search

bubuntux / nordvpn

NordVpn Docker Client
GNU Affero General Public License v3.0
746 stars 197 forks source link

NordVPN Connects but no containers have internet access #399

Closed aneurinprice closed 1 year ago

aneurinprice commented 1 year ago

Describe the bug When deploying the VPN container, the container connects to NordVPN successfully, but has no internet access.

To Reproduce using docker-compose docker-compose.yml if used (hide credentials)

version: "3"
services:
  vpn:
    image: ghcr.io/bubuntux/nordvpn
    cap_add:
      - NET_ADMIN
      - NET_RAW
      - SYS_MODULE
    environment: 
      - TOKEN=<redacted>
      - CONNECT=uk1613
      - SERVER=1613
      - TECHNOLOGY=OpenVPN
      - PROTOCOL=UDP
      - NETWORK=10.69.0.0/16
      - DNS=1.1.1.1,8.8.8.8
      - firewall=disabled
    ports:
      - 8080:8080
      - 9117:9117
      - 7878:7878
      - 8989:8989
    sysctls:
      - net.ipv4.ip_forward=1
      - net.ipv6.conf.all.disable_ipv6=1  # Recomended if using ipv4 only
    devices:
      - /dev/net/tun
    networks:
      - primary-net
  qbittorrent:
    image: ghcr.io/linuxserver/qbittorrent
    environment:
      - PUID=1002
      - PGID=1002
      - TZ=Europe/London
    volumes:
      - /srv/torrents:/downloads
      - qbittorrent-config:/config
    network_mode: service:vpn
    depends_on:
      - vpn
  sonarr:
    image: ghcr.io/linuxserver/sonarr
    environment:
      - PUID=1002
      - PGID=1002
      - TZ=Europe/London
    volumes:
      - /srv/tv:/tv
      - /srv/torrents:/downloads
      - sonarr-config:/config
    network_mode: service:vpn
    depends_on:
      - vpn
  radarr:
    image: ghcr.io/linuxserver/radarr
    environment:
      - PUID=1002
      - PGID=1002
      - TZ=Europe/London
    volumes:
      - /srv/movies:/movies
      - /srv/torrents:/downloads
      - radarr-config:/config
    network_mode: service:vpn
    depends_on:
      - vpn
  jackett:
    image: ghcr.io/linuxserver/jackett
    environment:
      - PUID=1002
      - PGID=1002
      - TZ=Europe/London
    volumes:

      - jackett-config:/config
    network_mode: service:vpn
    depends_on:
      - vpn

volumes:
  qbittorrent-config:
  sonarr-config:
  radarr-config:
  jackett-config:

networks:
  primary-net:

Expected behavior I would expect the containers in this compose to have some form of internet access.

Logs VPN Container:

Connecting...

-

A new version of NordVPN is available! Please update the application.

-

Connecting to United Kingdom #1613 (uk1613.nordvpn.com)

-
\
|
/
-
\
|
/
-
\
|
/

You are connected to United Kingdom #1613 (uk1613.nordvpn.com)!

-

Unstable connection detected!
2023/05/13 14:08:30 neither $XDG_CONFIG_HOME nor $HOME are defined
s6-svc: warning: /var/run/s6/services/nordvpn/notification-fd not present - ignoring request for readiness notification
s6-svlisten1: fatal: unable to subscribe to events for /var/run/s6/services/nordvpn: No such file or directory
Connecting...

-

A new version of NordVPN is available! Please update the application.

-

Connecting to United Kingdom #1613 (uk1613.nordvpn.com)

-
\
|
/
-
\
|
/
-
\
|
/
-

You are connected to United Kingdom #1613 (uk1613.nordvpn.com)!

-

Unstable connection detected!
2023/05/13 14:13:32 neither $XDG_CONFIG_HOME nor $HOME are defined
s6-svc: warning: /var/run/s6/services/nordvpn/notification-fd not present - ignoring request for readiness notification
s6-svlisten1: fatal: unable to subscribe to events for /var/run/s6/services/nordvpn: No such file or directory
Connecting...

-

A new version of NordVPN is available! Please update the application.

-

Connecting to United Kingdom #1613 (uk1613.nordvpn.com)

-
\
|
/
-
\
|
/
-
\
|
/
-

You are connected to United Kingdom #1613 (uk1613.nordvpn.com)!

-

Unstable connection detected!
2023/05/13 14:18:35 neither $XDG_CONFIG_HOME nor $HOME are defined
s6-svc: warning: /var/run/s6/services/nordvpn/notification-fd not present - ignoring request for readiness notification
s6-svlisten1: fatal: unable to subscribe to events for /var/run/s6/services/nordvpn: No such file or directory
Connecting...

-

A new version of NordVPN is available! Please update the application.

-

Connecting to United Kingdom #1613 (uk1613.nordvpn.com)

-
\
|
/
-
\
|
/
-
\
|
/
-

You are connected to United Kingdom #1613 (uk1613.nordvpn.com)!

-

Unstable connection detected!
2023/05/13 14:23:37 neither $XDG_CONFIG_HOME nor $HOME are defined
s6-svc: warning: /var/run/s6/services/nordvpn/notification-fd not present - ignoring request for readiness notification
s6-svlisten1: fatal: unable to subscribe to events for /var/run/s6/services/nordvpn: No such file or directory
Connecting...

-

A new version of NordVPN is available! Please update the application.

-

Connecting to United Kingdom #1613 (uk1613.nordvpn.com)

-
\
|
/
-
\
|
/
-
\
|
/

You are connected to United Kingdom #1613 (uk1613.nordvpn.com)!

-

Unstable connection detected!
2023/05/13 14:28:39 neither $XDG_CONFIG_HOME nor $HOME are defined
s6-svc: warning: /var/run/s6/services/nordvpn/notification-fd not present - ignoring request for readiness notification
s6-svlisten1: fatal: unable to subscribe to events for /var/run/s6/services/nordvpn: No such file or directory
Connecting...

-

A new version of NordVPN is available! Please update the application.

-

Connecting to United Kingdom #1613 (uk1613.nordvpn.com)

-
\
|
/
-
\
|
/
-
\
|
/
-

You are connected to United Kingdom #1613 (uk1613.nordvpn.com)!

-

Unstable connection detected!
2023/05/13 14:33:42 neither $XDG_CONFIG_HOME nor $HOME are defined
s6-svc: warning: /var/run/s6/services/nordvpn/notification-fd not present - ignoring request for readiness notification
s6-svlisten1: fatal: unable to subscribe to events for /var/run/s6/services/nordvpn: No such file or directory
Connecting...

-

A new version of NordVPN is available! Please update the application.

-

Connecting to United Kingdom #1613 (uk1613.nordvpn.com)

-
\
|
/
-
\
|
/
-
\
|
/

You are connected to United Kingdom #1613 (uk1613.nordvpn.com)!

-

Unstable connection detected!
2023/05/13 14:38:44 neither $XDG_CONFIG_HOME nor $HOME are defined
s6-svc: warning: /var/run/s6/services/nordvpn/notification-fd not present - ignoring request for readiness notification
s6-svlisten1: fatal: unable to subscribe to events for /var/run/s6/services/nordvpn: No such file or directory
Connecting...

-

A new version of NordVPN is available! Please update the application.

-

Connecting to United Kingdom #1613 (uk1613.nordvpn.com)

-
\
|
/
-
\
|
/
-
\
|
/
-

You are connected to United Kingdom #1613 (uk1613.nordvpn.com)!

-

Unstable connection detected!
2023/05/13 14:43:47 neither $XDG_CONFIG_HOME nor $HOME are defined
s6-svc: warning: /var/run/s6/services/nordvpn/notification-fd not present - ignoring request for readiness notification
s6-svlisten1: fatal: unable to subscribe to events for /var/run/s6/services/nordvpn: No such file or directory
Connecting...

-

A new version of NordVPN is available! Please update the application.

-

Connecting to United Kingdom #1613 (uk1613.nordvpn.com)

-
\
|
/
-
\
|

You are connected to United Kingdom #1613 (uk1613.nordvpn.com)!

-

Unstable connection detected!
2023/05/13 14:48:48 neither $XDG_CONFIG_HOME nor $HOME are defined
s6-svc: warning: /var/run/s6/services/nordvpn/notification-fd not present - ignoring request for readiness notification
s6-svlisten1: fatal: unable to subscribe to events for /var/run/s6/services/nordvpn: No such file or directory
Connecting...

-

A new version of NordVPN is available! Please update the application.

-

Connecting to United Kingdom #1613 (uk1613.nordvpn.com)

-
\
|
/
-
\
|
/
-
\
|
/

You are connected to United Kingdom #1613 (uk1613.nordvpn.com)!

-

Unstable connection detected!
2023/05/13 14:53:50 neither $XDG_CONFIG_HOME nor $HOME are defined
s6-svc: warning: /var/run/s6/services/nordvpn/notification-fd not present - ignoring request for readiness notification
s6-svlisten1: fatal: unable to subscribe to events for /var/run/s6/services/nordvpn: No such file or directory
Connecting...

-

A new version of NordVPN is available! Please update the application.

-

Connecting to United Kingdom #1613 (uk1613.nordvpn.com)

-
\
|
/
-
\
|
/
-
\
|

You are connected to United Kingdom #1613 (uk1613.nordvpn.com)!

-

Unstable connection detected!
2023/05/13 14:58:53 neither $XDG_CONFIG_HOME nor $HOME are defined
s6-svc: warning: /var/run/s6/services/nordvpn/notification-fd not present - ignoring request for readiness notification
s6-svlisten1: fatal: unable to subscribe to events for /var/run/s6/services/nordvpn: No such file or directory
Connecting...

-

A new version of NordVPN is available! Please update the application.

-

Connecting to United Kingdom #1613 (uk1613.nordvpn.com)

-
\
|
/
-
\
|
/
-
\
|
/

You are connected to United Kingdom #1613 (uk1613.nordvpn.com)!

-

Unstable connection detected!
2023/05/13 15:03:55 neither $XDG_CONFIG_HOME nor $HOME are defined
s6-svc: warning: /var/run/s6/services/nordvpn/notification-fd not present - ignoring request for readiness notification
s6-svlisten1: fatal: unable to subscribe to events for /var/run/s6/services/nordvpn: No such file or directory
Connecting...

-

A new version of NordVPN is available! Please update the application.

-

Connecting to United Kingdom #1613 (uk1613.nordvpn.com)

-
\
|
/
-
\
|
/
-
\
|
/

You are connected to United Kingdom #1613 (uk1613.nordvpn.com)!
root@b131269ea0c3:/# nordvpn status
A new version of NordVPN is available! Please update the application.
Status: Connected
Hostname: uk1613.nordvpn.com
IP: 195.206.171.141
Country: United Kingdom
City: London
Current technology: OPENVPN
Current protocol: UDP
Uptime: 1 minute 5 seconds

root@b131269ea0c3:/# ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
^C
--- 1.1.1.1 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4087ms

root@b131269ea0c3:/# ping 10.69.0.1
PING 10.69.0.1 (10.69.0.1) 56(84) bytes of data.
64 bytes from 10.69.0.1: icmp_seq=1 ttl=63 time=0.164 ms
64 bytes from 10.69.0.1: icmp_seq=2 ttl=63 time=0.282 ms
^C
--- 10.69.0.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1023ms
rtt min/avg/max/mdev = 0.164/0.223/0.282/0.059 ms

root@b131269ea0c3:/# ip r
default via 172.18.0.1 dev eth0 
10.8.0.0/16 dev nordtun proto kernel scope link src 10.8.0.166 
10.69.0.0/16 via 172.18.0.1 dev eth0 
172.18.0.0/16 dev eth0 proto kernel scope link src 172.18.0.2

Additional context This is running on a Proxmox VM with a flat /16.

Other containers on the host have internet access with no problems.

Running the above stack on my mac also does not work.

root@1e48b487d00d:/# nordvpn status
Status: Connected
Hostname: uk1613.nordvpn.com
IP: 195.206.171.141
Country: United Kingdom
City: London
Current technology: OPENVPN
Current protocol: UDP
Transfer: 0 B received, 1.34 KiB sent
Uptime: 45 seconds

root@1e48b487d00d:/# ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
--- 1.1.1.1 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2072ms

Any help would be appreciated on this one as I don't quite know what is going on.

aneurinprice commented 1 year ago

This doesnt seem to be a basic network issue as the Gluten container works just fine for me.

https://github.com/qdm12/gluetun

nivv commented 1 year ago

I have the same issue

aneurinprice commented 1 year ago

I have the same issue

I used the Gluetun container with the below config.

version: "3"
services:
  vpn:
    image: qmcgaw/gluetun
    cap_add:
      - NET_ADMIN
    environment:
      - VPN_SERVICE_PROVIDER=nordvpn
      - OPENVPN_USER=<redacted>
      - OPENVPN_PASSWORD=<redacted>
      - REGION=United Kingdom
    ports:
      - 8080:8080
nivv commented 1 year ago

I have the same issue

I used the Gluetun container with the below config.

version: "3"
services:
  vpn:
    image: qmcgaw/gluetun
    cap_add:
      - NET_ADMIN
    environment:
      - VPN_SERVICE_PROVIDER=nordvpn
      - OPENVPN_USER=<redacted>
      - OPENVPN_PASSWORD=<redacted>
      - REGION=United Kingdom
    ports:
      - 8080:8080

Thanks! Gluetun works like a charm!
crryp commented 1 year ago

Same issue here, if i /bin/bash on the container it self and i type curl ifconfig.me it gives me the vpn IP But whenever i connect any container that container will not have an internet connection.

Using a synology nas with docker.

pizzaserved commented 1 year ago

I have the same issue as @crryp. the container says it's connected, but other containers (bash-test in this case) can't access the internet. I'm pinging 8.8.8.8 with no results. and google.com says bad address

Tried TECHNOLOGY as NordLynx/OpenVPN. Tried with and without DNS=... Using ports 8090:8080 as 8080:.. is already taken, although I'm not sure I need this as I'm not interested in Ingress traffic (at least for now)

Weird thing is on another machine it doesn't even connect (it tries to connect to several vpn servers and it fails, with the same docker compose file)

services:
  bdapi-vpn:
    image: ghcr.io/bubuntux/nordvpn
    container_name: bdapi-vpn
    cap_add:
      - NET_ADMIN               # Required
      - NET_RAW                 # Required
    environment:                # Review https://github.com/bubuntux/nordvpn#environment-variables
      - TOKEN=<redacted>     # Required
      # - CONNECT=United_States
      - CONNECT=Spain
      # - TECHNOLOGY=NordLynx
      - TECHNOLOGY=OpenVPN
      - NETWORK=192.168.1.0/24  # So it can be accessed within the local network
      - DNS=1.1.1.1,8.8.8.8
    ports:
      - 8090:8080
    sysctls:
      - net.ipv6.conf.all.disable_ipv6=1  # Recomended if using ipv4 only

  bash-test:
    image: bash
    network_mode: service:bdapi-vpn
    depends_on:
      - bdapi-vpn
    command: sleep 9999999
github-actions[bot] commented 1 year ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

olijf commented 1 year ago

I am still having this issue...!

frank-besson commented 1 year ago

me too!

xucian commented 1 year ago

it constantly disconnects too, making my app unusable. I have to restart the containers every 2-3 hours. is that the expected behavior? I want to run a semi-permanent server that uses nordvpn. no luck so far

nivv commented 1 year ago

use gluetun instead, works very reliably

xucian commented 1 year ago

use gluetun instead, works very reliably

actually that's what I started using a while ago, because I couldn't get other solutions to work, but the issue remains. it keeps disconnecting while I was expecting 5 connections to always be active

olijf commented 1 year ago

Have you guys checked the loggin on the container startup? It kinda suggests switching over to the new project.

I am pretty sure the author has stopped supporting this project. Unless you have a good reason to use the old NordVPN protocol (like having AES-NI cpu capabilities) I would suggest switching to the new project that uses nordlynx and wireguard: https://github.com/bubuntux/nordlynx/ Wireguard uses cha-cha so can be run faster on even the more simpler CPU's like raspberry pi/router/NAS etc. Hopefully this helps you all guys!