curl icanhazip.com giving me different ip after every restart

[mouzzampk2014-zz]

Hi,

I think I am missing something. I added torguard .ovpn and also forwarded the incoming port but I am not getting same ip I have in .ovpn. Not sure where I am going wrong with configuration :). I already tried two or three .ovpn but I am getting different ip thank I have in .ovpn. Thank you

This one I am using in terminal to find the ip docker exec -it transmissionvpn curl icanhazip.com

.ovpn file is in this location /home/pi/.config/appdata/.openvpn

This is my compose

  transmissionvpn:
    image: haugene/transmission-openvpn:dev-armhf
    hostname: Tail
    ports:
      - 51413:51413
      - 51413:51413/udp
      - 6881:6881
      - 6881:6881/udp
      - 9091:9091
    cap_add:
      - NET_ADMIN
    container_name: transmissionvpn
    devices:
      - /dev/net/tun
    dns:
      - 1.1.1.1
      - 8.8.8.8
    environment:
      - CREATE_TUN_DEVICE=true
      - LOCAL_NETWORK=192.168.1.0/24
      - OPENVPN_OPTS=
      - OPENVPN_PASSWORD=${VPN_PASS}
      - OPENVPN_PROVIDER=TORGUARD
      - OPENVPN_USERNAME=${VPN_USER}
      - PGID=1000
      - PUID=1000
      - TRANSMISSION_DOWNLOAD_DIR=/storage/downloads
      - TRANSMISSION_HOME=/config
      - TRANSMISSION_INCOMPLETE_DIR=/storage/downloads
      - TRANSMISSION_WATCH_DIR=/storage/downloads
      - TZ=Europe/London
    logging:
      driver: json-file
      options:
        max-file: 10
        max-size: 200k
    restart: unless-stopped
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /home/pi/.config/appdata/transmissionvpn:/config
      - /mnt:/storage
      - /home/pi/.config/appdata/.openvpn:/config/openvpn
      - /home/pi/.config/appdata/.openvpn:/etc/openvpn/custom/

[mouzzampk2014-zz]

I recreated the container but this time without .ovpn file. I am not sure why I am able to access the webui when there is no .ovpn inside the container and also there is ip assigned.

[ilike2burnthing]

You don't need to add the device /dev/net/tun if you're using CREATE_TUN_DEVICE=true.

[mouzzampk2014-zz]

I removed the /dev/net/tun and recreated the image from scratch and still different ip then my vpn provider

[mouzzampk2014-zz]

I should have this ip 109.123.xxx.xx but I am seeing this 185.156.xxx.xxx

[ilike2burnthing]

Check with ip r.

Then add the env DROP_DEFAULT_ROUTE=true, redeploy, and check with ip r again.

https://haugene.github.io/docker-transmission-openvpn/arguments/#dropping_default_route_from_iptables_advanced

[mouzzampk2014-zz]

Thank you for helping me out with this. Shall I post the ip r output here? I have output of both. Thanks

[mouzzampk2014-zz]

After I added DROP_DEFAULT_ROUTE=true

0.0.0.0/1 via 10.35.0.9 dev tun0 
10.35.0.1 via 10.35.0.9 dev tun0 
10.35.0.9 dev tun0 proto kernel scope link src 10.35.0.10 
128.0.0.0/1 via 10.35.0.9 dev tun0 
172.18.0.0/16 dev eth0 proto kernel scope link src 172.18.0.5 
185.156.xxx.xxx via 172.18.0.1 dev eth0 
192.168.1.0/24 via 172.18.0.1 dev eth0 

Before I added DROP_DEFAULT_ROUTE=true

0.0.0.0/1 via 10.35.0.5 dev tun0 
default via 172..18.0.1 dev eth0
10.35.0.1 via 10.35.0.5 dev tun0 
10.35.0.5 dev tun0 proto kernel scope link src 10.35.0.6
128.0.0.0/1 via 10.35.0.5 dev tun0 
172.18.0.0/16 dev eth0 proto kernel scope link src 172.18.0.5 
185.156.xxx.xxx via 172.18.0.1 dev eth0 
192.168.1.0/24 via 172.18.0.1 dev eth0 

[mouzzampk2014-zz]

Still displaying the different ip

[ilike2burnthing]

Can you post your log for the container?

@RickyXwang can you take a look at this? Ta

[mouzzampk2014-zz]

Here we go, thank you https://pastebin.com/A3Jejrqn

[xoverride]

I don't see any issue with your log. And I am not so sure what is the issue you are having. You said that the IP in the routing table (the IP of the VPN server you connected to) is not correct? Are you saying that you are not connecting to the desired server? First, in your .openvpn file, is the remote host given as a hostname or an IP address? I would think it is a hostname because this would not happen with a fixed IP. Now, where do you find the IP you think you should have? This really depends on what DNS you are using. For example: If in your .openvpn file you have server host as: remote usa-washingtondc-ca-version-2.expressnetw.com XXXX now if you do nslookup inside the container with nslookup usa-washingtondc-ca-version-2.expressnetw.com, You should see something like this: Server: 8.8.8.8 Address: 8.8.8.8#53

Non-authoritative answer: Name: usa-washingtondc-ca-version-2.expressnetw.com Address: 45.41.180.8 Name: usa-washingtondc-ca-version-2.expressnetw.com Address: 45.41.180.53 Name: usa-washingtondc-ca-version-2.expressnetw.com Address: 45.41.180.38 Name: usa-washingtondc-ca-version-2.expressnetw.com Address: 45.41.180.23 Notice above, I am querying the google DNS. If you are using a different DNS, the result may be different. Even with the same DNS, the result may still be different because of the IP you are querying from (If CDN is used).

This result should match the 185.156.xxx.xxx via 172.18.0.1 dev eth0 record you are seeing in the IP route table, in a given time(Before server's IP get change).

Now if you are using the OpenVPN provider: TORGUARD, and is using the default one (without set the OpenVPN endpoint to connect to), it will use TORGUARD -> Netherlands.ovpn in the current version. Which have:

remote nl.torguard.com 1912 remote 88.202.177.181 1912

Now the OpenVPN client configuration can refer to multiple servers for load balancing and failover. For example: It will direct the OpenVPN client to attempt a connection with server1, server2, and server3 in order. If an existing connection is broken, the OpenVPN client will retry the most recently connected server, and if that fails, will move on to the next server on the list.

Let me know if this helps, or I still didn't answer your question.

[mouzzampk2014-zz]

Thank you so much for looking into this for me.

First I lookup for server by pinging the address ping uk.torguard.com and then I use this ip to generate the .ovpn file from torguard. Then I forward number of ports against this ip.

In my .ovpn I have remote 109.12x.xxx.xx 995 so when I run curl icanhazip.com inside the container I am expecting this ip 109.12x.xxx.xx so transmission can utilise the open ports.

I hope this makes sense.

I done couple of tests with other vpn clients just to check if I am doing anything wrong but I am getting expected ip which is 109.12x.xxx.xx.

I also removed the .ovpn file and left the username and password and I can still access the webui without any issues, if I remove the username and password too then transmissionvpn fail to load (yes thats what I was expecting).

I am literally not sure what I am doing wrong here :)

[mouzzampk2014-zz]

I also tried to use the ip generated by transmissionvpn in torguard to forward the port but unfortunately the ip changes after every restart :)

[xoverride]

Ok, so here is the point, The server IP where you connected, is not necessary your IP address. And in most cases, it does not (For resource sharing and security reasons, and yes, it is normal/and usually desired behavior that your IP address changes every time you connect to a server, even if is the same server). What you probably asking/want is something called Dedicated IP VPN. You can contact torguard and see if they offer Dedicated IP and ask how to set that up (usually there is an additional charge if they offer dedicated IP service).

Note that using a Dedicated IP VPN will affect your online privacy, you may want to do some more research before deciding using one, usually download with torrent does not require you have a dedicated IP and port open, upload is another story, so there is a trade-off here.

[mouzzampk2014-zz]

Thats the issue, I also have dedicated ip which I normally don't use it for torrenting but for todays test I tried the dedicated ip and still somehow tranmissionvpn is not picking the .ovpn file.

[mouzzampk2014-zz]

In my understanding if there is no .ovpn file inside the container then container should failed to load and I won't be able to access the webui. Unless I am wrong :)

[xoverride]

If you set OPENVPN_PROVIDER=torguard it will use the build-in .ovpn files. If you want it to use the .ovpn file you provide, you should use a custom provider, described in detail here https://haugene.github.io/docker-transmission-openvpn/supported-providers/ at the bottom of the page. Please pay attention to those little things as I have seen many come back with an issue already described there.

[mouzzampk2014-zz]

Great work and definitely set apart from other torrent clients the way guys have setup the transmissionvpn.

Working perfectly fine. Thank you so much for the responses. Ta