Closed ClaymorePT closed 4 years ago
Remove --ip
. It needs to use the interface inside the container for bridge to work
@aptalca the result is the same if I remove --ip 192.168.248.3
I still get the error.
How did you install docker?
If you installed docker from the OS package manager, install instead from the official docker repo.
Also make sure that your host has iptables installed and all kernel modules enabled: https://www.lowendtalk.com/discussion/5005/openvpn-as-issue
@aptalca Yes it was from the package manager. Changing it now will not be trivial. I will see what I can do. I have iptables installed. I'm using it as the main firewall.
Thank you for the link!
It's just that we have seen many issues with docker installed via snap and via centos package manager. Those were all resolved by installing from the official repo.
Your issue seems to be a host related issue (I can't reproduce it). The other thing you can try is running it with --privileged
but technically --cap-add=NET_ADMIN
should have covered that.
Good luck and let us know how it works out.
Your issue seems to be a host related issue (I can't reproduce it). The other thing you can try is running it with
--privileged
but technically--cap-add=NET_ADMIN
should have covered that.
I've tried that before I opened this issue but it did't work. As you said, this is most likely an issue from the docker version of archlinux. Thank you for the assistance.
I'm unable to resolve the issue from my side. At the moment, I cannot use any other version than the distribution version. For this reason, I'm closing this issue.
I'm having the exact same issue on an Ubuntu host running 19.10. Irrespective of if I pass my conf files or start from scratch, the error is the same. I suspect the problem started after upgrading to 19.10 from 19.04 but am unable to confirm it. Docker has been installed from docker repo.
I just set up a brand new VM on DO with 19.10, installed docker from the ubuntu repo (side note, we normally only support installs from the official docker repo, but since there is no package there for eoan yet, I tried the distro repo build).
Ran docker run -d --rm --name test -p 943:943 --cap-add=NET_ADMIN linuxserver/openvpn-as
and it came right up.
Check your host system for issues, look into firewall, selinux, etc.
Just figured it out - I had been running the container as part of a larger bridge network with about 10 other containers. Being at my wits end, I removed it from the network and run it with just a network_mode: bridge
in the docker compose. Worked on first try. No idea why that might be the issue but I'm not complaining! Thanks for testing this out, you guys are amazing :)
Hate to drag this one out again, but I'm having the same exact issue as the OP and would like to see about re-opening this. Also, running on ArchLinux and configuring the container through the use of the following docker-compose.yml
version: "2.1"
services:
openvpn-as
image: linuxserver/openvpn-as:2.7.5-ls22
container_name: openvpn-as
cap_add:
- NET_ADMIN
environment:
- PUID=1000
- PGID=1000
- TZ=US/Eastern
volumes:
- ./data:/config
ports:
- 943:943
- 9443:9443
- 1190:1190/udp
restart: unless-stopped
networks:
my_net:
ipv4_address: 172.18.0.3
gitlab:
image: 'gitlab/gitlab-ee:latest'
restart: always
hostname: 'gitlab.example.com'
mem_limit: 8000M
mem_reservation: 4000M
volumes:
- '/srv/gitlab/config:/etc/gitlab'
- '/srv/gitlab/logs:/var/log/gitlab'
- '/srv/gitlab/data:/var/opt/gitlab'
networks:
my_net:
ipv4_address: 172.18.0.2
networks:
my_net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.18.0.0/24
gateway: 172.18.0.1
If I switch it to bridge mode, it works, but the intent is to not have it be in bridged mode so that's not a viable option for me at the moment.
Trying to further understand the issue, but not really aware of what mechanism would prevent this from working, although host OS does seem to be an issue. Below are the loaded modules on the host OS
Module Size Used by
iptable_mangle 16384 1
xt_mark 16384 5
xfs 1777664 0
nilfs2 266240 0
jfs 217088 0
btrfs 1499136 0
blake2b_generic 20480 0
xor 24576 1 btrfs
raid6_pq 122880 1 btrfs
loop 40960 0
dm_mod 159744 0
hid_mcp2221 16384 0
ext4 790528 1
mbcache 16384 1 ext4
jbd2 139264 1 ext4
overlay 135168 0
ppp_deflate 16384 0
bsd_comp 16384 0
ppp_async 20480 0
ppp_generic 49152 3 ppp_deflate,bsd_comp,ppp_async
slhc 20480 1 ppp_generic
nls_iso8859_1 16384 0
nls_cp437 20480 0
vfat 20480 0
fat 86016 1 vfat
uas 32768 0
usb_storage 77824 2 uas
cdc_acm 45056 0
veth 32768 0
uinput 20480 0
ftdi_sio 65536 0
rfcomm 90112 16
fuse 143360 3
nf_conntrack_netlink 53248 0
nfnetlink 16384 2 nf_conntrack_netlink
xfrm_user 45056 1
xfrm_algo 16384 1 xfrm_user
xt_addrtype 16384 2
br_netfilter 32768 0
bridge 229376 1 br_netfilter
cfg80211 888832 0
8021q 40960 0
garp 16384 1 8021q
mrp 20480 1 8021q
stp 16384 2 bridge,garp
llc 16384 3 bridge,stp,garp
tun 57344 6
ax25 77824 0
cmac 16384 2
algif_hash 16384 1
algif_skcipher 16384 1
af_alg 32768 6 algif_hash,algif_skcipher
bnep 28672 2
xt_conntrack 16384 95
iptable_filter 16384 2
xt_MASQUERADE 20480 9
xt_nat 16384 19
xt_tcpudp 20480 94
iptable_nat 16384 3
nf_nat 49152 3 xt_nat,iptable_nat,xt_MASQUERADE
nf_conntrack 172032 5 xt_conntrack,nf_nat,xt_nat,nf_conntrack_netlink,xt_MASQUERADE
nf_defrag_ipv6 24576 1 nf_conntrack
nf_defrag_ipv4 16384 1 nf_conntrack
libcrc32c 16384 4 nf_conntrack,nf_nat,btrfs,xfs
crc32c_generic 16384 0
nvidia_drm 53248 4
nvidia_modeset 1118208 10 nvidia_drm
nvidia 20721664 412 nvidia_modeset
btusb 65536 0
btrtl 24576 1 btusb
intel_rapl_msr 20480 0
btbcm 20480 1 btusb
intel_rapl_common 32768 1 intel_rapl_msr
btintel 32768 1 btusb
snd_hda_codec_realtek 135168 1
snd_hda_codec_generic 98304 1 snd_hda_codec_realtek
bluetooth 708608 37 btrtl,btintel,btbcm,bnep,btusb,rfcomm
ledtrig_audio 16384 2 snd_hda_codec_generic,snd_hda_codec_realtek
sb_edac 24576 0
snd_hda_codec_hdmi 73728 1
x86_pkg_temp_thermal 20480 0
snd_hda_intel 53248 3
ecdh_generic 16384 1 bluetooth
ecc 36864 1 ecdh_generic
snd_intel_dspcfg 28672 1 snd_hda_intel
intel_powerclamp 20480 0
iTCO_wdt 16384 0
iTCO_vendor_support 16384 1 iTCO_wdt
drm_kms_helper 258048 1 nvidia_drm
snd_hda_codec 163840 4 snd_hda_codec_generic,snd_hda_codec_hdmi,snd_hda_intel,snd_hda_codec_realtek
crc16 16384 2 bluetooth,ext4
coretemp 20480 0
cec 69632 1 drm_kms_helper
snd_hda_core 106496 5 snd_hda_codec_generic,snd_hda_codec_hdmi,snd_hda_intel,snd_hda_codec,snd_hda_codec_realtek
rc_core 57344 1 cec
ipmi_devintf 20480 0
snd_hwdep 16384 1 snd_hda_codec
mousedev 24576 0
input_leds 16384 0
ipmi_msghandler 73728 2 ipmi_devintf,nvidia
snd_pcm 147456 4 snd_hda_codec_hdmi,snd_hda_intel,snd_hda_codec,snd_hda_core
kvm_intel 327680 0
syscopyarea 16384 1 drm_kms_helper
kvm 823296 1 kvm_intel
sysfillrect 16384 1 drm_kms_helper
snd_timer 40960 1 snd_pcm
irqbypass 16384 1 kvm
sysimgblt 16384 1 drm_kms_helper
snd 114688 14 snd_hda_codec_generic,snd_hda_codec_hdmi,snd_hwdep,snd_hda_intel,snd_hda_codec,snd_hda_codec_realtek,snd_timer,snd_pcm
hp_wmi 20480 0
crct10dif_pclmul 16384 1
fb_sys_fops 16384 1 drm_kms_helper
ghash_clmulni_intel 16384 0
sparse_keymap 16384 1 hp_wmi
soundcore 16384 1 snd
e1000e 299008 0
psmouse 180224 0
ioatdma 61440 0
wmi_bmof 16384 0
rfkill 28672 7 hp_wmi,bluetooth,cfg80211
intel_cstate 16384 0
intel_uncore 159744 0
intel_rapl_perf 16384 0
i2c_i801 36864 0
lpc_ich 28672 0
dca 16384 1 ioatdma
evdev 24576 8
mac_hid 16384 0
vboxnetflt 32768 0
vboxnetadp 28672 0
vboxdrv 520192 2 vboxnetadp,vboxnetflt
nfsd 516096 14
auth_rpcgss 118784 1 nfsd
nfs_acl 16384 1 nfsd
drm 577536 7 drm_kms_helper,nvidia_drm
usbip_host 40960 0
usbip_core 40960 1 usbip_host
lockd 122880 1 nfsd
grace 16384 2 nfsd,lockd
sunrpc 507904 18 nfsd,auth_rpcgss,lockd,nfs_acl
sg 40960 0
agpgart 53248 1 drm
crypto_user 16384 0
ip_tables 32768 68 iptable_filter,iptable_nat,iptable_mangle
x_tables 53248 9 xt_conntrack,iptable_filter,xt_tcpudp,xt_addrtype,xt_nat,ip_tables,xt_MASQUERADE,iptable_mangle,xt_mark
hid_generic 16384 0
usbhid 65536 0
hid 143360 3 usbhid,hid_generic,hid_mcp2221
serio_raw 20480 0
atkbd 36864 0
libps2 20480 2 atkbd,psmouse
crc32_pclmul 16384 0
crc32c_intel 24576 2
aesni_intel 368640 3
glue_helper 16384 1 aesni_intel
crypto_simd 16384 1 aesni_intel
cryptd 24576 3 crypto_simd,ghash_clmulni_intel
isci 163840 0
xhci_pci 20480 0
mpt3sas 303104 3
firewire_ohci 45056 0
xhci_hcd 286720 1 xhci_pci
sr_mod 28672 0
libsas 102400 1 isci
firewire_core 81920 1 firewire_ohci
ehci_pci 20480 0
cdrom 73728 1 sr_mod
raid_class 16384 1 mpt3sas
ehci_hcd 98304 1 ehci_pci
crc_itu_t 16384 1 firewire_core
scsi_transport_sas 49152 3 isci,libsas,mpt3sas
wmi 36864 2 hp_wmi,wmi_bmof
i8042 32768 0
serio 28672 6 serio_raw,atkbd,psmouse,i8042
zfs 4272128 26
zunicode 335872 1 zfs
zavl 16384 1 zfs
icp 323584 1 zfs
zcommon 102400 2 zfs,icp
znvpair 106496 2 zfs,zcommon
spl 126976 5 zfs,icp,znvpair,zcommon,zavl
zlua 184320 1 zfs
Can confirm same issue on VM running Ubuntu 20.04, FYI
Ditto for installing outside of the package manager.. I downloaded the binaries from docker directly and extracted to root and have the same issue
Any update on this issue?
No, I gave up and switched to wireguard... It's a superior vpn anyways
On Sat, Oct 24, 2020, 7:41 PM Siddhant Kumar notifications@github.com wrote:
Any update on this issue?
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/linuxserver/docker-openvpn-as/issues/91#issuecomment-716069439, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABSNTYN3QVZTWUAUAUIQ3G3SMNQ3JANCNFSM4JBOJKVQ .
After creating the container and starting it, I went to the administration portal, logged in, went to Status -> Status Overview and clicked Start the Server.
Expected Behavior
Clicked Start the Server Server should be configured with default values Server should come online.
Current Behavior
Clicked Start the Server The following error occurred
Steps to Reproduce
Environment
OS: ArchLinux
CPU architecture: x86_64 How docker service was installed: N/A
Command used to create docker container (run/create/compose/screenshot)
Docker logs