When I start a container the pod starts, but after it connects to the VPN it can no longer be accessible from the LAN. I have tried setting the VPN_ENABLED to false and then it works fine. Any suggestions on what to tweak to make this work correctly?
I have the following setup for the container config:
here's the logs that I can capture before the pod is inaccessible:
2022-03-09 21:11:27.480436 [INFO] VPN_ENABLED defined as 'yes'
2022-03-09 21:11:27.568609 [INFO] DISABLE_IPV6 is set to ''
2022-03-09 21:11:27.649393 [INFO] Disabling IPv6 in sysctl
2022-03-09 21:11:27.757490 [WARNING] VPN_TYPE not set, defaulting to OpenVPN.
2022-03-09 21:11:27.978328 [INFO] OpenVPN config file is found at /config/openvpn/CAOpenVPN.ovpn
dos2unix: converting file /config/openvpn/CAOpenVPN.ovpn to Unix format...
2022-03-09 21:11:28.235862 [INFO] VPN remote line defined as 'ca-montreal.privacy.network 501'
2022-03-09 21:11:28.327202 [INFO] VPN_REMOTE defined as 'ca-montreal.privacy.network'
2022-03-09 21:11:28.416041 [INFO] VPN_PORT defined as '501'
2022-03-09 21:11:28.514643 [INFO] VPN_PROTOCOL defined as 'tcp'
2022-03-09 21:11:28.613683 [INFO] VPN_DEVICE_TYPE defined as 'tun0'
2022-03-09 21:11:28.703296 [INFO] LAN_NETWORK defined as '192.168.0.1/24'
2022-03-09 21:11:28.792828 [WARNING] NAME_SERVERS not defined (via -e NAME_SERVERS), defaulting to CloudFlare and Google name servers
2022-03-09 21:11:28.882776 [INFO] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2022-03-09 21:11:28.976471 [INFO] Adding 1.1.1.1 to resolv.conf
2022-03-09 21:11:29.067480 [INFO] Adding 8.8.8.8 to resolv.conf
2022-03-09 21:11:29.156572 [INFO] Adding 1.0.0.1 to resolv.conf
2022-03-09 21:11:29.245519 [INFO] Adding 8.8.4.4 to resolv.conf
2022-03-09 21:11:29.326266 [INFO] Starting OpenVPN...
Wed Mar 9 21:11:29 2022 WARNING: file 'pass.txt' is group or others accessible
Wed Mar 9 21:11:29 2022 OpenVPN 2.4.7 aarch64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 19 2021
Wed Mar 9 21:11:29 2022 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Wed Mar 9 21:11:29 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]172.98.71.109:501
Wed Mar 9 21:11:29 2022 Attempting to establish TCP connection with [AF_INET]172.98.71.109:501 [nonblock]
Wed Mar 9 21:11:30 2022 TCP connection established with [AF_INET]172.98.71.109:501
Wed Mar 9 21:11:30 2022 TCP_CLIENT link local: (not bound)
Wed Mar 9 21:11:30 2022 TCP_CLIENT link remote: [AF_INET]172.98.71.109:501
Wed Mar 9 21:11:30 2022 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Mar 9 21:11:31 2022 [montreal402] Peer Connection Initiated with [AF_INET]172.98.71.109:501
Wed Mar 9 21:11:32 2022 OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options
Wed Mar 9 21:11:32 2022 OpenVPN ROUTE: failed to parse/resolve route for host/network: 2000::/3
Wed Mar 9 21:11:32 2022 TUN/TAP device tun0 opened
Wed Mar 9 21:11:32 2022 /sbin/ip link set dev tun0 up mtu 1500
Wed Mar 9 21:11:32 2022 /sbin/ip addr add dev tun0 10.43.19.3/24 broadcast 10.43.19.255
Wed Mar 9 21:11:32 2022 WARNING: OpenVPN was configured to add an IPv6 route over tun0. However, no IPv6 has been configured for this interface, therefore the route installation may fail or may not work as expected.
Wed Mar 9 21:11:32 2022 Initialization Sequence Completed
When I start a container the pod starts, but after it connects to the VPN it can no longer be accessible from the LAN. I have tried setting the
VPN_ENABLED
tofalse
and then it works fine. Any suggestions on what to tweak to make this work correctly?I have the following setup for the container config:
here's the logs that I can capture before the pod is inaccessible: