Hi! We have a product which effectively is a VPN implemented as Packet Tunnel Provider. The one problem we have is strange enough to ask here for help. We have set the disconnectOnSleep to true for our NETunnelProviderProtocol instance, and we are manually reconnecting the tunnel from system did wake callback.
Here we have our problem: immediately in system wake callback(NSWorkspace.didWakeNotification), activation of tunnel fails almost always. It goes to connecting (NEVPNStatus), but just after that it goes to disconnecting, and stays disconnected after that.
I decided, that system just not ready to connect to the VPN right after wake. I've found no other callbacks, so the only decision was to add retry after a small delay. The retry after 1 second delay works fine for us on Big Sur.
Starting with macOS Monterey we have again reports about this problem from our users, now in the logs I can see that it can't reconnect after 1 second of delay, and then even after 5 seconds of delay!
It reconnects fine after some time later (seconds, not minutes), but it is definitely bad behaviour.
So I have questions:
- Is my understanding correct, and system can't reactivate VPN tunnel just in the didWake callback, so we need to wait some time?
- If (1) is true, how long we should wait? Is there any other callback from system, like "Hey, I'm ready now for VPN connections!"?
- If (1) is false, what could I do next to create stable user experience?
This TSI was refunded back to your account today because the Bug Report (r. 88977168) you opened already had the correct response on it.
For those following along, your provider disconnected completely because disconnectOnSleep
was set to true
instead of false
and this completely tears down the session.
If this does not solve the issue, please follow back up on your TSI and I will pick it up again.
Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com