Error while starting opensm - rdma

I'm working on Accelio on top of softRoCE.
Ib devices configured -
# ibv_devices
device node GUID
------ ----------------
rxe1 821f02fffef91598
rxe0 d6bed9fffebe94af
error while running the accelio client -
# xio_ow_client
=============================================
Server Address : 127.0.0.1
Server Port : 2061
Transport : rdma
Header Length : 32
Data Length : 32
Connection Index : 0
CPU Affinity : 0
Finite run : 0
=============================================
**** starting ...
session event: connection error. reason: No such device
# rping -c
rdma_resolve_route: No such device
Hence checked the opensm status -
# /etc/init.d/opensmd status
opensm is stopped
# /etc/init.d/opensmd start
opensm start [FAILED]
# tail -f /var/log/opensm.log
Jul 09 15:04:45 655213 [AA4F3700] 0x03 -> OpenSM 3.3.7
Jul 09 15:04:45 692960 [AA4F3700] 0x80 -> OpenSM 3.3.7
Jul 09 15:04:45 693149 [AA4F3700] 0x02 -> osm_vendor_init: 1000 pending umads specified
Jul 09 15:04:45 797977 [AA4F3700] 0x80 -> Entering DISCOVERING state
Jul 09 15:04:45 799152 [AA4F3700] 0x02 -> osm_vendor_bind: Binding to port 0xd6bed9fffebe94af
Jul 09 15:04:45 800414 [AA4F3700] 0x01 -> osm_vendor_bind: ERR 5426: Unable to register class 129 version 1
Jul 09 15:04:45 800422 [AA4F3700] 0x01 -> osm_sm_mad_ctrl_bind: ERR 3118: Vendor specific bind failed
Jul 09 15:04:45 800425 [AA4F3700] 0x01 -> osm_sm_bind: ERR 2E10: SM MAD Controller bind failed (IB_ERROR)
Jul 09 15:04:45 800430 [AA4F3700] 0x01 -> osm_sa_mad_ctrl_unbind: ERR 1A11: No previous bind
Jul 09 15:04:45 829702 [AA4F3700] 0x80 -> Exiting SM
I'll appreciate some pointers so that I can understand where I am going wrong.


OpenSM is not needed for RoCE devices. Therefore failing to start OpenSM when you only have RoCE devices is to be expected.
rping failed to run due to you not specifying a server to address to connect to. Assuming your machine's RoCE capable interfaces are at IPs 192.168.1.2 (server) and 192.168.1.3 (client), you should run the commands as following:
server$ rping -s -a 192.168.1.2
client$ rping -c -a 192.168.1.2
Thanks,
--Shachar

Related

Cannot access apache server from foreign ip address

I have a site running on my computer using Apache 2.4 which I can easily access by using my local ipv4 address and respective port 80. The port 80 is bound to port 22*** using portmap.io and is configured with OpenVpn/tcp on my computer.I have allowed access to Apache HTTP server and Apache Server Monitor through the firewall.I have also increased keepAlive timeout in apche server to 600s, max connections.i have Listen 80 and LISTEN 22*** and ServerName as http://awm-22***.portmap.host:22*** in my httpd.conf file.You can look into for more options here.Apache handler configuration
I am using PHP as backend language.
Since the port 80 is bound to port 22470, whenever I try access my site from another device(which also uses the same wifi network as the computer running the server) using the local ipv4 address of my computer(which is running the server) and port 80 i.e
192.168..:80, it automatically redirects the browser to 192.168..:22*** and I can access my site with no difficuty. Access log in apcache server:
192.168.**.** - - [15/Dec/2022:10:08:02 +0530] "GET /abc%20xyz%20klm/ HTTP/1.1" 200 12049
192.168.**.** - - [15/Dec/2022:10:08:02 +0530] "GET /SPR/b/get_captcha.php?rand=29842778 HTTP/1.1" 200 4057
But when I try access the same site from another device(which also uses the same wifi network as the computer running the server) using the ipv4 address provided by OpenVpn to my computer(which is running the server):10.9..* and port 80 i.e 10.9..*:80, it shows TOOK TOO LONG TO RESPPOND error on the browser.But the browser's header has the following:
http://10.9.**.**4:22470/abc%20xyz%20klm/
Then why is it not loading the page. No log in apache access log file.
When I try access the same site from another device(which also uses the same wifi network as the computer running the server) using the url provided to me by portmap.io i.e: http://awm-22***.portmap.host:22***/,
The server takes too long to respond error is shown in the browser.
Access log in apcache server:
10.9.0.1 - - [15/Dec/2022:10:21:33 +0530] "GET / HTTP/1.0" 302 -
10.9.0.1 - - [15/Dec/2022:10:21:34 +0530] "GET /abc%20xyz%20klm HTTP/1.0" 301 256
OpenVpn Log:
Thu Dec 15 10:32:30 2022 SIGHUP[hard,] received, process restarting
Thu Dec 15 10:32:30 2022 --cipher is not set. Previous OpenVPN version defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
Thu Dec 15 10:32:30 2022 OpenVPN 2.5.7 [git:release/2.5/3d792ae9557b959e] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Oct 28 2022
Thu Dec 15 10:32:30 2022 Windows version 10.0 (Windows 10 or greater) 64bit
Thu Dec 15 10:32:30 2022 library versions: OpenSSL 1.1.1o 3 May 2022, LZO 2.10
Thu Dec 15 10:32:35 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]193.161.193.99:1194
Thu Dec 15 10:32:35 2022 Attempting to establish TCP connection with [AF_INET]193.161.193.99:1194 [nonblock]
Thu Dec 15 10:32:35 2022 TCP connection established with [AF_INET]193.161.193.99:1194
Thu Dec 15 10:32:35 2022 TCP_CLIENT link local: (not bound)
Thu Dec 15 10:32:35 2022 TCP_CLIENT link remote: [AF_INET]193.161.193.99:1194
Thu Dec 15 10:32:41 2022 [193.161.193.99] Peer Connection Initiated with [AF_INET]193.161.193.99:1194
Thu Dec 15 10:32:42 2022 WARNING: INSECURE cipher (BF-CBC) with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC). Support for these insecure ciphers will be removed in OpenVPN 2.7.
Thu Dec 15 10:32:42 2022 WARNING: INSECURE cipher (BF-CBC) with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC). Support for these insecure ciphers will be removed in OpenVPN 2.7.
Thu Dec 15 10:32:42 2022 WARNING: cipher with small block size in use, reducing reneg-bytes to 64MB to mitigate SWEET32 attacks.
Thu Dec 15 10:32:42 2022 open_tun
Thu Dec 15 10:32:42 2022 tap-windows6 device [OpenVPN TAP-Windows6] opened
Thu Dec 15 10:32:42 2022 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.9.**.234/255.255.255.252 on interface {798F492A-574C-4BC6-87C5-A62C6D058EC1} [DHCP-serv: 10.9.**.233, lease-time: 31536000]
Thu Dec 15 10:32:42 2022 Successful ARP Flush on interface [12] {798F492A-574C-4BC6-87C5-A62C6D058EC1}
Thu Dec 15 10:32:42 2022 IPv4 MTU set to 1500 on interface 12 using service
These are my firewall rules:
Inbound rules
Inbound rule for Port 80 Outbound rules
Firewall monitoring Domain and Private Profiles
Firewall monitoring Public Profile
What is causing the problem? Any solution will be of great help. Thanks in advance.

PiVpn does not route traffic to LAN

I am using PiVPN on my Raspberry Pi.
It connects correctly but it does not route traffic to my LAN.
My topology is the following:
LAN: 192.168.1.0/24
VPN network: 10.192.125.0/24
Laptop connected to mobile (192.168.43.1) via tethering
Laptop attempting to connect to VPN
server.conf:
dev tun
proto udp
port 1194
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/raspberrypi_f55e286b-94c2-4b4c-b43b-a5e53bf7e7d5.crt
key /etc/openvpn/easy-rsa/pki/private/raspberrypi_f55e286b-94c2-4b4c-b43b-a5e53bf7e7d5.key
dh /etc/openvpn/easy-rsa/pki/dh2048.pem
topology subnet
server 10.192.125.0 255.255.255.0
# Set your primary domain name server address for clients
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 1.0.0.1"
# Prevent DNS leaks on Windows
push "block-outside-dns"
# Override the Client default gateway by using 0.0.0.0/1 and
# 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
# overriding but not wiping out the original default gateway.
push "redirect-gateway def1"
# push "route 192.168.1.0 255.255.255.0"
client-to-client
client-config-dir /etc/openvpn/ccd
keepalive 15 120
remote-cert-tls client
tls-version-min 1.2
tls-auth /etc/openvpn/easy-rsa/pki/ta.key 0
cipher AES-256-CBC
auth SHA256
user openvpn
group openvpn
persist-key
persist-tun
crl-verify /etc/openvpn/crl.pem
status /var/log/openvpn-status.log 20
status-version 3
syslog
verb 4
mssfix 1350
This is my OVPN client conf:
client
dev tun
proto udp
remote <my_host> 1194
resolv-retry infinite
nobind
key-direction 1
remote-cert-tls server
tls-version-min 1.2
verify-x509-name raspberrypi_f55e286b-94c2-4b4c-b43b-a5e53bf7e7d5 name
cipher AES-256-CBC
auth SHA256
auth-nocache
verb 3
<ca>
...
</ca>
<cert>
...
</cert>
<key>
...
</key>
<tls-auth>
...
</tls-auth>
After connecting, I have the following routing table on the client:
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.192.125.1 128.0.0.0 UG 0 0 0 tun0
0.0.0.0 192.168.43.1 0.0.0.0 UG 600 0 0 wlp1s0
10.192.125.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0
<PUBLIC_IP> 192.168.43.1 255.255.255.255 UGH 0 0 0 wlp1s0
128.0.0.0 10.192.125.1 128.0.0.0 UG 0 0 0 tun0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlp1s0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
172.23.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker_gwbridge
192.168.43.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp1s0
Here I also tried explicitly pushing a route to 192.168.1.0, with no noticeable change.
On the OpenVPN server I have the following IPTABLES configuration:
Chain FORWARD (policy DROP)
target prot opt source destination
DOCKER-USER all -- anywhere anywhere
DOCKER-INGRESS all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-1 all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere 10.192.125.0/24 ctstate RELATED,ESTABLISHED /* openvpn-forward-rule */
ACCEPT all -- 10.192.125.0/24 anywhere /* openvpn-forward-rule */
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
DROP all -- anywhere anywhere
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 172.17.0.0/16 anywhere
MASQUERADE all -- 10.192.125.0/24 anywhere /* openvpn-nat-rule */
MASQUERADE all -- anywhere anywhere ADDRTYPE match src-type LOCAL
MASQUERADE all -- 172.19.0.0/16 anywhere
I enabled forwarding on the kernel by adding net.ipv4.ip_forward=1 on sysctl.conf.
When tracerouting a host from the LAN, I see it uses the OpenVPN server as the gateway.
# traceroute 192.168.1.101
traceroute to 192.168.1.101 (192.168.1.101), 30 hops max, 60 byte packets
1 10.192.125.1 (10.192.125.1) 163.487 ms 163.746 ms 163.754 ms
2 * * *
...
These are the logs on the client when connecting:
Mon Nov 7 08:19:19 2022 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar 22 2022
Mon Nov 7 08:19:19 2022 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Enter Private Key Password: ***********************
Mon Nov 7 08:19:23 2022 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Nov 7 08:19:23 2022 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Nov 7 08:19:24 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]<PUBLIC_IP>:1194
Mon Nov 7 08:19:24 2022 Socket Buffers: R=[212992->212992] S=[212992->212992]
Mon Nov 7 08:19:24 2022 UDP link local: (not bound)
Mon Nov 7 08:19:24 2022 UDP link remote: [AF_INET]<PUBLIC_IP>:1194
Mon Nov 7 08:19:24 2022 TLS: Initial packet from [AF_INET]<PUBLIC_IP>:1194, sid=68ddb126 123bae54
Mon Nov 7 08:19:24 2022 VERIFY OK: depth=1, CN=Easy-RSA CA
Mon Nov 7 08:19:24 2022 VERIFY KU OK
Mon Nov 7 08:19:24 2022 Validating certificate extended key usage
Mon Nov 7 08:19:24 2022 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Mon Nov 7 08:19:24 2022 VERIFY EKU OK
Mon Nov 7 08:19:24 2022 VERIFY X509NAME OK: CN=raspberrypi_f55e286b-94c2-4b4c-b43b-a5e53bf7e7d5
Mon Nov 7 08:19:24 2022 VERIFY OK: depth=0, CN=raspberrypi_f55e286b-94c2-4b4c-b43b-a5e53bf7e7d5
Mon Nov 7 08:19:24 2022 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
Mon Nov 7 08:19:24 2022 [raspberrypi_f55e286b-94c2-4b4c-b43b-a5e53bf7e7d5] Peer Connection Initiated with [AF_INET]<PUBLIC_IP>:1194
Mon Nov 7 08:19:25 2022 SENT CONTROL [raspberrypi_f55e286b-94c2-4b4c-b43b-a5e53bf7e7d5]: 'PUSH_REQUEST' (status=1)
Mon Nov 7 08:19:25 2022 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 1.1.1.1,dhcp-option DNS 1.0.0.1,block-outside-dns,redirect-gateway def1,route 192.168.1.0 255.255.255.0,route-gateway 10.192.125.1,topology subnet,ping 15,ping-restart 120,ifconfig 10.192.125.3 255.255.255.0,peer-id 0,cipher AES-256-GCM'
Mon Nov 7 08:19:25 2022 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:3: block-outside-dns (2.4.7)
Mon Nov 7 08:19:25 2022 OPTIONS IMPORT: timers and/or timeouts modified
Mon Nov 7 08:19:25 2022 OPTIONS IMPORT: --ifconfig/up options modified
Mon Nov 7 08:19:25 2022 OPTIONS IMPORT: route options modified
Mon Nov 7 08:19:25 2022 OPTIONS IMPORT: route-related options modified
Mon Nov 7 08:19:25 2022 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Nov 7 08:19:25 2022 OPTIONS IMPORT: peer-id set
Mon Nov 7 08:19:25 2022 OPTIONS IMPORT: adjusting link_mtu to 1624
Mon Nov 7 08:19:25 2022 OPTIONS IMPORT: data channel crypto options modified
Mon Nov 7 08:19:25 2022 Data Channel: using negotiated cipher 'AES-256-GCM'
Mon Nov 7 08:19:25 2022 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Nov 7 08:19:25 2022 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Nov 7 08:19:25 2022 ROUTE_GATEWAY 192.168.1.254/255.255.255.0 IFACE=wlp1s0 HWADDR=a4:97:b1:8e:37:af
Mon Nov 7 08:19:25 2022 TUN/TAP device tun0 opened
Mon Nov 7 08:19:25 2022 TUN/TAP TX queue length set to 100
Mon Nov 7 08:19:25 2022 /sbin/ip link set dev tun0 up mtu 1500
Mon Nov 7 08:19:25 2022 /sbin/ip addr add dev tun0 10.192.125.3/24 broadcast 10.192.125.255
Mon Nov 7 08:19:25 2022 /sbin/ip route add <PUBLIC_IP>/32 via 192.168.1.254
Mon Nov 7 08:19:25 2022 /sbin/ip route add 0.0.0.0/1 via 10.192.125.1
Mon Nov 7 08:19:25 2022 /sbin/ip route add 128.0.0.0/1 via 10.192.125.1
Mon Nov 7 08:19:25 2022 /sbin/ip route add 192.168.1.0/24 via 10.192.125.1
Mon Nov 7 08:19:25 2022 Initialization Sequence Completed
Finally, PiVPN seems to be happy about the configuration:
root#raspberrypi:~# cat /tmp/debug.log
:::: PiVPN debug ::::
=============================================
:::: Latest commit ::::
Branch: master
Commit: f8cb945af15a1ca0cf063475c6e1557c6e8da06c
Author: 4s3ti
Date: Fri Jun 10 16:10:57 2022 +0200
Summary: Merge branch 'test'
=============================================
:::: Installation settings ::::
PLAT=Debian
OSCN=bullseye
USING_UFW=0
pivpnforceipv6route=1
IPv4dev=wlan1
dhcpReserv=1
IPv4addr=192.168.1.223/24
IPv4gw=192.168.1.254
install_user=pi
install_home=/home/pi
VPN=openvpn
pivpnPROTO=udp
pivpnPORT=1194
pivpnDNS1=1.1.1.1
pivpnDNS2=1.0.0.1
pivpnSEARCHDOMAIN=
pivpnHOST=REDACTED
TWO_POINT_FOUR=0
pivpnENCRYPT=2048
USE_PREDEFINED_DH_PARAM=1
INPUT_CHAIN_EDITED=0
FORWARD_CHAIN_EDITED=1
INPUT_CHAIN_EDITEDv6=
FORWARD_CHAIN_EDITEDv6=
pivpnDEV=tun0
pivpnNET=10.192.125.0
subnetClass=24
pivpnenableipv6=0
ALLOWED_IPS=""
UNATTUPG=1
INSTALLED_PACKAGES=(dnsutils grepcidr bsdmainutils iptables-persistent openvpn expect unattended-upgrades)
HELP_SHOWN=1
=============================================
:::: Server configuration shown below ::::
dev tun
proto udp
port 1194
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/raspberrypi_f55e286b-94c2-4b4c-b43b-a5e53bf7e7d5.crt
key /etc/openvpn/easy-rsa/pki/private/raspberrypi_f55e286b-94c2-4b4c-b43b-a5e53bf7e7d5.key
dh /etc/openvpn/easy-rsa/pki/dh2048.pem
topology subnet
server 10.192.125.0 255.255.255.0
# Set your primary domain name server address for clients
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 1.0.0.1"
# Prevent DNS leaks on Windows
push "block-outside-dns"
# Override the Client default gateway by using 0.0.0.0/1 and
# 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
# overriding but not wiping out the original default gateway.
push "redirect-gateway def1"
# push "route 192.168.1.0 255.255.255.0"
client-to-client
client-config-dir /etc/openvpn/ccd
keepalive 15 120
remote-cert-tls client
tls-version-min 1.2
tls-auth /etc/openvpn/easy-rsa/pki/ta.key 0
cipher AES-256-CBC
auth SHA256
user openvpn
group openvpn
persist-key
persist-tun
crl-verify /etc/openvpn/crl.pem
status /var/log/openvpn-status.log 20
status-version 3
syslog
verb 4
mssfix 1350
#DuplicateCNs allow access control on a less-granular, per user basis.
#Remove # if you will manage access by user instead of device.
#duplicate-cn
# Generated for use by PiVPN.io
=============================================
:::: Client template file shown below ::::
client
dev tun
proto udp
remote REDACTED 1194
resolv-retry infinite
nobind
key-direction 1
remote-cert-tls server
tls-version-min 1.2
verify-x509-name raspberrypi_f55e286b-94c2-4b4c-b43b-a5e53bf7e7d5 name
cipher AES-256-CBC
auth SHA256
auth-nocache
verb 3
=============================================
:::: Recursive list of files in ::::
::: /etc/openvpn/easy-rsa/pki shows below :::
/etc/openvpn/easy-rsa/pki/:
Default.txt
MirkoSmartphone.ovpn
Motog8Mirko3.ovpn
ca.crt
crl.pem
dh2048.pem
index.txt
index.txt.attr
index.txt.attr.old
index.txt.old
issued
openssl-easyrsa.cnf
private
revoked
safessl-easyrsa.cnf
serial
serial.old
ta.key
vars
vars.example
/etc/openvpn/easy-rsa/pki/issued:
MirkoSmartphone.crt
Motog8Mirko3.crt
motog8mirko.crt
raspberrypi_f55e286b-94c2-4b4c-b43b-a5e53bf7e7d5.crt
/etc/openvpn/easy-rsa/pki/private:
MirkoSmartphone.key
Motog8Mirko3.key
ca.key
motog8mirko.key
raspberrypi_f55e286b-94c2-4b4c-b43b-a5e53bf7e7d5.key
/etc/openvpn/easy-rsa/pki/revoked:
private_by_serial
reqs_by_serial
/etc/openvpn/easy-rsa/pki/revoked/private_by_serial:
/etc/openvpn/easy-rsa/pki/revoked/reqs_by_serial:
=============================================
:::: Self check ::::
:: [OK] IP forwarding is enabled
:: [OK] Iptables MASQUERADE rule set
:: [OK] Iptables FORWARD rule set
:: [OK] OpenVPN is running
:: [OK] OpenVPN is enabled (it will automatically start on reboot)
:: [OK] OpenVPN is listening on port 1194/udp
=============================================
:::: Having trouble connecting? Take a look at the FAQ:
:::: https://docs.pivpn.io/faq
=============================================
:::: Snippet of the server log ::::
Nov 7 08:49:16 raspberrypi ovpn-server[142996]: REDACTED:33665 peer info: IV_SSO=webauth,openurl
Nov 7 08:49:16 raspberrypi ovpn-server[142996]: REDACTED:33665 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
Nov 7 08:49:16 raspberrypi ovpn-server[142996]: REDACTED:33665 [Motog8Mirko3] Peer Connection Initiated with [AF_INET]REDACTED:33665
Nov 7 08:49:16 raspberrypi ovpn-server[142996]: Motog8Mirko3/REDACTED:33665 MULTI_sva: pool returned IPv4=10.192.125.2, IPv6=(Not enabled)
Nov 7 08:49:16 raspberrypi ovpn-server[142996]: Motog8Mirko3/REDACTED:33665 OPTIONS IMPORT: reading client specific options from: /etc/openvpn/ccd/Motog8Mirko3
Nov 7 08:49:16 raspberrypi ovpn-server[142996]: Motog8Mirko3/REDACTED:33665 MULTI: Learn: 10.192.125.3 -> Motog8Mirko3/REDACTED:33665
Nov 7 08:49:16 raspberrypi ovpn-server[142996]: Motog8Mirko3/REDACTED:33665 MULTI: primary virtual IP for Motog8Mirko3/REDACTED:33665: 10.192.125.3
Nov 7 08:49:16 raspberrypi ovpn-server[142996]: Motog8Mirko3/REDACTED:33665 Data Channel: using negotiated cipher 'AES-256-GCM'
Nov 7 08:49:16 raspberrypi ovpn-server[142996]: Motog8Mirko3/REDACTED:33665 Data Channel MTU parms [ L:1549 D:1350 EF:49 EB:406 ET:0 EL:3 ]
Nov 7 08:49:16 raspberrypi ovpn-server[142996]: Motog8Mirko3/REDACTED:33665 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Nov 7 08:49:16 raspberrypi ovpn-server[142996]: Motog8Mirko3/REDACTED:33665 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Nov 7 08:49:16 raspberrypi ovpn-server[142996]: Motog8Mirko3/REDACTED:33665 SENT CONTROL [Motog8Mirko3]: 'PUSH_REPLY,dhcp-option DNS 1.1.1.1,dhcp-option DNS 1.0.0.1,block-outside-dns,redirect-gateway def1,route-gateway 10.192.125.1,topology subnet,ping 15,ping-restart 120,ifconfig 10.192.125.3 255.255.255.0,peer-id 0,cipher AES-256-GCM' (status=1)
Nov 7 08:49:16 raspberrypi ovpn-server[142996]: Motog8Mirko3/REDACTED:33665 PUSH: Received control message: 'PUSH_REQUEST'
Nov 7 08:49:16 raspberrypi ovpn-server[142996]: Motog8Mirko3/REDACTED:33665 PID_ERR replay-window backtrack occurred [1] [SSL-0] [0_0] 0:3 0:2 t=1667807356[0] r=[0,64,15,1,1] sl=[61,3,64,528]
Nov 7 08:49:17 raspberrypi ovpn-server[142996]: Motog8Mirko3/REDACTED:33665 MULTI: bad source address from client [10.88.113.212], packet dropped
Nov 7 08:49:17 raspberrypi ovpn-server[142996]: Motog8Mirko3/REDACTED:33665 MULTI: bad source address from client [10.88.113.212], packet dropped
Nov 7 08:49:19 raspberrypi ovpn-server[142996]: Motog8Mirko3/REDACTED:33665 MULTI: bad source address from client [10.88.113.212], packet dropped
Nov 7 08:49:19 raspberrypi ovpn-server[142996]: Motog8Mirko3/REDACTED:33665 MULTI: bad source address from client [10.88.113.212], packet dropped
Nov 7 08:49:23 raspberrypi ovpn-server[142996]: Motog8Mirko3/REDACTED:33665 MULTI: bad source address from client [10.88.113.212], packet dropped
Nov 7 08:49:23 raspberrypi ovpn-server[142996]: Motog8Mirko3/REDACTED:33665 MULTI: bad source address from client [10.88.113.212], packet dropped
=============================================
:::: Debug complete ::::

Pivpn no internet

This question might seem duplicate but I've tried all other solutions which are years old so please help.
I setup Pivpn on my Raspberry Pi but cannot access internet via VPN.
Running ping 1.1.1.1 -I tun0 gives 100% packet loss and no response. From eth0 it works. Even ping 127.0.0.1 -I tun0 doesn't work.
Below is my log of pivpn -d it doesn't show any error.
::: Generating Debug Output
:::: [4mPiVPN debug[0m ::::
=============================================
:::: [4mLatest commit[0m ::::
Branch: master
Commit: 027f257931d1f169e254def5d1552d55810fefda
Author: 4s3ti
Date: Thu Aug 5 15:12:33 2021 +0200
Summary: Latest Changes update.
=============================================
:::: [4mInstallation settings[0m ::::
PLAT=Raspbian
OSCN=stretch
USING_UFW=0
IPv4dev=eth0
dhcpReserv=1
IPv4addr=10.10.70.10/24
IPv4gw=10.10.70.254
install_user=pi
install_home=/home/pi
VPN=openvpn
pivpnPROTO=udp
pivpnPORT=50552
pivpnDNS1=8.8.8.8
pivpnDNS2=8.8.4.4
pivpnSEARCHDOMAIN=
pivpnHOST=REDACTED
TWO_POINT_FOUR=1
pivpnENCRYPT=256
USE_PREDEFINED_DH_PARAM=0
INPUT_CHAIN_EDITED=0
FORWARD_CHAIN_EDITED=0
pivpnDEV=tun0
pivpnNET=10.8.0.0
subnetClass=24
ALLOWED_IPS=""
UNATTUPG=0
INSTALLED_PACKAGES=(grepcidr expect)
=============================================
:::: [4mServer configuration shown below[0m ::::
dev tun
proto udp
port 50552
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/ANY_1c949ee6-91f4-4cca-b472-e7d82dae1b44.crt
key /etc/openvpn/easy-rsa/pki/private/ANY_1c949ee6-91f4-4cca-b472-e7d82dae1b44.key
dh none
ecdh-curve prime256v1
topology subnet
server 10.3.0.0 255.255.255.0
# Set your primary domain name server address for clients
push "dhcp-option DNS 1.1.1.1"
#push "dhcp-option DNS 8.8.8.8"
# Prevent DNS leaks on Windows
push "block-outside-dns"
# Override the Client default gateway by using 0.0.0.0/1 and
# 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
# overriding but not wiping out the original default gateway.
push "redirect-gateway def1"
push "route 192.168.15.1 255.255.255.0"
client-to-client
client-config-dir /etc/openvpn/ccd
keepalive 15 120
remote-cert-tls client
tls-version-min 1.2
tls-crypt /etc/openvpn/easy-rsa/pki/ta.key
cipher AES-256-CBC
auth SHA256
user openvpn
group openvpn
persist-key
persist-tun
crl-verify /etc/openvpn/crl.pem
status /var/log/openvpn-status.log 20
status-version 3
syslog
verb 3
#DuplicateCNs allow access control on a less-granular, per user basis.
#Remove # if you will manage access by user instead of device.
#duplicate-cn
# Generated for use by PiVPN.io
tun-mtu 1400
mssfix 1360
=============================================
:::: [4mClient template file shown below[0m ::::
client
dev tun
proto udp
remote REDACTED 50552
resolv-retry infinite
nobind
remote-cert-tls server
tls-version-min 1.2
verify-x509-name ANY_1c949ee6-91f4-4cca-b472-e7d82dae1b44 name
cipher AES-256-CBC
auth SHA256
auth-nocache
verb 3
=============================================
:::: [4mRecursive list of files in[0m ::::
::: [4m/etc/openvpn/easy-rsa/pki shows below[0m :::
/etc/openvpn/easy-rsa/pki/:
Default.txt
ca.crt
crl.pem
ecparams
index.txt
index.txt.attr
index.txt.attr.old
index.txt.old
issued
openssl-easyrsa.cnf
private
renewed
revoked
safessl-easyrsa.cnf
serial
serial.old
ta.key
/etc/openvpn/easy-rsa/pki/ecparams:
prime256v1.pem
/etc/openvpn/easy-rsa/pki/issued:
ANY_1c949ee6-91f4-4cca-b472-e7d82dae1b44.crt
/etc/openvpn/easy-rsa/pki/private:
ANY_1c949ee6-91f4-4cca-b472-e7d82dae1b44.key
ca.key
/etc/openvpn/easy-rsa/pki/renewed:
private_by_serial
reqs_by_serial
/etc/openvpn/easy-rsa/pki/renewed/private_by_serial:
/etc/openvpn/easy-rsa/pki/renewed/reqs_by_serial:
/etc/openvpn/easy-rsa/pki/revoked:
private_by_serial
reqs_by_serial
/etc/openvpn/easy-rsa/pki/revoked/private_by_serial:
/etc/openvpn/easy-rsa/pki/revoked/reqs_by_serial:
=============================================
:::: [4mSelf check[0m ::::
:: [OK] IP forwarding is enabled
:: [OK] Iptables MASQUERADE rule set
:: [OK] OpenVPN is running
:: [OK] OpenVPN is enabled (it will automatically start on reboot)
:: [OK] OpenVPN is listening on port 50552/udp
=============================================
:::: Having trouble connecting? Take a look at the FAQ:
:::: [1mhttps://docs.pivpn.io/faq[0m
=============================================
:::: [4mSnippet of the server log[0m ::::
Aug 21 11:16:40 ANY ovpn-server[488]: ECDH curve prime256v1 added
Aug 21 11:16:40 ANY ovpn-server[488]: Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Aug 21 11:16:40 ANY ovpn-server[488]: Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Aug 21 11:16:40 ANY ovpn-server[488]: Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Aug 21 11:16:40 ANY ovpn-server[488]: Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Aug 21 11:16:40 ANY ovpn-server[488]: WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1400)
Aug 21 11:16:40 ANY ovpn-server[488]: TUN/TAP device tun0 opened
Aug 21 11:16:40 ANY ovpn-server[488]: TUN/TAP TX queue length set to 100
Aug 21 11:16:40 ANY ovpn-server[488]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Aug 21 11:16:40 ANY ovpn-server[488]: /sbin/ip link set dev tun0 up mtu 1400
Aug 21 11:16:40 ANY ovpn-server[488]: /sbin/ip addr add dev tun0 10.3.0.1/24 broadcast 10.3.0.255
Aug 21 11:16:40 ANY ovpn-server[488]: Could not determine IPv4/IPv6 protocol. Using AF_INET
Aug 21 11:16:40 ANY ovpn-server[488]: Socket Buffers: R=[163840->163840] S=[163840->163840]
Aug 21 11:16:40 ANY ovpn-server[488]: UDPv4 link local (bound): [AF_INET][undef]:50552
Aug 21 11:16:40 ANY ovpn-server[488]: UDPv4 link remote: [AF_UNSPEC]
Aug 21 11:16:40 ANY ovpn-server[488]: GID set to openvpn
Aug 21 11:16:40 ANY ovpn-server[488]: UID set to openvpn
Aug 21 11:16:40 ANY ovpn-server[488]: MULTI: multi_init called, r=256 v=256
Aug 21 11:16:40 ANY ovpn-server[488]: IFCONFIG POOL: base=10.3.0.2 size=252, ipv6=0
Aug 21 11:16:40 ANY ovpn-server[488]: Initialization Sequence Completed
=============================================
:::: [4mDebug complete[0m ::::
:::
::: Debug output completed above.
::: Copy saved to /tmp/debug.log
:::
Running cat /proc/sys/net/ipv4/ip_forward gives 1 so forwarding is enabled.
I've ran the command sudo iptables -t nat -A POSTROUTING -s 10.3.0.0/24 -o eth0 -j MASQUERADE still doesn't work.
Please note that I've changed ip from 10.8.0.0 to 10.3.0.0 still doesn't work with both.
My openvpn version is OpenVPN 2.4.0

Well everything looks good. I suggest you reinstall pivpn from the official website here
Also, while installation select public dns and enter any public dns, you seem to be using your ip.
After reinstall and reboot, run the command sudo iptables -t nat -A POSTROUTING -s 10.3.0.0/24 -o eth0 -j MASQUERADE
Also, most importantly, using ping 1.1.1.1 -I tun0 won't work even if the VPN works so stop using it and use an actual connection.
You might want to create a statup script that runs the command sudo iptables -t nat -A POSTROUTING -s 10.3.0.0/24 -o eth0 -j MASQUERADE

Modem on Raspbian not connecting with `nmcli`

I need to configure the [TRM240 modem][1] to work with a Raspbian system. I followed the procedure reported in the answer [here][2], but the connection isn't working.
I attach some screenshots documenting the procedure and the commands that I issued.
First, look for connected modems:
pi#raspberrypi:~ $ mmcli -L
Found 1 modems:
/org/freedesktop/ModemManager1/Modem/0 [QUALCOMM INCORPORATED] QUECTEL Mobile Broadband Module
Check the unique modem found:
pi#raspberrypi:~ $ mmcli -m 0
/org/freedesktop/ModemManager1/Modem/0 (device id 'e308f44de689f834e8cbc5b2122a4ffca8ddd3f5')
-------------------------
Hardware | manufacturer: 'QUALCOMM INCORPORATED'
| model: 'QUECTEL Mobile Broadband Module'
| revision: 'EC21ECGAR06A04M1G'
| supported: 'gsm-umts
| lte
| gsm-umts, lte'
| current: 'gsm-umts, lte'
| equipment id: '864394040056931'
-------------------------
System | device: '/sys/devices/platform/soc/3f980000.usb/usb1/1-1/1-1.2'
| drivers: 'option1, qmi_wwan'
| plugin: 'Generic'
| primary port: 'cdc-wdm0'
| ports: 'ttyUSB0 (qcdm), ttyUSB2 (at), cdc-wdm0 (qmi), wwan0 (net), ttyUSB3 (at)'
-------------------------
Numbers | own : 'unknown'
-------------------------
Status | lock: 'unknown'
| unlock retries: 'unknown'
| state: 'failed'
| failed reason: 'sim-missing'
| power state: 'unknown'
| access tech: 'unknown'
| signal quality: '0' (cached)
-------------------------
Modes | supported: 'allowed: 2g, 3g, 4g; preferred: none'
| current: 'allowed: any; preferred: none'
-------------------------
Bands | supported: 'unknown'
| current: 'unknown'
-------------------------
IP | supported: 'ipv4, ipv6, ipv4v6'
-------------------------
SIM | path: 'none'
-------------------------
Bearers | paths: 'none'
Here, the Status section leaves me a little bit puzzled, but I try to go on.
I tried the following command using different options for ifname: cdc-wdm0, ttyUSB2 and ttyUSB3. They all end up to the same result.
pi#raspberrypi:~ $ sudo nmcli c add type gsm ifname cdc-wdm0 con-name modem apn mobile.vodafone.it
Connection 'modem' (9c34027f-5df5-4fd6-9792-223e225dfd41) successfully added.
Check the connections and try to take up modem:
pi#raspberrypi:~ $ nmcli con
NAME UUID TYPE DEVICE
br-12ff13c2c4e0 26450e11-6671-47c2-91af-6bf96405921b bridge br-12ff13c2c4e0
br-acc4bdcbe6e7 440cfcc0-5318-4a9e-9259-3fb8700cf240 bridge br-acc4bdcbe6e7
docker0 8af67071-3cb2-4235-882f-1cc1f50fa7ca bridge docker0
modem 9c34027f-5df5-4fd6-9792-223e225dfd41 gsm --
Try to take up:
pi#raspberrypi:~ $ nmcli con up modem
Error: Connection activation failed: No suitable device found for this connection.
Status of service NetworkManager:
pi#raspberrypi:~ $ systemctl status NetworkManager
● NetworkManager.service - Network Manager
Loaded: loaded (/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2020-08-21 07:46:57 UTC; 2h 35min ago
Docs: man:NetworkManager(8)
Main PID: 710 (NetworkManager)
Tasks: 3 (limit: 4915)
Memory: 13.8M
CPU: 3.862s
CGroup: /system.slice/NetworkManager.service
└─710 /usr/sbin/NetworkManager --no-daemon
Aug 21 07:48:53 raspberrypi NetworkManager[710]: <info> [1597996133.0883] device (veth6ffb100): link connected
Aug 21 08:14:11 raspberrypi NetworkManager[710]: <error> [1597997651.4341] audit: failed to open auditd socket: Protocol not supported
Aug 21 08:14:11 raspberrypi NetworkManager[710]: <info> [1597997651.4343] audit: op="device-managed" arg="managed:1" pid=11841 uid=0 result="success"
Aug 21 08:16:48 raspberrypi NetworkManager[710]: <info> [1597997808.9388] audit: op="device-autoconnect" arg="autoconnect:1" pid=12910 uid=1000 result="fail" reason="Not authorized to perform this operat
Aug 21 08:17:41 raspberrypi NetworkManager[710]: <info> [1597997861.0575] audit: op="connection-add-activate" pid=13286 uid=1000 result="fail" reason="gsm: GSM mobile broadband connection requires a 'gsm
Aug 21 08:25:25 raspberrypi NetworkManager[710]: <info> [1597998325.2594] audit: op="connection-add-activate" pid=16224 uid=1000 result="fail" reason="gsm: GSM mobile broadband connection requires a 'gsm
Aug 21 10:06:31 raspberrypi NetworkManager[710]: <info> [1598004391.9223] audit: op="connection-activate" uuid="06583333-e03e-431f-9376-94c38b6b607d" name="modem" result="fail" reason="No suitable device
Aug 21 10:19:24 raspberrypi NetworkManager[710]: <info> [1598005164.3349] keyfile: add connection /etc/NetworkManager/system-connections/modem-9c34027f-5df5-4fd6-9792-223e225dfd41 (9c34027f-5df5-4fd6-979
Aug 21 10:19:24 raspberrypi NetworkManager[710]: <info> [1598005164.3386] audit: op="connection-add" uuid="9c34027f-5df5-4fd6-9792-223e225dfd41" name="modem" pid=27261 uid=0 result="success"
Aug 21 10:20:29 raspberrypi NetworkManager[710]: <info> [1598005229.6409] audit: op="connection-activate" uuid="06583333-e03e-431f-9376-94c38b6b607d" name="modem" result="fail" reason="No suitable device
lines 1-21/21 (END)
Here I see the error <error> [1597997651.4341] audit: failed to open auditd socket: Protocol not supported...
Status of service ModemManager (there are warnings, but not errors):
pi#raspberrypi:~ $ systemctl status ModemManager
● ModemManager.service - Modem Manager
Loaded: loaded (/lib/systemd/system/ModemManager.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2020-08-21 07:46:57 UTC; 2h 35min ago
Main PID: 712 (ModemManager)
Tasks: 5 (limit: 4915)
Memory: 8.7M
CPU: 4.123s
CGroup: /system.slice/ModemManager.service
├─712 /usr/sbin/ModemManager
└─884 /usr/lib/libqmi/qmi-proxy
Aug 21 07:47:19 raspberrypi ModemManager[712]: [/dev/cdc-wdm0] Registered 'nas' (version 1.25) client with ID '2'
Aug 21 07:47:20 raspberrypi ModemManager[712]: [/dev/cdc-wdm0] Allocating new client ID...
Aug 21 07:47:20 raspberrypi ModemManager[712]: [/dev/cdc-wdm0] Registered 'wms' (version 1.10) client with ID '1'
Aug 21 07:47:20 raspberrypi ModemManager[712]: [/dev/cdc-wdm0] Allocating new client ID...
Aug 21 07:47:20 raspberrypi ModemManager[712]: [/dev/cdc-wdm0] Registered 'uim' (version 1.46) client with ID '1'
Aug 21 07:47:20 raspberrypi ModemManager[712]: <warn> (ttyUSB2): port attributes not fully set
Aug 21 07:47:20 raspberrypi ModemManager[712]: <warn> couldn't load Supported Bands: 'QMI operation failed: Cannot send message: QMI service 'dms' version '1.1' required, got version '1.0''
Aug 21 07:47:20 raspberrypi ModemManager[712]: <warn> couldn't load Power State: 'QMI operation failed: Cannot send message: QMI service 'dms' version '1.1' required, got version '1.0''
Aug 21 07:47:55 raspberrypi ModemManager[712]: <warn> Modem couldn't be initialized: Couldn't check unlock status: Couldn't get SIM lock status after 6 retries
Aug 21 07:47:55 raspberrypi ModemManager[712]: <info> Modem: state changed (unknown -> failed)
System info:
pi#raspberrypi:~ $ uname -a
Linux raspberrypi 4.19.66-v7+ #1253 SMP Thu Aug 15 11:49:46 BST 2019 armv7l GNU/Linux
pi#raspberrypi:~ $ lsb_release -a
No LSB modules are available.
Distributor ID: Raspbian
Description: Raspbian GNU/Linux 9.13 (stretch)
Release: 9.13
Codename: stretch

It may be that the SIM is not working properly or the modem is not recognizing it.
This is what the output
-------------------------
Status | lock: 'unknown'
| unlock retries: 'unknown'
| state: 'failed'
| failed reason: 'sim-missing'
| power state: 'unknown'
| access tech: 'unknown'
| signal quality: '0' (cached)
-------------------------
points out.
Check this answer.
(I didn't find it before posting my question.)

systemd stops OrientDB immediately after it starts on Ubuntu 16.04

I'm trying trying to make OrientDB run as a daemon (enabled on start) on Ubuntu 16.04 LTS. The problem is, systemd appears to call stop immediately after I tell it to start. I have this systemd service file exactly as recommended in the OrientDB documentation:
[Unit]
Description=OrientDB Server
After=network.target
After=syslog.target
[Install]
WantedBy=multi-user.target
[Service]
Type=forking
ExecStart=$ORIENTDB_HOME/bin/orientdb.sh start
ExecStop=$ORIENTDB_HOME/bin/orientdb.sh stop
ExecStatus=$ORIENTDB_HOME/bin/orientdb.sh status
orientdb.log:
.
.` `
, `:.
`,` ,:`
.,. :,,
.,, ,,,
. .,.::::: ```` ::::::::: :::::::::
,` .::,,,,::.,,,,,,`;; .: :::::::::: ::: :::
`,. ::,,,,,,,:.,,.` ` .: ::: ::: ::: :::
,,:,:,,,,,,,,::. ` ` `` .: ::: ::: ::: :::
,,:.,,,,,,,,,: `::, ,, ::,::` : :,::` :::: ::: ::: ::: :::
,:,,,,,,,,,,::,: ,, :. : :: : .: ::: ::: :::::::
:,,,,,,,,,,:,:: ,, : : : : .: ::: ::: :::::::::
` :,,,,,,,,,,:,::, ,, .:::::::: : : .: ::: ::: ::: :::
`,...,,:,,,,,,,,,: .:,. ,, ,, : : .: ::: ::: ::: :::
.,,,,::,,,,,,,: `: , ,, : ` : : .: ::: ::: ::: :::
...,::,,,,::.. `: .,, :, : : : .: ::::::::::: ::: :::
,::::,,,. `: ,, ::::: : : .: ::::::::: ::::::::::
,,:` `,,.
,,, .,`
,,. `, GRAPH DATABASE
`` `.
`` orientdb.com
`
pid file detected, killing process
syslog:
Jul 28 18:56:34 ubuntu systemd[1]: Starting OrientDB Server...
Jul 28 18:56:34 ubuntu orientdb.sh[17487]: Starting OrientDB server daemon...
Jul 28 18:56:34 ubuntu systemd[1]: Created slice User Slice of orientdb.
Jul 28 18:56:34 ubuntu systemd[1]: Starting User Manager for UID 999...
Jul 28 18:56:34 ubuntu systemd[1]: Started Session c5 of user orientdb.
Jul 28 18:56:34 ubuntu systemd[17497]: Reached target Timers.
Jul 28 18:56:34 ubuntu systemd[17497]: Reached target Paths.
Jul 28 18:56:34 ubuntu systemd[17497]: Reached target Sockets.
Jul 28 18:56:34 ubuntu systemd[17497]: Reached target Basic System.
Jul 28 18:56:34 ubuntu systemd[17497]: Reached target Default.
Jul 28 18:56:34 ubuntu systemd[17497]: Startup finished in 23ms.
Jul 28 18:56:34 ubuntu systemd[1]: Started User Manager for UID 999.
Jul 28 18:56:34 ubuntu orientdb.sh[17508]: Stopping OrientDB server daemon...
Jul 28 18:56:34 ubuntu systemd[1]: Started Session c6 of user orientdb.
Jul 28 18:56:34 ubuntu systemd[1]: Started OrientDB Server.
Jul 28 18:56:34 ubuntu systemd[1]: Stopping User Manager for UID 999...
Jul 28 18:56:34 ubuntu systemd[17497]: Reached target Shutdown.
Jul 28 18:56:34 ubuntu systemd[17497]: Starting Exit the Session...
Jul 28 18:56:34 ubuntu systemd[17497]: Stopped target Default.
Jul 28 18:56:34 ubuntu systemd[17497]: Stopped target Basic System.
Jul 28 18:56:34 ubuntu systemd[17497]: Stopped target Timers.
Jul 28 18:56:34 ubuntu systemd[17497]: Stopped target Paths.
Jul 28 18:56:34 ubuntu systemd[17497]: Stopped target Sockets.
Jul 28 18:56:34 ubuntu systemd[17497]: Received SIGRTMIN+24 from PID 17536 (kill).
Jul 28 18:56:34 ubuntu systemd[1]: Stopped User Manager for UID 999.
Jul 28 18:56:34 ubuntu systemd[1]: Removed slice User Slice of orientdb.
Any ideas?

As long as you wrap custom init scripts (orientdb.sh
, server.sh, shutdown.sh) in a systemd service unit, you will have strange and hard to debug issues.
Instead, you should read those scripts, understand how they launch OrientDB and reproduce only what is necessary in a service unit.

I've added a user & group orientdb to the system and used below systemd script (assuming orientdb is installed in /opt/orientdb):
[Unit]
Description=OrientDB Server
After=network.target
After=syslog.target
[Install]
WantedBy=multi-user.target
[Service]
User=orientdb
Group=orientdb
ExecStart=/opt/orientdb/bin/server.sh
ExecStop=/opt/orientdb/bin/shutdown.sh
ExecReload=/bin/kill -HUP $MAINPID

If you run the server and close the window, the server will be closed. Use it with NOHUP (server.sh) and if you close the window it will continue running.
I had the same problem, good luck

I had the same issue with OpenSuse Leap 42.1 and OrientDB 2.2.7.
Roberto's answer solved it. See the issue on GitHub.