Comments (7)
Hi Holger, I think that would be more of a task for the PiVPN developer to add the PersistentKeepalive
value to their script. We don't do anything with the PiVPN toolset except install it.
from dietpi.
Hi Michael,
ok, got it. Thanks for clarifying
from dietpi.
usually it should be there already pivpn/pivpn#1321
Can you check pivpn -d
for current values
from dietpi.
these values are missing this entry
from dietpi.
In our default WireGuard client configuration we have this:
# Uncomment the following, if you're behind a NAT and want the connection to be kept alive.
#PersistentKeepalive = 25
So it is commented. Do you think it makes sense to have this enabled by default?
Probably it would be also possible to add it to each [peer]
block of the server config, so the service keeps the connection to the clients active, regardless what the clients do. But this somehow sounds wrong 😄.
from dietpi.
Makes sense to set it as default, its recommended for NAT scenarios.
from dietpi.
In case of PiVPN, it was added as optional setting for unattended installation using the --unattended
command line parameter (which we support by creating this config as /boot/unattended_pivpn.conf
). The example config contains this setting, but since this is not meant to be used as is, but more for documentation reasons, one must add it manually. Not sure if the latest PiVPN UI probably has a dialog about it as well?
For our own WireGuard implementation, and in general, I wonder how common the case is that you want to access a client from the server. But it also allows to access one (remote) client from another client. It is also possible to set this on the server, but somehow this feels wrong: Each client should decide whether it wants its connection to stay active, and whether it is even needed (client behind NAT or not), and not the server enforcing it.
I was reading a bit, and I think in general the default (no keep alive) is a good default, and covers the most common use cases, where the client wants remote access to some LAN, to the server only (e.g. for Pi-hole), bypass an untrusted public AP, plain-HTTP connection or country limitations for streaming and such. If the client is even meant to be accessed from any other peer, and shall in case have its traffic and energy usage (mobile phone) increased with a permanent connection, is better to be intentionally decided by the admin respectively the user of each client only.
What I anyway would love to have is some more dialogs to create and configure one or more client configurations. Currently the config contains a bunch of comments with example configs and values for different use cases instead. A dialog and also dietpi.txt
settings to automate everything.
from dietpi.
Related Issues (20)
- DietPi-Software | Sonarr: Migrate to v4 HOT 8
- Open Beta v9.0 | Please help testing and hardening our upcoming release HOT 2
- DietPi-Update | SSH connection fails during APT update HOT 11
- FileBrowser installed can't login HOT 3
- Chromium in kiosk mode: autodetect screen resolution HOT 1
- Permit weekly backups in dietpi-backup HOT 4
- dietpi-update fails on Quartz64 Model A from 8.xx to 9.02 HOT 14
- Failed to stop avahi while installing Kodi HOT 3
- New Kodi version HOT 5
- Error update dietpi 8.25.1 to 9.0.2 raspberry pi 4 HOT 9
- Iteration v9.1 (2024-02-17)
- Upgrade to Dietpi 9 on RISC triggers cp bug HOT 3
- LXD brings network interfaces down on container stop HOT 18
- Image | Home Assistant Green HOT 4
- Mosquitto installation: Password file setting fails since v9.0 HOT 3
- Feature Request: Add option to integrate screen/byobu/etc. into console by default HOT 2
- Add OliveTin to Software
- dietpi_update problem HOT 6
- Raspberry PI 4 + DietPi = problem with "kiauh" HOT 15
- Raspberry Pi 5 | CPU frequency remains max with initial_turbo HOT 45
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dietpi.