(VPN)虚拟专用网络的功能是:在公用网络上建立专用网络,进行加密通讯。在企业网络中有广泛应用。VPN网关通过对数据包的加密和数据包目标地址的转换实现远程访问。VPN有多种分类方式,主要是按协议进行分类。VPN可通过服务器、硬件、软件等多种方式实现。
问题描述:51VPN连着时间过长会出现类似休眠的状态,因为之前也总是有碰到类似的问题,公司服务器出现这种现象尤为明显,一直都以为是vpn服务端限制了访问,咨询客服未能提供原因,问询了一个做网络协议的同学:认为可能是超时连接导致的,对网卡的抓包测试证实如此,也就是说如果机器长时间未与VPN的服务器通信,客户端或者服务端的防火墙等一些节点会block这个通道,但连接一直存在,就导致什么网站也ping不通,访问不了,vpn也就休眠了。
解决方案:vpn连接定时检测 + 定时轮询发心跳包,保证vpn网络的活跃,已经打包成了python文件(ubuntu版本),经测试,可以长时间保持VPN通信。
python代码(修改你的vpn list后可以直接使用):
import os
import time
import commands
import random
con_vpn_times = 10
ping_time_freq = 20
ping_max_retry_time = 3
destination = "google.com"
vpn = ["vpn-2", "vpn-3", "vpn-6", "vpn-7"]
print "---------Auto connect to VPN function begin-----------"
print "Start at ", time.strftime('%Y-%m-%d %H:%M:%S')
print "We check the status of network every %s second" % (ping_time_freq)
print
cmd_ping = "ping -c 3 -W 10 %s" % (destination)
cmd_show_vpn = "nmcli connection show --active"
ping_retry_time = 0
while True:
# different ubuntu version:
# cmd_show_vpn = "nmcli con status"
#ping
print cmd_ping
result_ping = os.system(cmd_ping)
if 0 != result_ping and ping_retry_time < ping_max_retry_time:
ping_retry_time += 1
print "ping %s faild %s times\n\n\n" % (destination, ping_retry_time)
time.sleep(1)
continue
elif 0 != result_ping:
ping_retry_time = 0
print time.strftime('%Y-%m-%d %H:%M:%S'), "ping %s faild" % (destination)
#show vpn status
while True:
print cmd_show_vpn
result_show_vpn = commands.getstatusoutput(cmd_show_vpn)
if 0 == result_show_vpn[0]:
break
# print result_show_vpn
if 0 == result_show_vpn[0]:
if "vpn" not in result_show_vpn[1]:
print time.strftime('%Y-%m-%d %H:%M:%S'), " The VPN was broken"
con_timed = 0
while True:
rand_vpn = vpn[random.randint(0,len(vpn)-1)]
cmd_con = "nmcli con up id %s" % (rand_vpn)
print cmd_con
result_up_status = os.system(cmd_con)
time.sleep(2)
con_timed += 1
if 0 == result_up_status or con_timed >= con_vpn_times:
if 0 == result_up_status:
print time.strftime('%Y-%m-%d %H:%M:%S'), " Connect to ", rand_vpn
print
else:
print time.strftime('%Y-%m-%d %H:%M:%S'), "can't Connect to ", rand_vpn
break
else:
link_list = result_show_vpn[1].split("\n")
for link in link_list:
if "vpn" in link:
dead_vpn = link.split(" ")[0]
cmd_down_vpn = "nmcli con down id %s" % (dead_vpn)
while True:
print cmd_down_vpn
result_kill_dead_vpn = os.system(cmd_down_vpn)
if 0 == result_kill_dead_vpn:
break
else:
ping_retry_time = 0
print "everything was normal\n\n\n"
time.sleep(ping_time_freq)