Closed tomhalley closed 9 months ago
philippe554
commented
2 years ago Not sure if it is related. I'm also using NordVPN, and for about a week, I need to regularly restart the docker container. After a stop and start, it works again for a short period of time. I will check the logs next time it happens.
marcelrv
commented
2 years ago EDIT: I resolved my issue by fiddling with the various settings,. Removing NORDVPN_COUNTRY in my case did the trick.
I also don't know if related, been using NordVPN for years now , but it remains in starting, as it can't ping any hosts. DNS resolution seems to work fine, but pinging not
Last output | PING google.com (142.251.36.46) 56(84) bytes of data. --- google.com ping statistics --- 10 packets transmitted, 0 received, 100% packet loss, time 9205ms Network is down
In the log no obvious errors
Executing setup script for NORDVPN
2022-07-14 16:02:21 Checking curl installation
2022-07-14 16:02:21 Removing existing configs
2022-07-14 16:02:21 Selecting the best server...
2022-07-14 16:02:21 Searching for group: legacy_p2p
2022-07-14 16:02:21 Searching for technology: openvpn_udp
2022-07-14 16:02:21 Best server : nl400.nordvpn.com
2022-07-14 16:02:21 Downloading config: default.ovpn
2022-07-14 16:02:21 Downloading from: https://downloads.nordcdn.com/configs/files/ovpn_udp/servers/nl400.nordvpn.com.udp.ovpn
2022-07-14 16:02:21 Selecting the best server...
2022-07-14 16:02:21 Searching for country : NL (153)
2022-07-14 16:02:21 Searching for group: legacy_p2p
2022-07-14 16:02:21 Searching for technology: openvpn_udp
2022-07-14 16:02:21 Best server : nl400.nordvpn.com
2022-07-14 16:02:21 Downloading config: nl400.nordvpn.com.ovpn
2022-07-14 16:02:21 Downloading from: https://downloads.nordcdn.com/configs/files/ovpn_udp/servers/nl400.nordvpn.com.udp.ovpn
Starting OpenVPN using config nl400.nordvpn.com.ovpn
Modifying /etc/openvpn/nordvpn/nl400.nordvpn.com.ovpn for best behaviour in this container
Modification: Point auth-user-pass option to the username/password file
Modification: Change ca certificate path
Modification: Change ping options
Modification: Update/set resolv-retry to 15 seconds
Modification: Change tls-crypt keyfile path
Modification: Set output verbosity to 3
Modification: Remap SIGUSR1 signal to SIGTERM, avoid OpenVPN restart loop
Setting OpenVPN credentials...
adding route to local network 192.168.3.0/24 via 172.19.0.1 dev eth0
Thu Jul 14 16:02:23 2022 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar 22 2022
Thu Jul 14 16:02:23 2022 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Thu Jul 14 16:02:23 2022 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Jul 14 16:02:23 2022 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Jul 14 16:02:23 2022 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Jul 14 16:02:23 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]217.23.2.31:1194
Thu Jul 14 16:02:23 2022 Socket Buffers: R=[212992->212992] S=[212992->212992]
Thu Jul 14 16:02:23 2022 UDP link local: (not bound)
Thu Jul 14 16:02:23 2022 UDP link remote: [AF_INET]217.23.2.31:1194
SELFHEAL: Container is starting, waiting for it to become healthy...
Thu Jul 14 16:02:23 2022 TLS: Initial packet from [AF_INET]217.23.2.31:1194, sid=1ccee9ab a8843ac8
Thu Jul 14 16:02:23 2022 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu Jul 14 16:02:23 2022 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA
Thu Jul 14 16:02:23 2022 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA7
Thu Jul 14 16:02:23 2022 VERIFY KU OK
Thu Jul 14 16:02:23 2022 Validating certificate extended key usage
Thu Jul 14 16:02:23 2022 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Thu Jul 14 16:02:23 2022 VERIFY EKU OK
Thu Jul 14 16:02:23 2022 VERIFY OK: depth=0, CN=nl400.nordvpn.com
Thu Jul 14 16:02:23 2022 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 4096 bit RSA
Thu Jul 14 16:02:23 2022 [nl400.nordvpn.com] Peer Connection Initiated with [AF_INET]217.23.2.31:1194
Thu Jul 14 16:02:25 2022 SENT CONTROL [nl400.nordvpn.com]: 'PUSH_REQUEST' (status=1)
Thu Jul 14 16:02:25 2022 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 103.86.96.100,dhcp-option DNS 103.86.99.100,sndbuf 524288,rcvbuf 524288,explicit-exit-notify,comp-lzo no,route-gateway 10.8.0.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.8.1.194 255.255.0.0,peer-id 110,cipher AES-256-GCM'
Thu Jul 14 16:02:25 2022 OPTIONS IMPORT: timers and/or timeouts modified
Thu Jul 14 16:02:25 2022 OPTIONS IMPORT: explicit notify parm(s) modified
Thu Jul 14 16:02:25 2022 OPTIONS IMPORT: compression parms modified
Thu Jul 14 16:02:25 2022 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Thu Jul 14 16:02:25 2022 Socket Buffers: R=[212992->1048576] S=[212992->1048576]
Thu Jul 14 16:02:25 2022 OPTIONS IMPORT: --ifconfig/up options modified
Thu Jul 14 16:02:25 2022 OPTIONS IMPORT: route options modified
Thu Jul 14 16:02:25 2022 OPTIONS IMPORT: route-related options modified
Thu Jul 14 16:02:25 2022 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu Jul 14 16:02:25 2022 OPTIONS IMPORT: peer-id set
Thu Jul 14 16:02:25 2022 OPTIONS IMPORT: adjusting link_mtu to 1657
Thu Jul 14 16:02:25 2022 OPTIONS IMPORT: data channel crypto options modified
Thu Jul 14 16:02:25 2022 Data Channel: using negotiated cipher 'AES-256-GCM'
Thu Jul 14 16:02:25 2022 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Jul 14 16:02:25 2022 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Jul 14 16:02:25 2022 ROUTE_GATEWAY 172.19.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:13:00:02
Thu Jul 14 16:02:25 2022 TUN/TAP device tun0 opened
Thu Jul 14 16:02:25 2022 TUN/TAP TX queue length set to 100
Thu Jul 14 16:02:25 2022 /sbin/ip link set dev tun0 up mtu 1500
Thu Jul 14 16:02:25 2022 /sbin/ip addr add dev tun0 10.8.1.194/16 broadcast 10.8.255.255
Thu Jul 14 16:02:25 2022 /etc/openvpn/tunnelUp.sh tun0 1500 1585 10.8.1.194 255.255.0.0 init
Up script executed with tun0 1500 1585 10.8.1.194 255.255.0.0 init
Updating TRANSMISSION_BIND_ADDRESS_IPV4 to the ip of tun0 : 10.8.1.194
Updating Transmission settings.json with values from env variables
Using existing settings.json for Transmission /data/transmission-home/settings.json
Overriding bind-address-ipv4 because TRANSMISSION_BIND_ADDRESS_IPV4 is set to 10.8.1.194
Overriding download-dir because TRANSMISSION_DOWNLOAD_DIR is set to /data/download
Overriding incomplete-dir because TRANSMISSION_INCOMPLETE_DIR is set to /data/incomplete
Overriding rpc-port because TRANSMISSION_RPC_PORT is set to 9091
Overriding watch-dir because TRANSMISSION_WATCH_DIR is set to /data/watch
sed'ing True to true
-------------------------------------
Transmission will run as
-------------------------------------
User name: root
User uid: 0
User gid: 0
-------------------------------------
STARTING TRANSMISSION
Transmission startup script complete.
Privoxy: Starting
Privoxy: Using config file at /etc/privoxy/config
Privoxy: Setting port to 8888
Privoxy: Running as PID 107
Thu Jul 14 16:02:27 2022 /sbin/ip route add 217.23.2.31/32 via 172.19.0.1
Thu Jul 14 16:02:27 2022 /sbin/ip route add 0.0.0.0/1 via 10.8.0.1
Thu Jul 14 16:02:27 2022 /sbin/ip route add 128.0.0.0/1 via 10.8.0.1
Thu Jul 14 16:02:27 2022 Initialization Sequence Completed
MastaG
commented
2 years ago Same here using NordVPN.
PING google.com (142.251.36.46) 56(84) bytes of data. --- google.com ping statistics --- 11 packets transmitted, 0 received, 100% packet loss, time 9999ms Network is down
I've tried to remove the country but it still wont ping...
Is there a pinned issue for this?
Is there an existing or similar issue/discussion for this?
Is there any comment in the documentation for this?
Is this related to a provider?
Are you using the latest release?
Have you tried using the dev branch latest?
Docker run config used
version: '3.3' services: media-vault: cap_add:
volumes: nfs-elements: driver_opts: type: "cifs" o: "username=anon,password=password,file_mode=0777,dir_mode=0777,vers=1.0" device: "//192.168.1.1/Elements/public"
Current Behavior
Everytime I start the container it gets stuck on "Selecting the best server". Have tried various combinations. Logs never progress past this step.
Expected Behavior
OpenVPN connects and the transmission server becomes accessible
How have you tried to solve the problem?
Tried
latestanddevtags Tried changing between FR and GB. Changing OPENVPN_CONFIG to undefined, setting tofrance. Tried CURL to NordVPN api from machine to check for rate limiting, no problem immediately downloading response. Tried changing technology between tcp and udpdocker-compose up --context media-vault up -d --force-recreateLog output
mediavault-media-vault-1 | Starting container with revision: 44c82aa1297b0f4473ad141f2cea326b407d9c22 mediavault-media-vault-1 | Creating TUN device /dev/net/tun mediavault-media-vault-1 | Using OpenVPN provider: NORDVPN mediavault-media-vault-1 | Running with VPN_CONFIG_SOURCE auto mediavault-media-vault-1 | Provider NORDVPN has a bundled setup script. Defaulting to internal config mediavault-media-vault-1 | Executing setup script for NORDVPN mediavault-media-vault-1 | Downloading user specified config. NORDVPN_PROTOCOL is set to: tcp mediavault-media-vault-1 | 2022-07-05 19:44:18 Checking curl installation mediavault-media-vault-1 | 2022-07-05 19:44:18 Removing existing configs mediavault-media-vault-1 | 2022-07-05 19:44:18 Selecting the best server...
HW/SW Environment
Anything else?
N/A