Inactivity timeout on PIA

[rourke]

I'm running this on Ubuntu Server 16.04 LTS on a VPS from OVH. This happens over and over. Best show the logs:

Using OpenVPN provider: PIA
Starting OpenVPN using config Netherlands.ovpn
Setting OPENVPN credentials...
adding route to local network 46.255.125.216/32 via 172.18.0.1 dev eth0
Tue Apr 18 15:49:47 2017 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec  1 2014
Tue Apr 18 15:49:47 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Tue Apr 18 15:49:47 2017 UDPv4 link local: [undef]
Tue Apr 18 15:49:47 2017 UDPv4 link remote: [AF_INET]46.166.188.200:1198
Tue Apr 18 15:49:47 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Apr 18 15:50:47 2017 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Apr 18 15:50:47 2017 TLS Error: TLS handshake failed
Tue Apr 18 15:50:47 2017 SIGUSR1[soft,tls-error] received, process restarting
Tue Apr 18 15:50:49 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Tue Apr 18 15:50:49 2017 UDPv4 link local: [undef]
Tue Apr 18 15:50:49 2017 UDPv4 link remote: [AF_INET]46.166.188.238:1198
Tue Apr 18 15:51:49 2017 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Apr 18 15:51:49 2017 TLS Error: TLS handshake failed
Tue Apr 18 15:51:49 2017 SIGUSR1[soft,tls-error] received, process restarting
Tue Apr 18 15:51:51 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Tue Apr 18 15:51:51 2017 UDPv4 link local: [undef]
Tue Apr 18 15:51:51 2017 UDPv4 link remote: [AF_INET]46.166.188.204:1198
Tue Apr 18 15:52:51 2017 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Apr 18 15:52:51 2017 TLS Error: TLS handshake failed
Tue Apr 18 15:52:51 2017 SIGUSR1[soft,tls-error] received, process restarting
Tue Apr 18 15:52:53 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Tue Apr 18 15:52:53 2017 UDPv4 link local: [undef]
Tue Apr 18 15:52:53 2017 UDPv4 link remote: [AF_INET]46.166.186.245:1198
Tue Apr 18 15:53:53 2017 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Apr 18 15:53:53 2017 TLS Error: TLS handshake failed
Tue Apr 18 15:53:53 2017 SIGUSR1[soft,tls-error] received, process restarting
Tue Apr 18 15:53:55 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Tue Apr 18 15:53:55 2017 UDPv4 link local: [undef]
Tue Apr 18 15:53:55 2017 UDPv4 link remote: [AF_INET]109.201.152.229:1198
Tue Apr 18 15:54:55 2017 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Apr 18 15:54:55 2017 TLS Error: TLS handshake failed
Tue Apr 18 15:54:55 2017 SIGUSR1[soft,tls-error] received, process restarting
Tue Apr 18 15:54:57 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Tue Apr 18 15:54:57 2017 UDPv4 link local: [undef]
Tue Apr 18 15:54:57 2017 UDPv4 link remote: [AF_INET]109.201.152.229:1198
Tue Apr 18 15:55:57 2017 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Apr 18 15:55:57 2017 TLS Error: TLS handshake failed
Tue Apr 18 15:55:57 2017 SIGUSR1[soft,tls-error] received, process restarting
Tue Apr 18 15:55:59 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Tue Apr 18 15:55:59 2017 UDPv4 link local: [undef]
Tue Apr 18 15:55:59 2017 UDPv4 link remote: [AF_INET]109.201.138.239:1198
Tue Apr 18 15:56:59 2017 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Apr 18 15:56:59 2017 TLS Error: TLS handshake failed
Tue Apr 18 15:56:59 2017 SIGUSR1[soft,tls-error] received, process restarting
Tue Apr 18 15:57:01 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Tue Apr 18 15:57:01 2017 UDPv4 link local: [undef]
Tue Apr 18 15:57:01 2017 UDPv4 link remote: [AF_INET]109.201.152.229:1198
Tue Apr 18 15:57:36 2017 [df30ef79cd4a9048a674c2b8cd19e60e] Peer Connection Initiated with [AF_INET]109.201.152.229:1198
Tue Apr 18 15:57:38 2017 TUN/TAP device tun0 opened
Tue Apr 18 15:57:38 2017 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Apr 18 15:57:38 2017 /sbin/ip link set dev tun0 up mtu 1500
Tue Apr 18 15:57:38 2017 /sbin/ip addr add dev tun0 local 10.27.10.6 peer 10.27.10.5
Tue Apr 18 15:57:38 2017 /etc/transmission/start.sh tun0 1500 1558 10.27.10.6 10.27.10.5 init
Updating TRANSMISSION_BIND_ADDRESS_IPV4 to the ip of tun0 : 10.27.10.6
Generating transmission settings.json from env variables
Setting owner for transmission paths to 1000:1000

-------------------------------------
Transmission will run as
-------------------------------------
User name:   abc
User uid:    1000
User gid:    1000
-------------------------------------

STARTING TRANSMISSION
CONFIGURING PORT FORWARDING
Transmission startup script complete.
Tue Apr 18 15:57:38 2017 Initialization Sequence Completed
Got new port 46396 from PIA
transmission auth not required
localhost:9091/transmission/rpc/ responded: "success"
Checking port...
Port is open: Yes
Tue Apr 18 15:57:53 2017 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #6366 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Tue Apr 18 15:57:53 2017 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #6388 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Tue Apr 18 16:04:56 2017 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #23692 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
Tue Apr 18 16:06:44 2017 [df30ef79cd4a9048a674c2b8cd19e60e] Inactivity timeout (--ping-exit), exiting
Tue Apr 18 16:06:44 2017 /sbin/ip addr del dev tun0 local 10.27.10.6 peer 10.27.10.5
Tue Apr 18 16:06:44 2017 /etc/transmission/stop.sh tun0 1500 1558 10.27.10.6 10.27.10.5 init
Tue Apr 18 16:06:44 2017 SIGTERM[soft,ping-exit] received, process exiting

And here is my docker-compose.yml

version: "3"
services:

  transmission:
    image: haugene/transmission-openvpn
    container_name: transmission
    privileged: true
    restart: always
    ports:
      - "9091:9091"
      - "51413:51413"
    dns:
      - 8.8.8.8
      - 8.8.4.4
    networks:
      - plexnet
    environment:
      - PUID=1000
      - PGID=1000
      - OPENVPN_PROVIDER=${VPN_PROVIDER}
      - OPENVPN_CONFIG=${VPN_CONFIG}
      - OPENVPN_USERNAME=${VPN_USERNAME}
      - OPENVPN_PASSWORD=${VPN_PASSWORD}
      - OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60
      - LOCAL_NETWORK=46.255.125.216/32
    volumes:
      - ${MOUNT_POINT}/downloads:/data
      - /etc/localtime:/etc/localtime:ro

  proxy:
    image: haugene/transmission-openvpn-proxy
    container_name: transmission-proxy
    links:
      - transmission
    ports:
      - 8080:8080
    depends_on:
      - "transmission"
    networks:
      - plexnet
    volumes:
      - /etc/localtime:/etc/localtime:ro

networks:
  plexnet:
    driver: bridge

[rourke]

Switched to a dedicated server and seeing improvement. So the previous server might be the problem. Will test this more.

[haugene]

Can't say I've seen this before. It's in the OpenVPN FAQ but I guess you've already googled as much :)

Let me know how it goes and if you find some more clues.

[rourke]

The new server fixed it, so I left it for what it was. Thanks. :)

Marking this issue as solved.