Cannot resolve surfshark custom ovpn.

[anon-127]

λ vopono -v exec --protocol openvpn --custom custom_openvpn.ovpn "fish"
 2021-06-29T10:23:56.018Z DEBUG vopono::util > Using config dir from XDG dirs: /home/bc7/.config
 2021-06-29T10:23:56.018Z DEBUG vopono::util > Cleaning dead lock files...
 2021-06-29T10:23:57.026Z DEBUG vopono::pulseaudio > Setting PULSE_SERVER to /run/user/1000/pulse/native
 2021-06-29T10:23:57.026Z INFO  vopono::util       > Calling sudo for elevated privileges, current user will be used as default user
 2021-06-29T10:23:57.026Z DEBUG vopono::util       > Args: ["vopono", "-v", "exec", "--protocol", "openvpn", "--custom", "custom_openvpn.ovpn", "fish"]
 2021-06-29T10:23:57.168Z DEBUG vopono::util > Using config dir from $SUDO_USER config: /home/bc7/.config
 2021-06-29T10:23:57.168Z DEBUG vopono::util > Cleaning dead lock files...
 2021-06-29T10:23:58.176Z DEBUG vopono::pulseaudio > Setting PULSE_SERVER to /run/user/1000/pulse/native
 2021-06-29T10:23:58.176Z DEBUG vopono::util       > Using config dir from $SUDO_USER config: /home/bc7/.config
 2021-06-29T10:23:58.177Z DEBUG vopono::util       > Existing namespaces: []
 2021-06-29T10:23:58.177Z DEBUG vopono::util       > Using config dir from $SUDO_USER config: /home/bc7/.config
 2021-06-29T10:23:58.177Z DEBUG vopono::util       > Using config dir from $SUDO_USER config: /home/bc7/.config
 2021-06-29T10:23:58.177Z DEBUG vopono::exec       > vopono config.toml: configuration property "firewall" not found
 2021-06-29T10:23:58.178Z DEBUG vopono::exec       > vopono config.toml: configuration property "postup" not found
 2021-06-29T10:23:58.178Z DEBUG vopono::exec       > vopono config.toml: configuration property "predown" not found
 2021-06-29T10:23:58.178Z DEBUG vopono::exec       > vopono config.toml: configuration property "user" not found
 2021-06-29T10:23:58.178Z DEBUG vopono::network_interface > ip addr
 2021-06-29T10:23:58.179Z DEBUG vopono::exec              > Interface: wlan0
 2021-06-29T10:23:58.180Z DEBUG vopono::util              > Existing namespaces: []
 2021-06-29T10:23:58.180Z DEBUG vopono::util              > ip netns add vopono_custom_cust
 2021-06-29T10:23:58.181Z INFO  vopono::netns             > Created new network namespace: vopono_custom_cust
 2021-06-29T10:23:58.182Z DEBUG vopono::util              > Existing interfaces:
 2021-06-29T10:23:58.183Z DEBUG vopono::util              > Assigned IPs: []
 2021-06-29T10:23:58.183Z DEBUG vopono::netns             > ip netns exec vopono_custom_cust ip addr add 127.0.0.1/8 dev lo
 2021-06-29T10:23:58.185Z DEBUG vopono::netns             > ip netns exec vopono_custom_cust ip link set lo up
 2021-06-29T10:23:58.187Z DEBUG vopono::veth_pair         > NetworkManager detected, adding custom_cust_d to unmanaged devices
 2021-06-29T10:23:58.187Z DEBUG vopono::veth_pair         > Appending to existing NetworkManager config file: /etc/NetworkManager/conf.d/unmanaged.conf
 2021-06-29T10:23:58.187Z DEBUG vopono::util              > nmcli connection reload
 2021-06-29T10:23:58.203Z DEBUG vopono::util              > ip link add custom_cust_d type veth peer name custom_cust_s
 2021-06-29T10:23:58.209Z DEBUG vopono::util              > ip link set custom_cust_d up
 2021-06-29T10:23:58.213Z DEBUG vopono::util              > ip link set custom_cust_s netns vopono_custom_cust up
 2021-06-29T10:23:58.234Z DEBUG vopono::util              > ip addr add 10.200.1.1/24 dev custom_cust_d
 2021-06-29T10:23:58.236Z DEBUG vopono::netns             > ip netns exec vopono_custom_cust ip addr add 10.200.1.2/24 dev custom_cust_s
 2021-06-29T10:23:58.240Z DEBUG vopono::netns             > ip netns exec vopono_custom_cust ip route add default via 10.200.1.1 dev custom_cust_s
 2021-06-29T10:23:58.245Z INFO  vopono::netns             > IP address of namespace as seen from host: 10.200.1.2
 2021-06-29T10:23:58.245Z INFO  vopono::netns             > IP address of host as seen from namespace: 10.200.1.1
 2021-06-29T10:23:58.245Z DEBUG vopono::util              > nft add table inet vopono_nat
 2021-06-29T10:23:58.253Z DEBUG vopono::util              > nft add chain inet vopono_nat postrouting { type nat hook postrouting priority 100 ; }
 2021-06-29T10:23:58.257Z DEBUG vopono::util              > nft add rule inet vopono_nat postrouting oifname wlan0 ip saddr 10.200.1.0/24 counter masquerade
 2021-06-29T10:23:58.270Z DEBUG vopono::util              > nft add table inet vopono_bridge
 2021-06-29T10:23:58.274Z DEBUG vopono::util              > nft add chain inet vopono_bridge forward { type filter hook forward priority -10 ; }
 2021-06-29T10:23:58.284Z DEBUG vopono::util              > nft add rule inet vopono_bridge forward iifname custom_cust_d oifname wlan0 counter accept
 2021-06-29T10:23:58.289Z DEBUG vopono::util              > nft add rule inet vopono_bridge forward oifname custom_cust_d iifname wlan0 counter accept
 2021-06-29T10:23:58.291Z DEBUG vopono::util              > sysctl -q net.ipv4.ip_forward=1
 2021-06-29T10:23:58.292Z DEBUG vopono::dns_config        > Setting namespace vopono_custom_cust DNS server to 8.8.8.8
 2021-06-29T10:23:58.293Z INFO  vopono::openvpn           > Launching OpenVPN...
 2021-06-29T10:23:58.293Z DEBUG vopono::openvpn           > Found remotes: [Remote { host: Hostname("in-mum.prod.surfshark.com"), port: 1194, protocol: UDP }]
 2021-06-29T10:23:58.293Z DEBUG vopono::netns             > ip netns exec vopono_custom_cust openvpn --config /home/bc7/vpn/custom_openvpn.ovpn --machine-readable-output --log /etc/netns/vopono_custom_cust/openvpn.log
 2021-06-29T10:23:58.305Z DEBUG vopono::openvpn           > "1624962238.305804 40 DEPRECATED OPTION: --cipher set to \'AES-256-CBC\' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add \'AES-256-CBC\' to --data-ciphers or change --cipher \'AES-256-CBC\' to --data-ciphers-fallback \'AES-256-CBC\' to silence this warning.\n"
 2021-06-29T10:23:58.305Z DEBUG vopono::openvpn           > "1624962238.305981 40 WARNING: file \'passfile\' is group or others accessible\n"
 2021-06-29T10:23:58.306Z DEBUG vopono::openvpn           > "1624962238.305992 1 OpenVPN 2.5.3 [git:makepkg/ecaf88f8a4e75856+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jun 18 2021\n"
 2021-06-29T10:23:58.306Z DEBUG vopono::openvpn           > "1624962238.306002 1 library versions: OpenSSL 1.1.1k  25 Mar 2021, LZO 2.10\n"
 2021-06-29T10:23:58.306Z DEBUG vopono::openvpn           > "1624962238.306104 40 WARNING: --ping should normally be used with --ping-restart or --ping-exit\n"
 2021-06-29T10:23:58.306Z DEBUG vopono::openvpn           > "1624962238.306627 14000002 Outgoing Control Channel Authentication: Using 512 bit message hash \'SHA512\' for HMAC authentication\n"
 2021-06-29T10:23:58.306Z DEBUG vopono::openvpn           > "1624962238.306638 14000002 Incoming Control Channel Authentication: Using 512 bit message hash \'SHA512\' for HMAC authentication\n"
 2021-06-29T10:24:04.348Z DEBUG vopono::openvpn           > "1624962244.348448 4000021 RESOLVE: Cannot resolve host address: in-mum.prod.surfshark.com:1194 (Temporary failure in name resolution)\n"
 2021-06-29T10:24:10.396Z DEBUG vopono::openvpn           > "1624962250.396429 4000021 RESOLVE: Cannot resolve host address: in-mum.prod.surfshark.com:1194 (Temporary failure in name resolution)\n"
 2021-06-29T10:24:10.396Z DEBUG vopono::openvpn           > "1624962250.396464 40 Could not determine IPv4/IPv6 protocol\n"
 2021-06-29T10:24:10.396Z DEBUG vopono::openvpn           > "1624962250.396526 1 SIGUSR1[soft,init_instance] received, process restarting\n"
 2021-06-29T10:24:10.396Z DEBUG vopono::openvpn           > "1624962250.396547 21000003 Restart pause, 5 second(s)\n"
 2021-06-29T10:24:15.396Z DEBUG vopono::openvpn           > "1624962255.396668 40 WARNING: --ping should normally be used with --ping-restart or --ping-exit\n"
 2021-06-29T10:24:15.396Z DEBUG vopono::openvpn           > "1624962255.396918 14000002 Outgoing Control Channel Authentication: Using 512 bit message hash \'SHA512\' for HMAC authentication\n"
 2021-06-29T10:24:15.396Z DEBUG vopono::openvpn           > "1624962255.396946 14000002 Incoming Control Channel Authentication: Using 512 bit message hash \'SHA512\' for HMAC authentication\n"
 2021-06-29T10:24:21.452Z DEBUG vopono::openvpn           > "1624962261.452493 4000021 RESOLVE: Cannot resolve host address: in-mum.prod.surfshark.com:1194 (Temporary failure in name resolution)\n"
^C 2021-06-29T10:24:27.500Z DEBUG vopono::openvpn           > "1624962267.500520 0 RESOLVE: signal received during DNS resolution attempt\n"
 2021-06-29T10:24:27.500Z DEBUG vopono::openvpn           > "1624962267.500594 40 Could not determine IPv4/IPv6 protocol\n"
 2021-06-29T10:24:27.500Z DEBUG vopono::openvpn           > "1624962267.500827 1 SIGHUP[hard,close_context usr1 to hup] received, process restarting\n"
 2021-06-29T10:24:27.501Z DEBUG vopono::openvpn           > "1624962267.501171 40 DEPRECATED OPTION: --cipher set to \'AES-256-CBC\' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add \'AES-256-CBC\' to --data-ciphers or change --cipher \'AES-256-CBC\' to --data-ciphers-fallback \'AES-256-CBC\' to silence this warning.\n"
 2021-06-29T10:24:27.501Z DEBUG vopono::openvpn           > "1624962267.501253 40 WARNING: file \'passfile\' is group or others accessible\n"
 2021-06-29T10:24:27.501Z DEBUG vopono::openvpn           > "1624962267.501271 1 OpenVPN 2.5.3 [git:makepkg/ecaf88f8a4e75856+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jun 18 2021\n"
 2021-06-29T10:24:27.501Z DEBUG vopono::openvpn           > "1624962267.501278 1 library versions: OpenSSL 1.1.1k  25 Mar 2021, LZO 2.10\n"
 2021-06-29T10:24:27.501Z DEBUG vopono::openvpn           > "1624962267.501342 21000003 Restart pause, 5 second(s)\n"
^C 2021-06-29T10:24:27.521Z DEBUG vopono::openvpn           > "1624962267.521675 1 SIGINT[hard,init_instance] received, process exiting\n"

[jamesmcm]

Try running it with --no-killswitch the issue is it can't resolve in-mum.prod.surfshark.com but that is publicly accessible (I can ping it from here).

[anon-127]

still same issue. I can resolve the address too manually.

[jamesmcm]

Does it work when you run: sudo openvpn --config /home/bc7/vpn/custom_openvpn.ovpn

normally outside of vopono, etc. ?

[anon-127]

it works with NetworkManager

[JoshBeer]

I can confirm this is not working with Surfshark (in my case Wireguard). Running vopono -v exec --custom ~/.config/vopono/nl-ams.prod.surfshark.com.conf --protocol wireguard "curl ifconfig.io/country_code":

Temporary failure in name resolution:nl-ams.prod.surfshark.com:51820'. Trying again in 1.00 seconds... Temporary failure in name resolution: nl-ams.prod.surfshark.com:51820'. Trying again in 1.20 seconds... Temporary failure in name resolution:nl-ams.prod.surfshark.com:51820'. Trying again in 1.44 seconds... Temporary failure in name resolution: nl-ams.prod.surfshark.com:51820'. Trying again in 1.73 seconds... Temporary failure in name resolution:nl-ams.prod.surfshark.com:51820'. Trying again in 2.07 seconds... Temporary failure in name resolution: nl-ams.prod.surfshark.com:51820'. Trying again in 2.49 seconds... Temporary failure in name resolution:nl-ams.prod.surfshark.com:51820'. Trying again in 2.99 seconds... Temporary failure in name resolution: nl-ams.prod.surfshark.com:51820'. Trying again in 3.58 seconds... Temporary failure in name resolution:nl-ams.prod.surfshark.com:51820'. Trying again in 4.30 seconds... Temporary failure in name resolution: nl-ams.prod.surfshark.com:51820'. Trying again in 5.16 seconds... Temporary failure in name resolution:nl-ams.prod.surfshark.com:51820'. Trying again in 6.19 seconds... Temporary failure in name resolution: nl-ams.prod.surfshark.com:51820'. Trying again in 7.43 seconds... Temporary failure in name resolution:nl-ams.prod.surfshark.com:51820'. Trying again in 8.92 seconds... Temporary failure in name resolution: nl-ams.prod.surfshark.com:51820'. Trying again in 10.70 seconds... Temporary failure in name resolution:nl-ams.prod.surfshark.com:51820'. Trying again in 12.84 seconds...`