: Mon Jun 15 06:28:47 2020 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-dela
y

Jun 15 06:28:47 openvpn[2573]: Mon Jun 15 06:28:47 2020 TLS: Initial packet from [AF_INET]35.169.89.252:443, sid=7958338a 3f223f77

Jun 15 06:28:47 openvpn[2573]: Mon Jun 15 06:28:47 2020 WARNING: this configuration may cache passwords in memory – use the auth-nocache
option to prevent this

Jun 15 06:28:48 openvpn[2573]: Mon Jun 15 06:28:48 2020 VERIFY OK: depth=1, C=AU, ST=Some-State, O=Internet Widgits Pty Ltd

Jun 15 06:28:48 openvpn[2573]: Mon Jun 15 06:28:48 2020 VERIFY KU OK

Jun 15 06:28:48 openvpn[2573]: Mon Jun 15 06:28:48 2020 Validating certificate extended key usage

Jun 15 06:28:48 openvpn[2573]: Mon Jun 15 06:28:48 2020 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Serve
r Authentication

Jun 15 06:28:48 openvpn[2573]: Mon Jun 15 06:28:48 2020 VERIFY EKU OK

Jun 15 06:28:48 openvpn[2573]: Mon Jun 15 06:28:48 2020 VERIFY OK: depth=0, CN=vpn.balena-cloud.com

Jun 15 06:28:48 openvpn[2573]: Mon Jun 15 06:28:48 2020 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bi
t RSA

Jun 15 06:28:48 openvpn[2573]: Mon Jun 15 06:28:48 2020 [vpn.balena-cloud.com] Peer Connection Initiated with [AF_INET]35.169.89.252:443

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 SENT CONTROL [vpn.balena-cloud.com]: ‘PUSH_REQUEST’ (status=1)

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 PUSH: Received control message: ‘PUSH_REPLY,sndbuf 0,rcvbuf 0,route 52.4.252.97,p
ing 10,ping-restart 60,socket-flags TCP_NODELAY,ifconfig 10.240.42.32 52.4.252.97,peer-id 0,cipher AES-256-GCM’

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 OPTIONS IMPORT: timers and/or timeouts modified

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 OPTIONS IMPORT: --sndbuf/–rcvbuf options modified

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 Socket Buffers: R=[369920->369920] S=[87040->87040]

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 OPTIONS IMPORT: --socket-flags option modified

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 Socket flags: TCP_NODELAY=1 succeeded

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 OPTIONS IMPORT: --ifconfig/up options modified

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 OPTIONS IMPORT: route options modified

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 OPTIONS IMPORT: peer-id set

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 OPTIONS IMPORT: adjusting link_mtu to 1627

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 OPTIONS IMPORT: data channel crypto options modified

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 Data Channel: using negotiated cipher ‘AES-256-GCM’

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 Outgoing Data Channel: Cipher ‘AES-256-GCM’ initialized with 256 bit key

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 Incoming Data Channel: Cipher ‘AES-256-GCM’ initialized with 256 bit key

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 ROUTE_GATEWAY 10.0.0.138/255.255.255.0 IFACE=eth0 HWADDR=f8:dc:7a:3e:3a:23

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 TUN/TAP device resin-vpn opened

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 TUN/TAP TX queue length set to 100

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 /sbin/ip link set dev resin-vpn up mtu 1500

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 /sbin/ip addr add dev resin-vpn local 10.240.42.32 peer 52.4.252.97

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 /etc/openvpn-misc/upscript.sh resin-vpn 1500 1555 10.240.42.32 52.4.252.97 init

Jun 15 06:28:49 openvpn[2573]: resin-ntp-config: Found config.json in /mnt/boot/config.json .

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 /sbin/ip route add 52.4.252.97/32 via 52.4.252.97

Jun 15 06:28:49 openvpn[2573]: ip: RTNETLINK answers: File exists

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 ERROR: Linux route add command failed: external program exited with error status:
2

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 GID set to openvpn

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 UID set to openvpn

Jun 15 06:28:49 openvpn[2573]: Mon Jun 15 06:28:49 2020 Initialization Sequence Completed

Jun 15 06:29:49 openvpn[2573]: Mon Jun 15 06:29:49 2020 [vpn.balena-cloud.com] Inactivity timeout (–ping-restart), restarting

Jun 15 06:29:49 openvpn[2573]: Mon Jun 15 06:29:49 2020 /etc/openvpn-misc/downscript.sh resin-vpn 1500 1555 10.240.42.32 52.4.252.97 rest
art

Jun 15 06:29:49 openvpn[2573]: Mon Jun 15 06:29:49 2020 SIGUSR1[soft,ping-restart] received, process restarting

Jun 15 06:29:49 openvpn[2573]: Mon Jun 15 06:29:49 2020 Restart pause, 5 second(s)

Jun 15 06:29:54 openvpn[2573]: Mon Jun 15 06:29:54 2020 NOTE: the current --script-security setting may allow this configuration to call
user-defined scripts

Jun 15 06:29:54 openvpn[2573]: Mon Jun 15 06:29:54 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]35.169.89.252:443

Jun 15 06:29:54 openvpn[2573]: Mon Jun 15 06:29:54 2020 Socket Buffers: R=[87380->87380] S=[16384->16384]

Jun 15 06:29:54 openvpn[2573]: Mon Jun 15 06:29:54 2020 Attempting to establish TCP connection with [AF_INET]35.169.89.252:443 [nonblock]

Jun 15 06:29:55 openvpn[2573]: Mon Jun 15 06:29:55 2020 TCP connection established with [AF_INET]35.169.89.252:443

Jun 15 06:29:55 openvpn[2573]: Mon Jun 15 06:29:55 2020 Socket flags: TCP_NODELAY=1 succeeded

Jun 15 06:29:55 openvpn[2573]: Mon Jun 15 06:29:55 2020 TCP_CLIENT link local: (not bound)

Jun 15 06:29:55 openvpn[2573]: Mon Jun 15 06:29:55 2020 TCP_CLIENT link remote: [AF_INET]35.169.89.252:443

Jun 15 06:29:56 openvpn[2573]: Mon Jun 15 06:29:56 2020 TLS: Initial packet from [AF_INET]35.169.89.252:443, sid=166dd919 439be626

Jun 15 06:29:56 openvpn[2573]: Mon Jun 15 06:29:56 2020 VERIFY OK: depth=1, C=AU, ST=Some-State, O=Internet Widgits Pty Ltd

Jun 15 06:29:56 openvpn[2573]: Mon Jun 15 06:29:56 2020 VERIFY KU OK

Jun 15 06:29:56 openvpn[2573]: Mon Jun 15 06:29:56 2020 Validating certificate extended key usage

Jun 15 06:29:56 openvpn[2573]: Mon Jun 15 06:29:56 2020 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Serve
r Authentication

Jun 15 06:29:56 openvpn[2573]: Mon Jun 15 06:29:56 2020 VERIFY EKU OK

Jun 15 06:29:56 openvpn[2573]: Mon Jun 15 06:29:56 2020 VERIFY OK: depth=0, CN=vpn.balena-cloud.com

Jun 15 06:29:56 openvpn[2573]: Mon Jun 15 06:29:56 2020 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bi
t RSA

Jun 15 06:29:56 openvpn[2573]: Mon Jun 15 06:29:56 2020 [vpn.balena-cloud.com] Peer Connection Initiated with [AF_INET]35.169.89.252:443

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 SENT CONTROL [vpn.balena-cloud.com]: ‘PUSH_REQUEST’ (status=1)

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 PUSH: Received control message: ‘PUSH_REPLY,sndbuf 0,rcvbuf 0,route 52.4.252.97,p
ing 10,ping-restart 60,socket-flags TCP_NODELAY,ifconfig 10.240.13.229 52.4.252.97,peer-id 0,cipher AES-256-GCM’

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 OPTIONS IMPORT: timers and/or timeouts modified

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 OPTIONS IMPORT: --sndbuf/–rcvbuf options modified

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 Socket Buffers: R=[369920->369920] S=[87040->87040]

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 OPTIONS IMPORT: --socket-flags option modified

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 Socket flags: TCP_NODELAY=1 succeeded

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 OPTIONS IMPORT: --ifconfig/up options modified

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 OPTIONS IMPORT: route options modified

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 OPTIONS IMPORT: peer-id set

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 OPTIONS IMPORT: adjusting link_mtu to 1627

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 OPTIONS IMPORT: data channel crypto options modified

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 Data Channel: using negotiated cipher ‘AES-256-GCM’

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 Outgoing Data Channel: Cipher ‘AES-256-GCM’ initialized with 256 bit key

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 Incoming Data Channel: Cipher ‘AES-256-GCM’ initialized with 256 bit key

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 Preserving previous TUN/TAP instance: resin-vpn

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 /etc/openvpn-misc/upscript.sh resin-vpn 1500 1555 10.240.42.32 52.4.252.97 restar
t

Jun 15 06:29:57 openvpn[2573]: resin-ntp-config: Found config.json in /mnt/boot/config.json .

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP de
vice.

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 Closing TUN/TAP interface

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 /sbin/ip addr del dev resin-vpn local 10.240.42.32 peer 52.4.252.97

Jun 15 06:29:57 openvpn[2573]: ip: RTNETLINK answers: Operation not permitted

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 Linux ip addr del failed: external program exited with error status: 2

Jun 15 06:29:57 openvpn[2573]: Mon Jun 15 06:29:57 2020 /etc/openvpn-misc/downscript.sh resin-vpn 1500 1555 10.240.42.32 52.4.252.97 init

Jun 15 06:29:58 openvpn[2573]: Mon Jun 15 06:29:58 2020 ROUTE_GATEWAY 10.0.0.138/255.255.255.0 IFACE=eth0 HWADDR=f8:dc:7a:3e:3a:23

Jun 15 06:29:58 openvpn[2573]: Mon Jun 15 06:29:58 2020 ERROR: Cannot ioctl TUNSETIFF resin-vpn: Operation not permitted (errno=1)

Jun 15 06:29:58 openvpn[2573]: Mon Jun 15 06:29:58 2020 Exiting due to fatal error

Jun 15 06:29:58 systemd[1]: e[0;1;39me[0;1;31me[0;1;39mopenvpn.service: Main process exited, code=exited, status=1/FAILUREe[0m

Jun 15 06:29:58 systemd[1]: e[0;1;39me[0;1;31me[0;1;39mopenvpn.service: Failed with result ‘exit-code’.e[0m

Jun 15 06:30:08 openvpn[2871]: Mon Jun 15 06:30:08 2020 WARNING: file ‘/var/volatile/vpn-auth’ is group or others accessible

Jun 15 06:30:08 openvpn[2871]: Mon Jun 15 06:30:08 2020 OpenVPN 2.4.7 aarch64-poky-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTI
NFO] [AEAD] built on Apr 13 2020

Jun 15 06:30:08 openvpn[2871]: Mon Jun 15 06:30:08 2020 library versions: OpenSSL 1.0.2p 14 Aug 2018, LZO 2.10

Jun 15 06:30:08 openvpn[2871]: Mon Jun 15 06:30:08 2020 NOTE: the current --script-security setting may allow this configuration to call
user-defined scripts

Jun 15 06:30:08 openvpn[2871]: Mon Jun 15 06:30:08 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]35.169.89.252:443

Jun 15 06:30:08 openvpn[2871]: Mon Jun 15 06:30:08 2020 Socket Buffers: R=[87380->87380] S=[16384->16384]

Jun 15 06:30:08 openvpn[2871]: Mon Jun 15 06:30:08 2020 Attempting to establish TCP connection with [AF_INET]35.169.89.252:443 [nonblock]

Jun 15 06:31:13 openvpn[2871]: Mon Jun 15 06:31:13 2020 TCP connection established with [AF_INET]35.169.89.252:443

Jun 15 06:31:13 openvpn[2871]: Mon Jun 15 06:31:13 2020 TCP_CLIENT link local: (not bound)

Jun 15 06:31:13 openvpn[2871]: Mon Jun 15 06:31:13 2020 TCP_CLIENT link remote: [AF_INET]35.169.89.252:443

Jun 15 06:31:13 openvpn[2871]: Mon Jun 15 06:31:13 2020 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-dela
y

Jun 15 06:31:14 openvpn[2871]: Mon Jun 15 06:31:14 2020 TLS: Initial packet from [AF_INET]35.169.89.252:443, sid=33721199 53dfce6d

Jun 15 06:31:14 openvpn[2871]: Mon Jun 15 06:31:14 2020 WARNING: this configuration may cache passwords in memory – use the auth-nocache
option to prevent this

Jun 15 06:31:14 openvpn[2871]: Mon Jun 15 06:31:14 2020 VERIFY OK: depth=1, C=AU, ST=Some-State, O=Internet Widgits Pty Ltd

Jun 15 06:31:14 openvpn[2871]: Mon Jun 15 06:31:14 2020 VERIFY KU OK

Jun 15 06:31:14 openvpn[2871]: Mon Jun 15 06:31:14 2020 Validating certificate extended key usage

Jun 15 06:31:14 openvpn[2871]: Mon Jun 15 06:31:14 2020 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Serve
r Authentication

Jun 15 06:31:14 openvpn[2871]: Mon Jun 15 06:31:14 2020 VERIFY EKU OK

Jun 15 06:31:14 openvpn[2871]: Mon Jun 15 06:31:14 2020 VERIFY OK: depth=0, CN=vpn.balena-cloud.com

Jun 15 06:31:15 openvpn[2871]: Mon Jun 15 06:31:15 2020 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bi
t RSA

Jun 15 06:31:15 openvpn[2871]: Mon Jun 15 06:31:15 2020 [vpn.balena-cloud.com] Peer Connection Initiated with [AF_INET]35.169.89.252:443

Jun 15 06:31:16 openvpn[2871]: Mon Jun 15 06:31:16 2020 SENT CONTROL [vpn.balena-cloud.com]: ‘PUSH_REQUEST’ (status=1)

Jun 15 06:31:21 openvpn[2871]: Mon Jun 15 06:31:21 2020 SENT CONTROL [vpn.balena-cloud.com]: ‘PUSH_REQUEST’ (status=1)

Jun 15 06:31:26 openvpn[2871]: Mon Jun 15 06:31:26 2020 SENT CONTROL [vpn.balena-cloud.com]: ‘PUSH_REQUEST’ (status=1)

Jun 15 06:31:31 openvpn[2871]: Mon Jun 15 06:31:31 2020 SENT CONTROL [vpn.balena-cloud.com]: ‘PUSH_REQUEST’ (status=1)

Jun 15 06:31:36 openvpn[2871]: Mon Jun 15 06:31:36 2020 SENT CONTROL [vpn.balena-cloud.com]: ‘PUSH_REQUEST’ (status=1)

Jun 15 06:31:41 openvpn[2871]: Mon Jun 15 06:31:41 2020 SENT CONTROL [vpn.balena-cloud.com]: ‘PUSH_REQUEST’ (status=1)

Jun 15 06:31:46 openvpn[2871]: Mon Jun 15 06:31:46 2020 SENT CONTROL [vpn.balena-cloud.com]: ‘PUSH_REQUEST’ (status=1)

Jun 15 06:31:51 openvpn[2871]: Mon Jun 15 06:31:51 2020 SENT CONTROL [vpn.balena-cloud.com]: ‘PUSH_REQUEST’ (status=1)

Jun 15 06:31:56 openvpn[2871]: Mon Jun 15 06:31:56 2020 SENT CONTROL [vpn.balena-cloud.com]: ‘PUSH_REQUEST’ (status=1)

Jun 15 06:32:01 openvpn[2871]: Mon Jun 15 06:32:01 2020 SENT CONTROL [vpn.balena-cloud.com]: ‘PUSH_REQUEST’ (status=1)

Jun 15 06:32:06 openvpn[2871]: Mon Jun 15 06:32:06 2020 SENT CONTROL [vpn.balena-cloud.com]: ‘PUSH_REQUEST’ (status=1)

Jun 15 06:32:11 openvpn[2871]: Mon Jun 15 06:32:11 2020 SENT CONTROL [vpn.balena-cloud.com]: ‘PUSH_REQUEST’ (status=1)

Jun 15 06:32:16 openvpn[2871]: Mon Jun 15 06:32:16 2020 No reply from server after sending 12 push requests

Jun 15 06:32:16 openvpn[2871]: Mon Jun 15 06:32:16 2020 SIGUSR1[soft,no-push-reply] received, process restarting

Jun 15 06:32:16 openvpn[2871]: Mon Jun 15 06:32:16 2020 Restart pause, 5 second(s)

Jun 15 06:32:21 openvpn[2871]: Mon Jun 15 06:32:21 2020 NOTE: the current --script-security setting may allow this configuration to call
user-defined scripts

Jun 15 06:32:21 openvpn[2871]: Mon Jun 15 06:32:21 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]35.169.76.143:443

Jun 15 06:32:21 openvpn[2871]: Mon Jun 15 06:32:21 2020 Socket Buffers: R=[87380->87380] S=[16384->16384]

Jun 15 06:32:21 openvpn[2871]: Mon Jun 15 06:32:21 2020 Attempting to establish TCP connection with [AF_INET]35.169.76.143:443 [nonblock]

Jun 15 06:32:22 openvpn[2871]: Mon Jun 15 06:32:22 2020 TCP connection established with [AF_INET]35.169.76.143:443

Jun 15 06:32:22 openvpn[2871]: Mon Jun 15 06:32:22 2020 TCP_CLIENT link local: (not bound)

Jun 15 06:32:22 openvpn[2871]: Mon Jun 15 06:32:22 2020 TCP_CLIENT link remote: [AF_INET]35.169.76.143:443

Jun 15 06:32:22 openvpn[2871]: Mon Jun 15 06:32:22 2020 TLS: Initial packet from [AF_INET]35.169.76.143:443, sid=7c403c46 d160e2ef

Jun 15 06:32:22 openvpn[2871]: Mon Jun 15 06:32:22 2020 VERIFY OK: depth=1, C=AU, ST=Some-State, O=Internet Widgits Pty Ltd

Jun 15 06:32:22 openvpn[2871]: Mon Jun 15 06:32:22 2020 VERIFY KU OK

Jun 15 06:32:22 openvpn[2871]: Mon Jun 15 06:32:22 2020 Validating certificate extended key usage

Jun 15 06:32:22 openvpn[2871]: Mon Jun 15 06:32:22 2020 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Serve
r Authentication

Jun 15 06:32:22 openvpn[2871]: Mon Jun 15 06:32:22 2020 VERIFY EKU OK

Jun 15 06:32:22 openvpn[2871]: Mon Jun 15 06:32:22 2020 VERIFY OK: depth=0, CN=vpn.balena-cloud.com

Jun 15 06:32:23 openvpn[2871]: Mon Jun 15 06:32:23 2020 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bi
t RSA

Jun 15 06:32:23 openvpn[2871]: Mon Jun 15 06:32:23 2020 [vpn.balena-cloud.com] Peer Connection Initiated with [AF_INET]35.169.76.143:443

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 SENT CONTROL [vpn.balena-cloud.com]: ‘PUSH_REQUEST’ (status=1)

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 PUSH: Received control message: ‘PUSH_REPLY,sndbuf 0,rcvbuf 0,route 52.4.252.97,p
ing 10,ping-restart 60,socket-flags TCP_NODELAY,ifconfig 10.240.13.229 52.4.252.97,peer-id 0,cipher AES-256-GCM’

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 OPTIONS IMPORT: timers and/or timeouts modified

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 OPTIONS IMPORT: --sndbuf/–rcvbuf options modified

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 Socket Buffers: R=[369920->369920] S=[87040->87040]

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 OPTIONS IMPORT: --socket-flags option modified

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 Socket flags: TCP_NODELAY=1 succeeded

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 OPTIONS IMPORT: --ifconfig/up options modified

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 OPTIONS IMPORT: route options modified

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 OPTIONS IMPORT: peer-id set

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 OPTIONS IMPORT: adjusting link_mtu to 1627

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 OPTIONS IMPORT: data channel crypto options modified

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 Data Channel: using negotiated cipher ‘AES-256-GCM’

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 Outgoing Data Channel: Cipher ‘AES-256-GCM’ initialized with 256 bit key

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 Incoming Data Channel: Cipher ‘AES-256-GCM’ initialized with 256 bit key

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 ROUTE_GATEWAY 10.0.0.138/255.255.255.0 IFACE=eth0 HWADDR=f8:dc:7a:3e:3a:23

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 TUN/TAP device resin-vpn opened

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 TUN/TAP TX queue length set to 100

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 /sbin/ip link set dev resin-vpn up mtu 1500

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 /sbin/ip addr add dev resin-vpn local 10.240.13.229 peer 52.4.252.97

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 /etc/openvpn-misc/upscript.sh resin-vpn 1500 1555 10.240.13.229 52.4.252.97 init

Jun 15 06:32:24 openvpn[2871]: resin-ntp-config: Found config.json in /mnt/boot/config.json .

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 /sbin/ip route add 52.4.252.97/32 via 52.4.252.97

Jun 15 06:32:24 openvpn[2871]: ip: RTNETLINK answers: File exists

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 ERROR: Linux route add command failed: external program exited with error status:
2

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 GID set to openvpn

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 UID set to openvpn

Jun 15 06:32:24 openvpn[2871]: Mon Jun 15 06:32:24 2020 Initialization Sequence Completed

Jun 15 06:33:24 openvpn[2871]: Mon Jun 15 06:33:24 2020 [vpn.balena-cloud.com] Inactivity timeout (–ping-restart), restarting

Jun 15 06:33:24 openvpn[2871]: Mon Jun 15 06:33:24 2020 /etc/openvpn-misc/downscript.sh resin-vpn 1500 1555 10.240.13.229 52.4.252.97 res
tart

Jun 15 06:33:24 openvpn[2871]: Mon Jun 15 06:33:24 2020 SIGUSR1[soft,ping-restart] received, process restarting

Jun 15 06:33:24 openvpn[2871]: Mon Jun 15 06:33:24 2020 Restart pause, 5 second(s)

Jun 15 06:33:29 openvpn[2871]: Mon Jun 15 06:33:29 2020 NOTE: the current --script-security setting may allow this configuration to call
user-defined scripts

Jun 15 06:33:29 openvpn[2871]: Mon Jun 15 06:33:29 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]35.169.76.143:443

iamsolankiamit · June 15, 2020, 9:39am

Hi, from the vpn logs it does looks like the VPN service is not able to start. To debug it better, can you help us with the device type, os version, supervisor version and device diagnostics.

mellerdaniel · June 15, 2020, 10:21am

device type = Variscite DART-MX8M Mini PLT
os version = [balenaOS 2.50.1+rev1]
supervisor = 11.4.10
how to run diagnostics not from the dashboard?

iamsolankiamit · June 15, 2020, 10:28am

Hi, it can only be run through dashboard. Since you moved it to production, you should be able to see it.

mellerdaniel · June 15, 2020, 10:30am

yes, but if the device is not connected to the internet, i’m unable to run diagonstics

jviotti · June 15, 2020, 12:55pm

You can run the device diagnostics directly on the device with the scripts at https://github.com/balena-io/device-diagnostics

mellerdaniel · June 15, 2020, 1:40pm

076ec0496cf6a9a3ceced909ea437399_2020.06.15_13.38.56+0000.log (1.5 MB)

rahul-thakoor · June 16, 2020, 11:50am

Hey there @mellerdaniel ,

for some reason i still encounter issues of connectivity, we moved to production, i have 1 system that is Heartbeat only, although when i connect with our debug i can ping google and looks like its online.

Can you please confirm that you are seeing this issue only with devices that have been moved from staging environment to the production environment?

Do you have other devices in the production app that were added directly? Are they having this connectivity issue?

Thanks .

mellerdaniel · June 21, 2020, 7:11am

hi, we continue in private support for this, ill update if the manner was fixed

Topic		Replies	Views
Start Terminal - new issue? Product support	9	858	January 19, 2017
New build available, but devices are not downloading it Product support	22	2225	March 16, 2018
Issues Dashboard Product support	3	562	May 4, 2018
Issue Dashboard Product support support	1	384	June 15, 2018
Upgrade from v1 to v2 failed Product support	16	885	February 18, 2018

stage env is down

Related topics