search

qdm12 / gluetun

VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
https://hub.docker.com/r/qmcgaw/gluetun
MIT License
7.42k stars 350 forks source link

Constant link-mtu and comp-lzo warning: Protonvpn #1059

Closed activerolex closed 2 years ago

activerolex commented 2 years ago

My Configuration

version: "3.1"
services:
  gluetun:
    image: qmcgaw/gluetun:latest
    container_name: 'gluetun'
    cap_add:
      - NET_ADMIN
    volumes:
      - /home/docker/gluetun/config:/gluetun
    environment:
      - VPN_SERVICE_PROVIDER=protonvpn
      - OPENVPN_USER=*********************
      - OPENVPN_PASSWORD=*******************
      - SERVER_COUNTRIES=Canada 
      - SERVER_HOSTNAME=node-ca-06.protonvpn.net
      - TZ=Europe/Amsterdam
    restart: always

Latest Logs

2022-07-12T01:03:30-03:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.28.0.2/16
2022-07-12T01:03:30-03:00 INFO [openvpn] UID set to nonrootuser
2022-07-12T01:03:30-03:00 INFO [openvpn] Initialization Sequence Completed
2022-07-12T01:03:30-03:00 INFO [dns over tls] downloading DNS over TLS cryptographic files
2022-07-12T01:03:34-03:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN
2022-07-12T01:03:34-03:00 INFO [vpn] stopping
2022-07-12T01:03:34-03:00 ERROR [vpn] cannot get version information: Get "https://api.github.com/repos/qdm12/gluetun/commits": context canceled
2022-07-12T01:03:34-03:00 INFO [vpn] starting
2022-07-12T01:03:34-03:00 INFO [firewall] allowing VPN connection...
2022-07-12T01:03:34-03:00 INFO [openvpn] OpenVPN 2.5.6 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Apr 17 2022
2022-07-12T01:03:34-03:00 INFO [openvpn] library versions: OpenSSL 1.1.1p  21 Jun 2022, LZO 2.10
2022-07-12T01:03:34-03:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]86.106.90.98:1194
2022-07-12T01:03:34-03:00 INFO [openvpn] UDP link local: (not bound)
2022-07-12T01:03:34-03:00 INFO [openvpn] UDP link remote: [AF_INET]86.106.90.98:1194
2022-07-12T01:03:35-03:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1634'
2022-07-12T01:03:35-03:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2022-07-12T01:03:35-03:00 INFO [openvpn] [node-ca-06.protonvpn.net] Peer Connection Initiated with [AF_INET]86.106.90.98:1194
2022-07-12T01:03:35-03:00 WARN [dns over tls] cannot update files: Get "https://www.internic.net/domain/named.root": dial tcp: lookup www.internic.net on 1.1.1.1:53: write udp 172.20.0.2:46382->1.1.1.1:53: write: operation not permitted
2022-07-12T01:03:35-03:00 INFO [dns over tls] attempting restart in 10s
2022-07-12T01:03:35-03:00 INFO [openvpn] setsockopt TCP_NODELAY=1 failed
2022-07-12T01:03:35-03:00 INFO [openvpn] TUN/TAP device tun0 opened
2022-07-12T01:03:35-03:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2022-07-12T01:03:35-03:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2022-07-12T01:03:35-03:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.29.0.12/16
2022-07-12T01:03:35-03:00 ERROR [openvpn] RTNETLINK answers: File exists
2022-07-12T01:03:35-03:00 ERROR [openvpn] Linux route add command failed: external program exited with error status: 2
2022-07-12T01:03:35-03:00 INFO [openvpn] UID set to nonrootuser
2022-07-12T01:03:35-03:00 INFO [openvpn] Initialization Sequence Completed
2022-07-12T01:03:39-03:00 INFO [healthcheck] healthy!
2022-07-12T01:03:45-03:00 INFO [dns over tls] downloading DNS over TLS cryptographic files
2022-07-12T01:03:46-03:00 INFO [dns over tls] downloading hostnames and IP block lists
2022-07-12T01:03:53-03:00 INFO [healthcheck] unhealthy: cannot dial: dial tcp4: i/o timeout
2022-07-12T01:03:55-03:00 INFO [dns over tls] init module 0: validator
2022-07-12T01:03:55-03:00 INFO [dns over tls] init module 1: iterator
2022-07-12T01:03:55-03:00 INFO [dns over tls] start of service (unbound 1.15.0).
2022-07-12T01:03:56-03:00 INFO [dns over tls] generate keytag query _ta-4a5c-4f66. NULL IN
2022-07-12T01:03:56-03:00 INFO [dns over tls] generate keytag query _ta-4a5c-4f66. NULL IN
2022-07-12T01:03:56-03:00 INFO [dns over tls] ready
2022-07-12T01:03:56-03:00 INFO [healthcheck] healthy!
2022-07-12T02:00:16-03:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1634'
2022-07-12T02:00:16-03:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2022-07-12T02:06:23-03:00 INFO [healthcheck] unhealthy: cannot dial: dial tcp4 104.16.132.229:443: i/o timeout
2022-07-12T02:06:26-03:00 INFO [healthcheck] healthy!
2022-07-12T02:56:58-03:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1634'
2022-07-12T02:56:58-03:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2022-07-12T03:06:21-03:00 INFO [healthcheck] unhealthy: cannot dial: dial tcp4 104.16.132.229:443: i/o timeout
2022-07-12T03:06:29-03:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN
2022-07-12T03:06:29-03:00 INFO [vpn] stopping
2022-07-12T03:06:29-03:00 INFO [vpn] starting
2022-07-12T03:06:29-03:00 INFO [firewall] allowing VPN connection...
2022-07-12T03:06:29-03:00 INFO [openvpn] OpenVPN 2.5.6 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Apr 17 2022
2022-07-12T03:06:29-03:00 INFO [openvpn] library versions: OpenSSL 1.1.1p  21 Jun 2022, LZO 2.10
2022-07-12T03:06:29-03:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]86.106.90.98:1194
2022-07-12T03:06:29-03:00 INFO [openvpn] UDP link local: (not bound)
2022-07-12T03:06:29-03:00 INFO [openvpn] UDP link remote: [AF_INET]86.106.90.98:1194
2022-07-12T03:06:29-03:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1634'
2022-07-12T03:06:29-03:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2022-07-12T03:06:29-03:00 INFO [openvpn] [node-ca-06.protonvpn.net] Peer Connection Initiated with [AF_INET]86.106.90.98:1194
2022-07-12T03:06:30-03:00 INFO [openvpn] setsockopt TCP_NODELAY=1 failed
2022-07-12T03:06:30-03:00 INFO [openvpn] TUN/TAP device tun0 opened
2022-07-12T03:06:30-03:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2022-07-12T03:06:30-03:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2022-07-12T03:06:30-03:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.28.0.2/16
2022-07-12T03:06:30-03:00 ERROR [openvpn] RTNETLINK answers: File exists
2022-07-12T03:06:30-03:00 ERROR [openvpn] Linux route add command failed: external program exited with error status: 2
2022-07-12T03:06:30-03:00 INFO [openvpn] UID set to nonrootuser
2022-07-12T03:06:30-03:00 INFO [openvpn] Initialization Sequence Completed
2022-07-12T03:06:31-03:00 INFO [healthcheck] healthy!
2022-07-12T03:40:24-03:00 INFO [dns over tls] generate keytag query _ta-4a5c-4f66. NULL IN
2022-07-12T04:01:40-03:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1634'
2022-07-12T04:01:40-03:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2022-07-12T04:56:51-03:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1634'
2022-07-12T04:56:51-03:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2022-07-12T05:52:02-03:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1634'
2022-07-12T05:52:02-03:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2022-07-12T06:14:13-03:00 INFO [dns over tls] generate keytag query _ta-4a5c-4f66. NULL IN
2022-07-12T06:47:13-03:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1634'
2022-07-12T06:47:13-03:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2022-07-12T07:42:24-03:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1634'
2022-07-12T07:42:24-03:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2022-07-12T08:37:35-03:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1634'
2022-07-12T08:37:35-03:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2022-07-12T08:56:12-03:00 INFO [dns over tls] generate keytag query _ta-4a5c-4f66. NULL IN
2022-07-12T09:32:45-03:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1634'
2022-07-12T09:32:45-03:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2022-07-12T10:27:56-03:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1634'
2022-07-12T10:27:56-03:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2022-07-12T11:23:06-03:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1634'
2022-07-12T11:23:06-03:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2022-07-12T11:47:25-03:00 INFO [dns over tls] generate keytag query _ta-4a5c-4f66. NULL IN
2022-07-12T12:18:16-03:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1634'
2022-07-12T12:18:16-03:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2022-07-12T13:13:27-03:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1634'
2022-07-12T13:13:27-03:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2022-07-12T14:08:37-03:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1634'
2022-07-12T14:08:37-03:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2022-07-12T14:25:21-03:00 INFO [dns over tls] generate keytag query _ta-4a5c-4f66. NULL IN
2022-07-12T14:25:21-03:00 INFO [dns over tls] generate keytag query _ta-4a5c-4f66. NULL IN
2022-07-12T15:03:47-03:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1634'
2022-07-12T15:03:47-03:00 WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
qdm12 commented 2 years ago

Does Protonvpn precise any specific mtu or comp-lzo option in their openvpn configuration files?

activerolex commented 2 years ago

I asked Protonvpn Support and they said, the comp-lzo option is disabled by default in the configuration files. Also, they don't advise on changing anything in the configuration files, as this can lead to connectivity or possible leak issues.

qdm12 commented 2 years ago

Yeah so let's keep it as is. The config generated is pretty much their config (with some added stuff), but I wouldn't add those 2 options since some of their servers might not like it.