search

qdm12 / gluetun-wiki

Home to the Markdown Wiki page for Gluetun
MIT License
269 stars 31 forks source link

ERROR [ip getter] and WARN [dns] #59

Open hypnosis4u2nv opened 3 months ago

hypnosis4u2nv commented 3 months ago

I see that others are having the same issue with other VPN's, but it seems I can't get Gluetun past these I/O errors. Also the server list for Surfshark needs to be updated, a few locations have changed names.

2024-03-22T13:31:01-04:00 INFO [vpn] starting 2024-03-22T13:31:01-04:00 INFO [firewall] allowing VPN connection... 2024-03-22T13:31:01-04:00 INFO [wireguard] Using available kernelspace implementation 2024-03-22T13:31:01-04:00 INFO [wireguard] Connecting to 37.19.211.29:51820 2024-03-22T13:31:01-04:00 INFO [wireguard] Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working. 2024-03-22T13:31:02-04:00 INFO [dns] downloading DNS over TLS cryptographic files 2024-03-22T13:31:05-04:00 ERROR [ip getter] Get "https://ipinfo.io/": dial tcp: lookup ipinfo.io on 1.1.1.1:53: read udp 10.14.0.2:33315->1.1.1.1:53: i/o timeout - retrying in 10s 2024-03-22T13:31:12-04:00 WARN [dns] cannot update files: Get "https://www.internic.net/domain/named.root": dial tcp: lookup www.internic.net on 1.1.1.1:53: read udp 10.14.0.2:46009->1.1.1.1:53: i/o timeout 2024-03-22T13:31:12-04:00 INFO [dns] attempting restart in 20s 2024-03-22T13:31:17-04:00 INFO [healthcheck] program has been unhealthy for 16s: restarting VPN 2024-03-22T13:31:17-04:00 INFO [healthcheck] πŸ‘‰ See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md 2024-03-22T13:31:17-04:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION 2024-03-22T13:31:17-04:00 INFO [vpn] stopping

hypnosis4u2nv commented 3 months ago

Changing DOT_PROVIDERS to google

2024-03-22T13:42:45-04:00 INFO [vpn] starting 2024-03-22T13:42:45-04:00 INFO [firewall] allowing VPN connection... 2024-03-22T13:42:45-04:00 INFO [wireguard] Using available kernelspace implementation 2024-03-22T13:42:45-04:00 INFO [wireguard] Connecting to 149.88.97.2:51820 2024-03-22T13:42:45-04:00 INFO [wireguard] Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working. 2024-03-22T13:42:52-04:00 WARN [dns] cannot update files: Get "https://www.internic.net/domain/named.root": context deadline exceeded (Client.Timeout exceeded while awaiting headers) 2024-03-22T13:42:52-04:00 INFO [dns] attempting restart in 20s 2024-03-22T13:43:03-04:00 ERROR [ip getter] Get "https://ipinfo.io/": context deadline exceeded (Client.Timeout exceeded while awaiting headers) - retrying in 20s 2024-03-22T13:43:06-04:00 INFO [healthcheck] program has been unhealthy for 21s: restarting VPN 2024-03-22T13:43:06-04:00 INFO [healthcheck] πŸ‘‰ See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md 2024-03-22T13:43:06-04:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION 2024-03-22T13:43:06-04:00 INFO [vpn] stopping

hypnosis4u2nv commented 3 months ago

Also, this is an issue with Wireguard as the OpenVPN configuration works fine.

mikescott55 commented 3 months ago

I'm getting the exact same errors. Trying to set it up using Windscribe and no matter what I've tried, it comes back that way.

avivzk2 commented 3 months ago

Is there any update on this? Maybe a working version of the image?

hypnosis4u2nv commented 3 months ago

No image update yet. Created another container using OpenVPN settings for now since it only affects Wireguard containers.

fdfytr commented 2 months ago

same issue with wireguard + surfshark

jaybp commented 2 months ago

Same issue with openvpn + surfshark

hypnosis4u2nv commented 2 months ago

13:42:45

I confirmed that OpenVPN is working with surfshark on the latest image. Change the server as Surfshark has changed some of the server addresses and they haven't been updated yet.

jaybp commented 2 months ago

I confirmed that OpenVPN is working with surfshark on the latest image. Change the server as Surfshark has changed some of the server addresses and they haven't been updated yet.

I copied the server directly from surfshark web login. Would really appreciate if you can look at this log and help figure out what's wrong. Full log is here - https://github.com/qdm12/gluetun-wiki/issues/62

2024-04-10T23:10:00-04:00 INFO Settings summary:
β”œβ”€β”€ VPN settings:
|   β”œβ”€β”€ VPN provider settings:
|   |   β”œβ”€β”€ Name: surfshark
|   |   └── Server selection settings:
|   |       β”œβ”€β”€ VPN type: openvpn
|   |       β”œβ”€β”€ Hostnames: ca-tor.prod.surfshark.com
|   |       └── OpenVPN server selection settings:
|   |           └── Protocol: UDP
|   └── OpenVPN settings:
|       β”œβ”€β”€ OpenVPN version: 2.5
|       β”œβ”€β”€ User: [set]
|       β”œβ”€β”€ Password: [set]
|       β”œβ”€β”€ Network interface: tun0
|       β”œβ”€β”€ Run OpenVPN as: root
|       └── Verbosity level: 1
β”œβ”€β”€ DNS settings:
|   └── Keep existing nameserver(s): yes
β”œβ”€β”€ Firewall settings:
|   └── Enabled: no
β”œβ”€β”€ Log settings:
|   └── Log level: INFO
β”œβ”€β”€ Health settings:
|   β”œβ”€β”€ Server listening address: 127.0.0.1:9999
|   β”œβ”€β”€ Target address: cloudflare.com:443
|   β”œβ”€β”€ Duration to wait after success: 5s
|   β”œβ”€β”€ Read header timeout: 100ms
|   β”œβ”€β”€ Read timeout: 500ms
|   └── VPN wait durations:
|       β”œβ”€β”€ Initial duration: 6s
|       └── Additional duration: 5s
β”œβ”€β”€ Shadowsocks server settings:
|   └── Enabled: no
β”œβ”€β”€ HTTP proxy settings:
|   └── Enabled: no
β”œβ”€β”€ Control server settings:
|   β”œβ”€β”€ Listening address: :8000
|   └── Logging: yes
β”œβ”€β”€ OS Alpine settings:
|   β”œβ”€β”€ Process UID: 568
|   β”œβ”€β”€ Process GID: 568
|   └── Timezone: america/toronto
β”œβ”€β”€ Public IP settings:
|   β”œβ”€β”€ Fetching: every 12h0m0s
|   β”œβ”€β”€ IP file path: /tmp/gluetun/ip
|   └── Public IP data API: ipinfo
└── Version settings:
└── Enabled: yes
hypnosis4u2nv commented 2 months ago

I confirmed that OpenVPN is working with surfshark on the latest image. Change the server as Surfshark has changed some of the server addresses and they haven't been updated yet.

I copied the server directly from surfshark web login. Would really appreciate if you can look at this log and help figure out what's wrong. Full log is here - #62

2024-04-10T23:10:00-04:00 INFO Settings summary:
β”œβ”€β”€ VPN settings:
|   β”œβ”€β”€ VPN provider settings:
|   |   β”œβ”€β”€ Name: surfshark
|   |   └── Server selection settings:
|   |       β”œβ”€β”€ VPN type: openvpn
|   |       β”œβ”€β”€ Hostnames: ca-tor.prod.surfshark.com
|   |       └── OpenVPN server selection settings:
|   |           └── Protocol: UDP
|   └── OpenVPN settings:
|       β”œβ”€β”€ OpenVPN version: 2.5
|       β”œβ”€β”€ User: [set]
|       β”œβ”€β”€ Password: [set]
|       β”œβ”€β”€ Network interface: tun0
|       β”œβ”€β”€ Run OpenVPN as: root
|       └── Verbosity level: 1
β”œβ”€β”€ DNS settings:
|   └── Keep existing nameserver(s): yes
β”œβ”€β”€ Firewall settings:
|   └── Enabled: no
β”œβ”€β”€ Log settings:
|   └── Log level: INFO
β”œβ”€β”€ Health settings:
|   β”œβ”€β”€ Server listening address: 127.0.0.1:9999
|   β”œβ”€β”€ Target address: cloudflare.com:443
|   β”œβ”€β”€ Duration to wait after success: 5s
|   β”œβ”€β”€ Read header timeout: 100ms
|   β”œβ”€β”€ Read timeout: 500ms
|   └── VPN wait durations:
|       β”œβ”€β”€ Initial duration: 6s
|       └── Additional duration: 5s
β”œβ”€β”€ Shadowsocks server settings:
|   └── Enabled: no
β”œβ”€β”€ HTTP proxy settings:
|   └── Enabled: no
β”œβ”€β”€ Control server settings:
|   β”œβ”€β”€ Listening address: :8000
|   └── Logging: yes
β”œβ”€β”€ OS Alpine settings:
|   β”œβ”€β”€ Process UID: 568
|   β”œβ”€β”€ Process GID: 568
|   └── Timezone: america/toronto
β”œβ”€β”€ Public IP settings:
|   β”œβ”€β”€ Fetching: every 12h0m0s
|   β”œβ”€β”€ IP file path: /tmp/gluetun/ip
|   └── Public IP data API: ipinfo
└── Version settings:
└── Enabled: yes

I'm actually using the same server. There's one setting that is different - try Enable Firewall Settings to yes (on)

hypnosis4u2nv commented 2 months ago

Here's my settings and log

β”œβ”€β”€ VPN settings:
|   β”œβ”€β”€ VPN provider settings:
|   |   β”œβ”€β”€ Name: surfshark
|   |   └── Server selection settings:
|   |       β”œβ”€β”€ VPN type: openvpn
|   |       β”œβ”€β”€ Hostnames: ca-tor.prod.surfshark.com
|   |       └── OpenVPN server selection settings:
|   |           └── Protocol: UDP
|   └── OpenVPN settings:
|       β”œβ”€β”€ OpenVPN version: 2.5
|       β”œβ”€β”€ User: [set]
|       β”œβ”€β”€ Password: [set]
|       β”œβ”€β”€ Network interface: tun0
|       β”œβ”€β”€ Run OpenVPN as: root
|       └── Verbosity level: 1
β”œβ”€β”€ DNS settings:
|   β”œβ”€β”€ Keep existing nameserver(s): no
|   β”œβ”€β”€ DNS server address to use: 127.0.0.1
|   └── DNS over TLS settings:
|       β”œβ”€β”€ Enabled: yes
|       β”œβ”€β”€ Update period: every 24h0m0s
|       β”œβ”€β”€ Unbound settings:
|       |   β”œβ”€β”€ Authoritative servers:
|       |   |   └── cloudflare
|       |   β”œβ”€β”€ Caching: yes
|       |   β”œβ”€β”€ IPv6: no
|       |   β”œβ”€β”€ Verbosity level: 1
|       |   β”œβ”€β”€ Verbosity details level: 0
|       |   β”œβ”€β”€ Validation log level: 0
|       |   β”œβ”€β”€ System user: root
|       |   └── Allowed networks:
|       |       β”œβ”€β”€ 0.0.0.0/0
|       |       └── ::/0
|       └── DNS filtering settings:
|           β”œβ”€β”€ Block malicious: yes
|           β”œβ”€β”€ Block ads: no
|           β”œβ”€β”€ Block surveillance: no
|           └── Blocked IP networks:
|               β”œβ”€β”€ 127.0.0.1/8
|               β”œβ”€β”€ 10.0.0.0/8
|               β”œβ”€β”€ 172.16.0.0/12
|               β”œβ”€β”€ 192.168.0.0/16
|               β”œβ”€β”€ 169.254.0.0/16
|               β”œβ”€β”€ ::1/128
|               β”œβ”€β”€ fc00::/7
|               β”œβ”€β”€ fe80::/10
|               β”œβ”€β”€ ::ffff:127.0.0.1/104
|               β”œβ”€β”€ ::ffff:10.0.0.0/104
|               β”œβ”€β”€ ::ffff:169.254.0.0/112
|               β”œβ”€β”€ ::ffff:172.16.0.0/108
|               └── ::ffff:192.168.0.0/112
β”œβ”€β”€ Firewall settings:
|   └── Enabled: yes
β”œβ”€β”€ Log settings:
|   └── Log level: info
β”œβ”€β”€ Health settings:
|   β”œβ”€β”€ Server listening address: 127.0.0.1:9999
|   β”œβ”€β”€ Target address: cloudflare.com:443
|   β”œβ”€β”€ Duration to wait after success: 5s
|   β”œβ”€β”€ Read header timeout: 100ms
|   β”œβ”€β”€ Read timeout: 500ms
|   └── VPN wait durations:
|       β”œβ”€β”€ Initial duration: 6s
|       └── Additional duration: 5s
β”œβ”€β”€ Shadowsocks server settings:
|   └── Enabled: no
|   └── Public IP data API: ipinfo
└── Version settings:
    └── Enabled: yes
2024-04-08T03:53:51-04:00 INFO [routing] default route found: interface eth0, gateway 10.0.3.1, assigned IP 10.0.3.12 and family v4
2024-04-08T03:53:51-04:00 INFO [routing] adding route for 0.0.0.0/0
2024-04-08T03:53:51-04:00 INFO [firewall] setting allowed subnets...
2024-04-08T03:53:51-04:00 INFO [routing] default route found: interface eth0, gateway 10.0.3.1, assigned IP 10.0.3.12 and family v4
2024-04-08T03:53:51-04:00 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
2024-04-08T03:53:51-04:00 INFO [dns] using plaintext DNS at address 1.1.1.1
2024-04-08T03:53:51-04:00 INFO [http server] http server listening on [::]:8000
2024-04-08T03:53:51-04:00 INFO [healthcheck] listening on 127.0.0.1:9999
2024-04-08T03:53:51-04:00 INFO [firewall] allowing VPN connection...
2024-04-08T03:53:51-04:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2024-04-08T03:53:51-04:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-04-08T03:53:51-04:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]37.19.211.94:1194
2024-04-08T03:53:51-04:00 INFO [openvpn] UDP link local: (not bound)
2024-04-08T03:53:51-04:00 INFO [openvpn] UDP link remote: [AF_INET]37.19.211.94:1194
2024-04-08T03:53:51-04:00 INFO [openvpn] [ca-tor-v083.prod.surfshark.com] Peer Connection Initiated with [AF_INET]37.19.211.94:1194
2024-04-08T03:53:52-04:00 ERROR [openvpn] Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:7: block-outside-dns (2.5.8)
2024-04-08T03:53:52-04:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-04-08T03:53:52-04:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-04-08T03:53:52-04:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-04-08T03:53:52-04:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.8.8.2/24
2024-04-08T03:53:52-04:00 INFO [openvpn] UID set to nonrootuser
2024-04-08T03:53:52-04:00 INFO [openvpn] Initialization Sequence Completed
2024-04-08T03:53:52-04:00 INFO [dns] downloading DNS over TLS cryptographic files
2024-04-08T03:53:53-04:00 INFO [healthcheck] healthy!
fdfytr commented 2 months ago

had similar issue with wireguard and surfshark

solution: had to change incorrect server IP from gluetun wiki to updated from surfshark

jaybp commented 2 months ago

had similar issue with wireguard and surfshark

solution: had to change incorrect server IP from gluetun wiki to updated from surfshark

Yep, I copied my server name directly from surfshark Hostnames: ca-tor.prod.surfshark.com

jaybp commented 2 months ago

Here's my settings and log

β”œβ”€β”€ VPN settings:
β”œβ”€β”€ Firewall settings:
|   └── Enabled: yes

How do I set Firewall to true? This page doesn't show that option https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/surfshark.md

ItzDerock commented 2 months ago

running into the same issue with wireguard + windscribe, using openvpn works fine. Not sure if this matters, but I am running docker in a privileged LXC container on Proxmox.

crispybegs commented 4 weeks ago

same problem with windscribe. tried downloading a new wireguard config, no luck. Tried a new config with a new location, still no luck.

any pointers gratefully received. gluetun's been working fine for months but now suddenly not.

crispybegs commented 4 weeks ago

I'm getting the exact same errors. Trying to set it up using Windscribe and no matter what I've tried, it comes back that way.

did you find a fix? same windscribe issue here