Yesterday my heartbeat failed so the container reconnected. In the intervening 90 seconds, another docker container which was set to network_mode: service:cryptostorm was able to connect to the internet with my public IP address
Log files around reconnect:
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=118 time=13.324 ms
--- 8.8.8.8 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 13.324/13.324/13.324 ms
Tue Oct 25 02:29:33 UTC 2022: KILLSWITCH: everything ok, current IP (155.254.31.31) different from initial IP (45.25.45.52)
PING 8.8.8.8 (8.8.8.8): 56 data bytes
--- 8.8.8.8 ping statistics ---
1 packets transmitted, 0 packets received, 100% packet loss
Tue Oct 25 02:30:13 UTC 2022: KILLSWITCH: WARNING heartbeat failed, forcing an openvpn reconnect
Tue Oct 25 02:30:13 2022 us=296616 42 variation(s) on previous 3 message(s) suppressed by --mute
Tue Oct 25 02:30:13 2022 us=296631 event_wait : Interrupted system call (code=4)
Tue Oct 25 02:30:13 2022 us=296637 SIGTERM received, sending exit notification to peer
Tue Oct 25 02:30:16 2022 us=955627 TCP/UDP: Closing socket
Tue Oct 25 02:30:16 2022 us=955743 /sbin/ip route del 155.254.31.31/32
Tue Oct 25 02:30:16 2022 us=957205 /sbin/ip route del 0.0.0.0/1
Tue Oct 25 02:30:16 2022 us=957904 /sbin/ip route del 128.0.0.0/1
Tue Oct 25 02:30:16 2022 us=958612 /etc/openvpn/update-resolv-conf tun0 1500 1553 10.66.138.33 255.255.255.0 init
Running update-resolv-conf...
Tue Oct 25 02:30:16 2022 us=975014 Closing TUN/TAP interface
Tue Oct 25 02:30:16 2022 us=975039 /sbin/ip addr del dev tun0 10.66.138.33/24
Tue Oct 25 02:30:17 2022 us=15348 SIGTERM[soft,exit-with-notification] received, process exiting
Starting openvpn service via s6 overlay
mknod: /dev/net/tun: File exists
Tue Oct 25 02:30:17 2022 us=335384 Current Parameter Settings:
Tue Oct 25 02:30:17 2022 us=335412 config = '/ovpn-configs/US-NorthCarolina_UDP.ovpn'
Tue Oct 25 02:30:17 2022 us=335420 mode = 0
Tue Oct 25 02:30:17 2022 us=335427 NOTE: --mute triggered...
Tue Oct 25 02:30:17 2022 us=335444 299 variation(s) on previous 3 message(s) suppressed by --mute
Tue Oct 25 02:30:17 2022 us=335454 OpenVPN 2.4.6 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 26 2018
Tue Oct 25 02:30:17 2022 us=335465 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10
Tue Oct 25 02:30:17 2022 us=335633 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Tue Oct 25 02:30:17 2022 us=336080 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Tue Oct 25 02:30:17 2022 us=336116 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Tue Oct 25 02:30:17 2022 us=336127 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Tue Oct 25 02:30:17 2022 us=336141 NOTE: --mute triggered...
Tue Oct 25 02:30:17 2022 us=336300 1 variation(s) on previous 3 message(s) suppressed by --mute
Tue Oct 25 02:30:17 2022 us=336314 Control Channel MTU parms [ L:1622 D:1156 EF:94 EB:0 ET:0 EL:3 ]
Tue Oct 25 02:30:17 2022 us=379524 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Tue Oct 25 02:30:17 2022 us=379572 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1550,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-GCM,auth [null-digest],keysize 256,key-method 2,tls-client'
Tue Oct 25 02:30:17 2022 us=379581 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1550,tun-mtu 1500,proto UDPv4,comp-lzo,cipher AES-256-GCM,auth [null-digest],keysize 256,key-method 2,tls-server'
Tue Oct 25 02:30:17 2022 us=379594 TCP/UDP: Preserving recently used remote address: [AF_INET]155.254.29.115:443
Tue Oct 25 02:30:17 2022 us=379618 Socket Buffers: R=[212992->212992] S=[212992->212992]
Tue Oct 25 02:30:17 2022 us=379633 UDP link local (bound): [AF_INET][undef]:1194
Tue Oct 25 02:30:17 2022 us=379646 UDP link remote: [AF_INET]155.254.29.115:443
Tue Oct 25 02:30:17 2022 us=390563 TLS: Initial packet from [AF_INET]155.254.29.115:443, sid=aa5e3c55 2633f236
Tue Oct 25 02:30:17 2022 us=390684 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Oct 25 02:30:17 2022 us=405778 VERIFY OK: depth=1, CN=cryptostorm CA
Tue Oct 25 02:30:17 2022 us=406991 VERIFY KU OK
Tue Oct 25 02:30:17 2022 us=407006 Validating certificate extended key usage
Tue Oct 25 02:30:17 2022 us=407012 NOTE: --mute triggered...
Tue Oct 25 02:30:18 2022 us=357773 4 variation(s) on previous 3 message(s) suppressed by --mute
Tue Oct 25 02:30:18 2022 us=357814 [cryptostorm server] Peer Connection Initiated with [AF_INET]155.254.29.115:443
Tue Oct 25 02:30:19 2022 us=447329 SENT CONTROL [cryptostorm server]: 'PUSH_REQUEST' (status=1)
Tue Oct 25 02:30:19 2022 us=770610 PUSH: Received control message: 'PUSH_REPLY,persist-key,persist-tun,redirect-gateway def1,dhcp-option DNS 155.254.21.250,route-gateway 10.66.2.1,topology subnet,ping 20,ping-restart 60,ifconfig 10.66.2.100 255.255.255.0,peer-id 0,cipher AES-256-GCM'
Tue Oct 25 02:30:19 2022 us=770786 OPTIONS IMPORT: timers and/or timeouts modified
Tue Oct 25 02:30:19 2022 us=770808 NOTE: --mute triggered...
Tue Oct 25 02:30:19 2022 us=770843 8 variation(s) on previous 3 message(s) suppressed by --mute
Tue Oct 25 02:30:19 2022 us=770860 Data Channel MTU parms [ L:1553 D:1450 EF:53 EB:406 ET:0 EL:3 ]
Tue Oct 25 02:30:19 2022 us=771040 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Oct 25 02:30:19 2022 us=771063 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Oct 25 02:30:19 2022 us=771340 ROUTE_GATEWAY 172.23.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:17:00:04
Tue Oct 25 02:30:19 2022 us=771765 TUN/TAP device tun0 opened
Tue Oct 25 02:30:19 2022 us=771832 TUN/TAP TX queue length set to 100
Tue Oct 25 02:30:19 2022 us=771868 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Tue Oct 25 02:30:19 2022 us=771910 /sbin/ip link set dev tun0 up mtu 1500
Tue Oct 25 02:30:19 2022 us=773464 /sbin/ip addr add dev tun0 10.66.2.100/24 broadcast 10.66.2.255
Tue Oct 25 02:30:19 2022 us=774560 /etc/openvpn/update-resolv-conf-up tun0 1500 1553 10.66.2.100 255.255.255.0 init
Running update-resolv-conf...
dhcp-option DNS 155.254.21.250
Tue Oct 25 02:30:19 2022 us=794263 /sbin/ip route add 155.254.29.115/32 via 172.23.0.1
Tue Oct 25 02:30:19 2022 us=794794 /sbin/ip route add 0.0.0.0/1 via 10.66.2.1
Tue Oct 25 02:30:19 2022 us=795264 /sbin/ip route add 128.0.0.0/1 via 10.66.2.1
Tue Oct 25 02:30:19 2022 us=795672 Initialization Sequence Completed
Tue Oct 25 02:30:19 UTC 2022: FORWARDING: attempting to enable port forwarding for port 43532
Sorry, that port is already in use. Please choose a different one.
Tue Oct 25 02:30:20 UTC 2022: KILLSWITCH: captured initial IP (45.25.45.52)
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=58 time=15.726 ms
--- 8.8.8.8 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 15.726/15.726/15.726 ms
Tue Oct 25 02:30:20 UTC 2022: KILLSWITCH: everything ok, current IP (155.254.29.115) different from initial IP (45.25.45.52)
Yesterday my heartbeat failed so the container reconnected. In the intervening 90 seconds, another docker container which was set to
network_mode: service:cryptostormwas able to connect to the internet with my public IP addressLog files around reconnect:
docker-compose