Closed JoooostB closed 6 years ago
igoiko
commented
6 years ago Hi, looking at the log there are 2 problems with the transmission-home directory. settings.json said its a read only. Transmission always rewrite this file on shutdown, so need to be writable. The other file looks like some tmp name or something like that. I will check the permisions of the /data/transmission-home in the host.
JoooostB
commented
6 years ago Hi @igoiko, I fixed the settings.json issue and now it does actually connect to some peers; but it still doesn't start a download. Looking in the logs:
[2018-07-04 15:14:16.779] LinuxISO Could not connect to tracker (announcer.c:996)
It's running in privileged mode, so permissions should'nt be an issue.
However, I did find the following:
[2018-07-04 15:20:22.584] UDP Failed to set receive buffer: requested 4194304, got 425984 (tr-udp.c:84)
[2018-07-04 15:20:22.584] UDP Please add the line "net.core.rmem_max = 4194304" to /etc/sysctl.conf (tr-udp.c:89)
[2018-07-04 15:20:22.584] UDP Failed to set send buffer: requested 1048576, got 425984 (tr-udp.c:95)
[2018-07-04 15:20:22.584] UDP Please add the line "net.core.wmem_max = 1048576" to /etc/sysctl.conf (tr-udp.c:100)And the docker logs:
[root@rancher transmission-home]# docker logs 19472074973b
Using OpenVPN provider: NORDVPN
2 servers found in OPENVPN_CONFIG, nl236.nordvpn.com.tcp chosen randomly
Supplied config nl236.nordvpn.com.tcp.ovpn could not be found.
Using default OpenVPN gateway for provider nordvpn
Setting OPENVPN credentials...
Wed Jul 4 15:25:07 2018 OpenVPN 2.4.6 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 24 2018
Wed Jul 4 15:25:07 2018 library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08
Wed Jul 4 15:25:07 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed Jul 4 15:25:07 2018 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Jul 4 15:25:07 2018 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Jul 4 15:25:07 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]185.44.76.155:1194
Wed Jul 4 15:25:07 2018 Socket Buffers: R=[212992->212992] S=[212992->212992]
Wed Jul 4 15:25:07 2018 UDP link local: (not bound)
Wed Jul 4 15:25:07 2018 UDP link remote: [AF_INET]185.44.76.155:1194
Wed Jul 4 15:25:07 2018 TLS: Initial packet from [AF_INET]185.44.76.155:1194, sid=fee1ea49 8f5f2e6d
Wed Jul 4 15:25:07 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Jul 4 15:25:07 2018 VERIFY OK: depth=1, C=PA, ST=PA, L=Panama, O=NordVPN, OU=NordVPN, CN=uk50.nordvpn.com, name=NordVPN, emailAddress=cert@nordvpn.com
Wed Jul 4 15:25:07 2018 VERIFY KU OK
Wed Jul 4 15:25:07 2018 Validating certificate extended key usage
Wed Jul 4 15:25:07 2018 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Wed Jul 4 15:25:07 2018 VERIFY EKU OK
Wed Jul 4 15:25:07 2018 VERIFY OK: depth=0, C=PA, ST=PA, L=Panama, O=NordVPN, OU=NordVPN, CN=uk50.nordvpn.com, name=NordVPN, emailAddress=cert@nordvpn.com
Wed Jul 4 15:25:07 2018 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Wed Jul 4 15:25:07 2018 [uk50.nordvpn.com] Peer Connection Initiated with [AF_INET]185.44.76.155:1194
Wed Jul 4 15:25:08 2018 SENT CONTROL [uk50.nordvpn.com]: 'PUSH_REQUEST' (status=1)
Wed Jul 4 15:25:08 2018 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,sndbuf 524288,rcvbuf 524288,dhcp-option DNS 103.86.96.100,dhcp-option DNS 103.86.99.100,route-gateway 10.8.8.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.8.8.78 255.255.255.0,peer-id 19,cipher AES-256-GCM'
Wed Jul 4 15:25:08 2018 OPTIONS IMPORT: timers and/or timeouts modified
Wed Jul 4 15:25:08 2018 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Wed Jul 4 15:25:08 2018 Socket Buffers: R=[212992->425984] S=[212992->425984]
Wed Jul 4 15:25:08 2018 OPTIONS IMPORT: --ifconfig/up options modified
Wed Jul 4 15:25:08 2018 OPTIONS IMPORT: route options modified
Wed Jul 4 15:25:08 2018 OPTIONS IMPORT: route-related options modified
Wed Jul 4 15:25:08 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Jul 4 15:25:08 2018 OPTIONS IMPORT: peer-id set
Wed Jul 4 15:25:08 2018 OPTIONS IMPORT: adjusting link_mtu to 1657
Wed Jul 4 15:25:08 2018 OPTIONS IMPORT: data channel crypto options modified
Wed Jul 4 15:25:08 2018 Data Channel: using negotiated cipher 'AES-256-GCM'
Wed Jul 4 15:25:08 2018 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Wed Jul 4 15:25:08 2018 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Wed Jul 4 15:25:08 2018 ROUTE_GATEWAY 10.42.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:cf:15:77:48:3b
Wed Jul 4 15:25:08 2018 TUN/TAP device tun0 opened
Wed Jul 4 15:25:08 2018 TUN/TAP TX queue length set to 100
Wed Jul 4 15:25:08 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Wed Jul 4 15:25:08 2018 /sbin/ip link set dev tun0 up mtu 1500
Wed Jul 4 15:25:08 2018 /sbin/ip addr add dev tun0 10.8.8.78/24 broadcast 10.8.8.255
Wed Jul 4 15:25:08 2018 /etc/openvpn/tunnelUp.sh tun0 1500 1585 10.8.8.78 255.255.255.0 init
Up script executed with tun0 1500 1585 10.8.8.78 255.255.255.0 init
Updating TRANSMISSION_BIND_ADDRESS_IPV4 to the ip of tun0 : 10.8.8.78
Generating transmission settings.json from env variables
sed'ing True to true
-------------------------------------
Transmission will run as
-------------------------------------
User name: root
User uid: 0
User gid: 0
-------------------------------------
STARTING TRANSMISSION
NO PORT UPDATER FOR THIS PROVIDER
Transmission startup script complete.
Wed Jul 4 15:25:08 2018 /sbin/ip route add 185.44.76.155/32 via 10.42.0.1
Wed Jul 4 15:25:08 2018 /sbin/ip route add 0.0.0.0/1 via 10.8.8.1
Wed Jul 4 15:25:08 2018 /sbin/ip route add 128.0.0.0/1 via 10.8.8.1
Wed Jul 4 15:25:08 2018 Initialization Sequence Completed
igoiko
commented
6 years ago Hi, to solve the mem warnings do what log said, add those 2 lines in the file and restart the container. This happens because transmission is trying to use more memory than the asigned by docker to the container. About the download, if you get peers may be i will let it run some time to update trackers.
JoooostB
commented
6 years ago I did, and after running for about a day now nothing changed. Connecting to peers work, but it won't download (or sometimes at ~10ish KB/s). On my desktop client however I max out my ISP....
igoiko
commented
6 years ago take a look at the transmission.log in transmission-home to see if there is any clue
JoooostB
commented
6 years ago The log is filled with "Could not connect to tracker". But I can't really explain why, because other network related processes work fine in the same container (also through the VPN)
igoiko
commented
6 years ago my last idea is to look at the ports. May be the port is blocked. But at this point im out of options. :)
JoooostB
commented
6 years ago It's not DNS... There's no way it's DNS
While some lookups worked fine in the container, I looked in the /etc/resolv.conf again noticing that the following IP was present: 169.254.169.250 Tried pinging it, no response. Googled the IP: It was the internal name server from Rancher (my docker manager). It couldn't reach the local DNS server through the VPN and the configured records from the Docker command were commented in the resolv.conf. IT WAS DNS
After troubleshooting for a couple of hours now, I don't know where to look anymore. The container is running seamlessly and is connected to NordVPN as expected. However, when I add a torrent to Transmission it does not pass the retrieving metadata phase:
My first thought: "There is probably something wrong with the VPN connection." I entered the container, did some speedtests and checked my external IP. The result? See for yourself:
What am I missing here?
Thanks in advance.