search

qdm12 / gluetun

VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
https://hub.docker.com/r/qmcgaw/gluetun
MIT License
8.04k stars 371 forks source link

Bug: gluetun keeps restarting #1764

Closed proudhon closed 1 year ago

proudhon commented 1 year ago

Is this urgent?

Yes

Host OS

Debian Bookworm

CPU arch

x86_64

VPN service provider

Surfshark

What are you using to run the container

docker-compose

What is the version of Gluetun

version latest built on 2023-07-22T16:07:05.641Z (commit eecfb39)

What's the problem 🤔

The rootless container will constantly restart, either with openvpn or wireguard. (this also occurs by running the containers with a privileged user). I'm starting the rootless container on a Debian bookworm vm on a proxmox server. The vm itself has no firewall, and proxmox's firewall shouldn't block any outbound connection. Other containers are running fine on the same machine. I can successfully connect to the hosts:ports that appear in the logs via telnet. I know it's probably me missing something but I tried everything in my power/knowledge.

Share your logs

OpenVPN:

gluetun  | ========================================
gluetun  | ========================================
gluetun  | =============== gluetun ================
gluetun  | ========================================
gluetun  | =========== Made with ❤️ by ============
gluetun  | ======= https://github.com/qdm12 =======
gluetun  | ========================================
gluetun  | ========================================
gluetun  | 
gluetun  | Running version latest built on 2023-07-22T16:07:05.641Z (commit eecfb39)
gluetun  | 
gluetun  | 🔧 Need help? https://github.com/qdm12/gluetun/discussions/new
gluetun  | 🐛 Bug? https://github.com/qdm12/gluetun/issues/new
gluetun  | ✨ New feature? https://github.com/qdm12/gluetun/issues/new
gluetun  | ☕ Discussion? https://github.com/qdm12/gluetun/discussions/new
gluetun  | 💻 Email? quentin.mcgaw@gmail.com
gluetun  | 💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
gluetun  | 2023-07-26T04:23:56+02:00 INFO [routing] default route found: interface eth0, gateway 172.19.0.1, assigned IP 172.19.0.2 and family v4
gluetun  | 2023-07-26T04:23:56+02:00 INFO [routing] local ethernet link found: eth0
gluetun  | 2023-07-26T04:23:56+02:00 INFO [routing] local ipnet found: 172.19.0.0/16
gluetun  | 2023-07-26T04:23:56+02:00 INFO [firewall] enabling...
gluetun  | 2023-07-26T04:23:56+02:00 INFO [firewall] enabled successfully
gluetun  | 2023-07-26T04:23:56+02:00 INFO [storage] merging by most recent 17692 hardcoded servers and 17692 servers read from /gluetun/servers.json
gluetun  | 2023-07-26T04:23:56+02:00 INFO Alpine version: 3.18.2
gluetun  | 2023-07-26T04:23:56+02:00 INFO OpenVPN 2.5 version: 2.5.8
gluetun  | 2023-07-26T04:23:56+02:00 INFO OpenVPN 2.6 version: 2.6.5
gluetun  | 2023-07-26T04:23:56+02:00 INFO Unbound version: 1.17.1
gluetun  | 2023-07-26T04:23:56+02:00 INFO IPtables version: v1.8.9
gluetun  | 2023-07-26T04:23:56+02:00 INFO Settings summary:
gluetun  | ├── VPN settings:
gluetun  | |   ├── VPN provider settings:
gluetun  | |   |   ├── Name: surfshark
gluetun  | |   |   └── Server selection settings:
gluetun  | |   |       ├── VPN type: openvpn
gluetun  | |   |       ├── Countries: netherlands
gluetun  | |   |       └── OpenVPN server selection settings:
gluetun  | |   |           └── Protocol: UDP
gluetun  | |   └── OpenVPN settings:
gluetun  | |       ├── OpenVPN version: 2.5
gluetun  | |       ├── User: [set]
gluetun  | |       ├── Password: [set]
gluetun  | |       ├── Network interface: tun0
gluetun  | |       ├── Run OpenVPN as: root
gluetun  | |       └── Verbosity level: 1
gluetun  | ├── DNS settings:
gluetun  | |   ├── DNS server address to use: 127.0.0.1
gluetun  | |   ├── Keep existing nameserver(s): no
gluetun  | |   └── DNS over TLS settings:
gluetun  | |       ├── Enabled: yes
gluetun  | |       ├── Update period: every 24h0m0s
gluetun  | |       ├── Unbound settings:
gluetun  | |       |   ├── Authoritative servers:
gluetun  | |       |   |   └── cloudflare
gluetun  | |       |   ├── Caching: yes
gluetun  | |       |   ├── IPv6: no
gluetun  | |       |   ├── Verbosity level: 1
gluetun  | |       |   ├── Verbosity details level: 0
gluetun  | |       |   ├── Validation log level: 0
gluetun  | |       |   ├── System user: root
gluetun  | |       |   └── Allowed networks:
gluetun  | |       |       ├── 0.0.0.0/0
gluetun  | |       |       └── ::/0
gluetun  | |       └── DNS filtering settings:
gluetun  | |           ├── Block malicious: yes
gluetun  | |           ├── Block ads: no
gluetun  | |           ├── Block surveillance: no
gluetun  | |           └── Blocked IP networks:
gluetun  | |               ├── 127.0.0.1/8
gluetun  | |               ├── 10.0.0.0/8
gluetun  | |               ├── 172.16.0.0/12
gluetun  | |               ├── 192.168.0.0/16
gluetun  | |               ├── 169.254.0.0/16
gluetun  | |               ├── ::1/128
gluetun  | |               ├── fc00::/7
gluetun  | |               ├── fe80::/10
gluetun  | |               ├── ::ffff:127.0.0.1/104
gluetun  | |               ├── ::ffff:10.0.0.0/104
gluetun  | |               ├── ::ffff:169.254.0.0/112
gluetun  | |               ├── ::ffff:172.16.0.0/108
gluetun  | |               └── ::ffff:192.168.0.0/112
gluetun  | ├── Firewall settings:
gluetun  | |   └── Enabled: yes
gluetun  | ├── Log settings:
gluetun  | |   └── Log level: INFO
gluetun  | ├── Health settings:
gluetun  | |   ├── Server listening address: 127.0.0.1:9999
gluetun  | |   ├── Target address: cloudflare.com:443
gluetun  | |   ├── Duration to wait after success: 5s
gluetun  | |   ├── Read header timeout: 100ms
gluetun  | |   ├── Read timeout: 500ms
gluetun  | |   └── VPN wait durations:
gluetun  | |       ├── Initial duration: 6s
gluetun  | |       └── Additional duration: 5s
gluetun  | ├── Shadowsocks server settings:
gluetun  | |   └── Enabled: no
gluetun  | ├── HTTP proxy settings:
gluetun  | |   └── Enabled: no
gluetun  | ├── Control server settings:
gluetun  | |   ├── Listening address: :8000
gluetun  | |   └── Logging: yes
gluetun  | ├── OS Alpine settings:
gluetun  | |   ├── Process UID: 1000
gluetun  | |   ├── Process GID: 1000
gluetun  | |   └── Timezone: europe/rome
gluetun  | ├── Public IP settings:
gluetun  | |   ├── Fetching: every 12h0m0s
gluetun  | |   └── IP file path: /tmp/gluetun/ip
gluetun  | ├── Server data updater settings:
gluetun  | |   ├── Update period: 12h0m0s
gluetun  | |   ├── DNS address: 1.1.1.1:53
gluetun  | |   ├── Minimum ratio: 0.8
gluetun  | |   └── Providers to update: surfshark
gluetun  | └── Version settings:
gluetun  |     └── Enabled: yes
gluetun  | 2023-07-26T04:23:56+02:00 INFO [routing] default route found: interface eth0, gateway 172.19.0.1, assigned IP 172.19.0.2 and family v4
gluetun  | 2023-07-26T04:23:56+02:00 INFO [routing] adding route for 0.0.0.0/0
gluetun  | 2023-07-26T04:23:56+02:00 INFO [firewall] setting allowed subnets...
gluetun  | 2023-07-26T04:23:56+02:00 INFO [routing] default route found: interface eth0, gateway 172.19.0.1, assigned IP 172.19.0.2 and family v4
gluetun  | 2023-07-26T04:23:56+02:00 INFO [dns over tls] using plaintext DNS at address 1.1.1.1
gluetun  | 2023-07-26T04:23:56+02:00 INFO [http server] http server listening on [::]:8000
gluetun  | 2023-07-26T04:23:56+02:00 INFO [healthcheck] listening on 127.0.0.1:9999
gluetun  | 2023-07-26T04:23:56+02:00 INFO [firewall] allowing VPN connection...
gluetun  | 2023-07-26T04:23:56+02:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
gluetun  | 2023-07-26T04:23:56+02:00 INFO [openvpn] library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10
gluetun  | 2023-07-26T04:23:56+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]188.166.43.117:1194
gluetun  | 2023-07-26T04:23:56+02:00 INFO [openvpn] UDP link local: (not bound)
gluetun  | 2023-07-26T04:23:56+02:00 INFO [openvpn] UDP link remote: [AF_INET]188.166.43.117:1194
gluetun  | 2023-07-26T04:24:02+02:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun  | 2023-07-26T04:24:02+02:00 INFO [vpn] stopping
gluetun  | 2023-07-26T04:24:02+02:00 INFO [vpn] starting
gluetun  | 2023-07-26T04:24:02+02:00 INFO [firewall] allowing VPN connection...
gluetun  | 2023-07-26T04:24:02+02:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
gluetun  | 2023-07-26T04:24:02+02:00 INFO [openvpn] library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10
gluetun  | 2023-07-26T04:24:02+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]212.102.35.209:1194
gluetun  | 2023-07-26T04:24:02+02:00 INFO [openvpn] UDP link local: (not bound)
gluetun  | 2023-07-26T04:24:02+02:00 INFO [openvpn] UDP link remote: [AF_INET]212.102.35.209:1194
gluetun  | 2023-07-26T04:24:14+02:00 INFO [healthcheck] program has been unhealthy for 11s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun  | 2023-07-26T04:24:14+02:00 INFO [vpn] stopping
gluetun  | 2023-07-26T04:24:14+02:00 INFO [vpn] starting
gluetun  | 2023-07-26T04:24:14+02:00 INFO [firewall] allowing VPN connection...
gluetun  | 2023-07-26T04:24:14+02:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
gluetun  | 2023-07-26T04:24:14+02:00 INFO [openvpn] library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10
gluetun  | 2023-07-26T04:24:14+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]146.70.175.51:1194
gluetun  | 2023-07-26T04:24:14+02:00 INFO [openvpn] UDP link local: (not bound)
gluetun  | 2023-07-26T04:24:14+02:00 INFO [openvpn] UDP link remote: [AF_INET]146.70.175.51:1194
gluetun  | 2023-07-26T04:24:30+02:00 INFO [healthcheck] program has been unhealthy for 16s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun  | 2023-07-26T04:24:30+02:00 INFO [vpn] stopping
gluetun  | 2023-07-26T04:24:30+02:00 INFO [vpn] starting
gluetun  | 2023-07-26T04:24:30+02:00 INFO [firewall] allowing VPN connection...
gluetun  | 2023-07-26T04:24:30+02:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
gluetun  | 2023-07-26T04:24:30+02:00 INFO [openvpn] library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10
gluetun  | 2023-07-26T04:24:30+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]146.70.175.21:1194
gluetun  | 2023-07-26T04:24:30+02:00 INFO [openvpn] UDP link local: (not bound)
gluetun  | 2023-07-26T04:24:30+02:00 INFO [openvpn] UDP link remote: [AF_INET]146.70.175.21:1194
gluetun  | 2023-07-26T04:24:51+02:00 INFO [healthcheck] program has been unhealthy for 21s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun  | 2023-07-26T04:24:51+02:00 INFO [vpn] stopping
gluetun  | 2023-07-26T04:24:51+02:00 INFO [vpn] starting
gluetun  | 2023-07-26T04:24:51+02:00 INFO [firewall] allowing VPN connection...
gluetun  | 2023-07-26T04:24:51+02:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
gluetun  | 2023-07-26T04:24:51+02:00 INFO [openvpn] library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10
gluetun  | 2023-07-26T04:24:51+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]89.46.223.187:1194
gluetun  | 2023-07-26T04:24:51+02:00 INFO [openvpn] UDP link local: (not bound)
gluetun  | 2023-07-26T04:24:51+02:00 INFO [openvpn] UDP link remote: [AF_INET]89.46.223.187:1194
gluetun  | 2023-07-26T04:25:17+02:00 INFO [healthcheck] program has been unhealthy for 26s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun  | 2023-07-26T04:25:17+02:00 INFO [vpn] stopping
gluetun  | 2023-07-26T04:25:17+02:00 INFO [vpn] starting
gluetun  | 2023-07-26T04:25:17+02:00 INFO [firewall] allowing VPN connection...
gluetun  | 2023-07-26T04:25:17+02:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
gluetun  | 2023-07-26T04:25:17+02:00 INFO [openvpn] library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10
gluetun  | 2023-07-26T04:25:17+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]146.70.175.21:1194
gluetun  | 2023-07-26T04:25:17+02:00 INFO [openvpn] UDP link local: (not bound)
gluetun  | 2023-07-26T04:25:17+02:00 INFO [openvpn] UDP link remote: [AF_INET]146.70.175.21:1194
gluetun  | 2023-07-26T04:25:48+02:00 INFO [healthcheck] program has been unhealthy for 31s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun  | 2023-07-26T04:25:48+02:00 INFO [vpn] stopping
gluetun  | 2023-07-26T04:25:48+02:00 INFO [vpn] starting
gluetun  | 2023-07-26T04:25:48+02:00 INFO [firewall] allowing VPN connection...
gluetun  | 2023-07-26T04:25:48+02:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
gluetun  | 2023-07-26T04:25:48+02:00 INFO [openvpn] library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10
gluetun  | 2023-07-26T04:25:48+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]89.46.223.187:1194
gluetun  | 2023-07-26T04:25:48+02:00 INFO [openvpn] UDP link local: (not bound)
gluetun  | 2023-07-26T04:25:48+02:00 INFO [openvpn] UDP link remote: [AF_INET]89.46.223.187:1194
gluetun  | 2023-07-26T04:26:24+02:00 INFO [healthcheck] program has been unhealthy for 36s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun  | 2023-07-26T04:26:24+02:00 INFO [vpn] stopping
gluetun  | 2023-07-26T04:26:24+02:00 INFO [vpn] starting
gluetun  | 2023-07-26T04:26:24+02:00 INFO [firewall] allowing VPN connection...
gluetun  | 2023-07-26T04:26:24+02:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
gluetun  | 2023-07-26T04:26:24+02:00 INFO [openvpn] library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10
gluetun  | 2023-07-26T04:26:24+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]89.46.223.187:1194
gluetun  | 2023-07-26T04:26:24+02:00 INFO [openvpn] UDP link local: (not bound)
gluetun  | 2023-07-26T04:26:24+02:00 INFO [openvpn] UDP link remote: [AF_INET]89.46.223.187:1194
gluetun  | 2023-07-26T04:27:05+02:00 INFO [healthcheck] program has been unhealthy for 41s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun  | 2023-07-26T04:27:05+02:00 INFO [vpn] stopping
gluetun  | 2023-07-26T04:27:05+02:00 INFO [vpn] starting
gluetun  | 2023-07-26T04:27:05+02:00 INFO [firewall] allowing VPN connection...
gluetun  | 2023-07-26T04:27:05+02:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
gluetun  | 2023-07-26T04:27:05+02:00 INFO [openvpn] library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10
gluetun  | 2023-07-26T04:27:05+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]143.244.42.94:1194
gluetun  | 2023-07-26T04:27:05+02:00 INFO [openvpn] UDP link local: (not bound)
gluetun  | 2023-07-26T04:27:05+02:00 INFO [openvpn] UDP link remote: [AF_INET]143.244.42.94:1194
gluetun  | 2023-07-26T04:27:51+02:00 INFO [healthcheck] program has been unhealthy for 46s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun  | 2023-07-26T04:27:51+02:00 INFO [vpn] stopping
gluetun  | 2023-07-26T04:27:51+02:00 INFO [vpn] starting
gluetun  | 2023-07-26T04:27:51+02:00 INFO [firewall] allowing VPN connection...
gluetun  | 2023-07-26T04:27:51+02:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
gluetun  | 2023-07-26T04:27:51+02:00 INFO [openvpn] library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10
gluetun  | 2023-07-26T04:27:51+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]146.70.175.11:1194
gluetun  | 2023-07-26T04:27:51+02:00 INFO [openvpn] UDP link local: (not bound)
gluetun  | 2023-07-26T04:27:51+02:00 INFO [openvpn] UDP link remote: [AF_INET]146.70.175.11:1194
gluetun  | 2023-07-26T04:28:42+02:00 INFO [healthcheck] program has been unhealthy for 51s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun  | 2023-07-26T04:28:42+02:00 INFO [vpn] stopping
gluetun  | 2023-07-26T04:28:42+02:00 INFO [vpn] starting
gluetun  | 2023-07-26T04:28:42+02:00 INFO [firewall] allowing VPN connection...
gluetun  | 2023-07-26T04:28:42+02:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
gluetun  | 2023-07-26T04:28:42+02:00 INFO [openvpn] library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10
gluetun  | 2023-07-26T04:28:42+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]188.166.43.117:1194
gluetun  | 2023-07-26T04:28:42+02:00 INFO [openvpn] UDP link local: (not bound)
gluetun  | 2023-07-26T04:28:42+02:00 INFO [openvpn] UDP link remote: [AF_INET]188.166.43.117:1194
gluetun  | 2023-07-26T04:29:39+02:00 INFO [healthcheck] program has been unhealthy for 56s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun  | 2023-07-26T04:29:39+02:00 INFO [vpn] stopping
gluetun  | 2023-07-26T04:29:39+02:00 INFO [vpn] starting
gluetun  | 2023-07-26T04:29:39+02:00 INFO [firewall] allowing VPN connection...
gluetun  | 2023-07-26T04:29:39+02:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
gluetun  | 2023-07-26T04:29:39+02:00 INFO [openvpn] library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10
gluetun  | 2023-07-26T04:29:39+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]146.70.175.59:1194
gluetun  | 2023-07-26T04:29:39+02:00 INFO [openvpn] UDP link local: (not bound)
gluetun  | 2023-07-26T04:29:39+02:00 INFO [openvpn] UDP link remote: [AF_INET]146.70.175.59:1194
gluetun  | 2023-07-26T04:30:39+02:00 WARN [openvpn] TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
gluetun  | 🚒🚒🚒🚒🚒🚨🚨🚨🚨🚨🚨🚒🚒🚒🚒🚒
gluetun  | That error usually happens because either:
gluetun  | 
gluetun  | 1. The VPN server IP address you are trying to connect to is no longer valid 🔌
gluetun  |    Check out https://github.com/qdm12/gluetun-wiki/blob/main/setup/servers.md#update-the-vpn-servers-
list
gluetun  | 
gluetun  | 2. The VPN server crashed 💥, try changing your VPN servers filtering options such as SERVER_REGIONS
gluetun  | 
gluetun  | 3. Your Internet connection is not working 🤯, ensure it works
gluetun  | 
gluetun  | 4. Something else ➡️ https://github.com/qdm12/gluetun/issues/new/choose

Wireguard:

gluetun  | ========================================
gluetun  | ========================================
gluetun  | =============== gluetun ================
gluetun  | ========================================
gluetun  | =========== Made with ❤️ by ============
gluetun  | ======= https://github.com/qdm12 =======
gluetun  | ========================================
gluetun  | ========================================
gluetun  | 
gluetun  | Running version latest built on 2023-07-22T16:07:05.641Z (commit eecfb39)
gluetun  | 
gluetun  | 🔧 Need help? https://github.com/qdm12/gluetun/discussions/new
gluetun  | 🐛 Bug? https://github.com/qdm12/gluetun/issues/new
gluetun  | ✨ New feature? https://github.com/qdm12/gluetun/issues/new
gluetun  | ☕ Discussion? https://github.com/qdm12/gluetun/discussions/new
gluetun  | 💻 Email? quentin.mcgaw@gmail.com
gluetun  | 💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
gluetun  | 2023-07-26T04:56:21+02:00 INFO [routing] default route found: interface eth0, gateway 172.19.0.1, assigned IP 172.19.0.2 and family v4
gluetun  | 2023-07-26T04:56:21+02:00 INFO [routing] local ethernet link found: eth0
gluetun  | 2023-07-26T04:56:21+02:00 INFO [routing] local ipnet found: 172.19.0.0/16
gluetun  | 2023-07-26T04:56:21+02:00 INFO [firewall] enabling...
gluetun  | 2023-07-26T04:56:21+02:00 INFO [firewall] enabled successfully
gluetun  | 2023-07-26T04:56:21+02:00 INFO [storage] merging by most recent 17692 hardcoded servers and 17692 servers read from /gluetun/servers.json
gluetun  | 2023-07-26T04:56:22+02:00 INFO Alpine version: 3.18.2
gluetun  | 2023-07-26T04:56:22+02:00 INFO OpenVPN 2.5 version: 2.5.8
gluetun  | 2023-07-26T04:56:22+02:00 INFO OpenVPN 2.6 version: 2.6.5
gluetun  | 2023-07-26T04:56:22+02:00 INFO Unbound version: 1.17.1
gluetun  | 2023-07-26T04:56:22+02:00 INFO IPtables version: v1.8.9
gluetun  | 2023-07-26T04:56:22+02:00 INFO Settings summary:
gluetun  | ├── VPN settings:
gluetun  | |   ├── VPN provider settings:
gluetun  | |   |   ├── Name: surfshark
gluetun  | |   |   └── Server selection settings:
gluetun  | |   |       ├── VPN type: wireguard
gluetun  | |   |       ├── Countries: romania
gluetun  | |   |       └── Wireguard selection settings:
gluetun  | |   └── Wireguard settings:
gluetun  | |       ├── Private key: 2Mg...Vc=
gluetun  | |       ├── Interface addresses:
gluetun  | |       |   └── 10.14.0.2/16
gluetun  | |       ├── Allowed IPs:
gluetun  | |       |   ├── 0.0.0.0/0
gluetun  | |       |   └── ::/0
gluetun  | |       └── Network interface: tun0
gluetun  | |           └── MTU: 1400
gluetun  | ├── DNS settings:
gluetun  | |   ├── DNS server address to use: 127.0.0.1
gluetun  | |   ├── Keep existing nameserver(s): no
gluetun  | |   └── DNS over TLS settings:
gluetun  | |       ├── Enabled: yes
gluetun  | |       ├── Update period: every 24h0m0s
gluetun  | |       ├── Unbound settings:
gluetun  | |       |   ├── Authoritative servers:
gluetun  | |       |   |   └── cloudflare
gluetun  | |       |   ├── Caching: yes
gluetun  | |       |   ├── IPv6: no
gluetun  | |       |   ├── Verbosity level: 1
gluetun  | |       |   ├── Verbosity details level: 0
gluetun  | |       |   ├── Validation log level: 0
gluetun  | |       |   ├── System user: root
gluetun  | |       |   └── Allowed networks:
gluetun  | |       |       ├── 0.0.0.0/0
gluetun  | |       |       └── ::/0
gluetun  | |       └── DNS filtering settings:
gluetun  | |           ├── Block malicious: yes
gluetun  | |           ├── Block ads: no
gluetun  | |           ├── Block surveillance: no
gluetun  | |           └── Blocked IP networks:
gluetun  | |               ├── 127.0.0.1/8
gluetun  | |               ├── 10.0.0.0/8
gluetun  | |               ├── 172.16.0.0/12
gluetun  | |               ├── 192.168.0.0/16
gluetun  | |               ├── 169.254.0.0/16
gluetun  | |               ├── ::1/128
gluetun  | |               ├── fc00::/7
gluetun  | |               ├── fe80::/10
gluetun  | |               ├── ::ffff:127.0.0.1/104
gluetun  | |               ├── ::ffff:10.0.0.0/104
gluetun  | |               ├── ::ffff:169.254.0.0/112
gluetun  | |               ├── ::ffff:172.16.0.0/108
gluetun  | |               └── ::ffff:192.168.0.0/112
gluetun  | ├── Firewall settings:
gluetun  | |   └── Enabled: yes
gluetun  | ├── Log settings:
gluetun  | |   └── Log level: INFO
gluetun  | ├── Health settings:
gluetun  | |   ├── Server listening address: 127.0.0.1:9999
gluetun  | |   ├── Target address: cloudflare.com:443
gluetun  | |   ├── Duration to wait after success: 5s
gluetun  | |   ├── Read header timeout: 100ms
gluetun  | |   ├── Read timeout: 500ms
gluetun  | |   └── VPN wait durations:
gluetun  | |       ├── Initial duration: 6s
gluetun  | |       └── Additional duration: 5s
gluetun  | ├── Shadowsocks server settings:
gluetun  | |   └── Enabled: no
gluetun  | ├── HTTP proxy settings:
gluetun  | |   └── Enabled: no
gluetun  | ├── Control server settings:
gluetun  | |   ├── Listening address: :8000
gluetun  | |   └── Logging: yes
gluetun  | ├── OS Alpine settings:
gluetun  | |   ├── Process UID: 1000
gluetun  | |   ├── Process GID: 1000
gluetun  | |   └── Timezone: europe/rome
gluetun  | ├── Public IP settings:
gluetun  | |   ├── Fetching: every 12h0m0s
gluetun  | |   └── IP file path: /tmp/gluetun/ip
gluetun  | └── Version settings:
gluetun  |     └── Enabled: yes
gluetun  | 2023-07-26T04:56:22+02:00 INFO [routing] default route found: interface eth0, gateway 172.19.0.1, assigned IP 172.19.0.2 and family v4
gluetun  | 2023-07-26T04:56:22+02:00 INFO [routing] adding route for 0.0.0.0/0
gluetun  | 2023-07-26T04:56:22+02:00 INFO [firewall] setting allowed subnets...
gluetun  | 2023-07-26T04:56:22+02:00 INFO [routing] default route found: interface eth0, gateway 172.19.0.1, assigned IP 172.19.0.2 and family v4
gluetun  | 2023-07-26T04:56:22+02:00 INFO [dns over tls] using plaintext DNS at address 1.1.1.1
gluetun  | 2023-07-26T04:56:22+02:00 INFO [http server] http server listening on [::]:8000
gluetun  | 2023-07-26T04:56:22+02:00 INFO [healthcheck] listening on 127.0.0.1:9999
gluetun  | 2023-07-26T04:56:22+02:00 INFO [firewall] allowing VPN connection...
gluetun  | 2023-07-26T04:56:22+02:00 INFO [wireguard] Using available kernelspace implementation
gluetun  | 2023-07-26T04:56:22+02:00 INFO [wireguard] Connecting to 217.148.143.197:51820
gluetun  | 2023-07-26T04:56:22+02:00 INFO [wireguard] Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working.
gluetun  | 2023-07-26T04:56:22+02:00 INFO [dns over tls] downloading DNS over TLS cryptographic files
gluetun  | 2023-07-26T04:56:30+02:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun  | 2023-07-26T04:56:30+02:00 INFO [vpn] stopping
gluetun  | 2023-07-26T04:56:30+02:00 ERROR [vpn] cannot get version information: Get "https://api.github.com/repos/qdm12/gluetun/commits": context canceled
gluetun  | 2023-07-26T04:56:30+02:00 INFO [vpn] starting
gluetun  | 2023-07-26T04:56:30+02:00 INFO [firewall] allowing VPN connection...
gluetun  | 2023-07-26T04:56:30+02:00 INFO [wireguard] Using available kernelspace implementation
gluetun  | 2023-07-26T04:56:30+02:00 INFO [wireguard] Connecting to 85.204.124.91:51820
gluetun  | 2023-07-26T04:56:30+02:00 INFO [wireguard] Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working.
gluetun  | 2023-07-26T04:56:32+02:00 WARN [dns over tls] cannot update files: Get "https://www.internic.net/domain/named.root": dial tcp: lookup www.internic.net on 1.1.1.1:53: read udp 10.14.0.2:57095->1.1.1.1:53: i/o timeout
gluetun  | 2023-07-26T04:56:32+02:00 INFO [dns over tls] attempting restart in 10s
gluetun  | 2023-07-26T04:56:41+02:00 INFO [healthcheck] program has been unhealthy for 11s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun  | 2023-07-26T04:56:41+02:00 INFO [vpn] stopping
gluetun  | 2023-07-26T04:56:41+02:00 INFO [vpn] starting
gluetun  | 2023-07-26T04:56:41+02:00 INFO [firewall] allowing VPN connection...
gluetun  | 2023-07-26T04:56:41+02:00 INFO [wireguard] Using available kernelspace implementation
gluetun  | 2023-07-26T04:56:41+02:00 INFO [wireguard] Connecting to 185.102.217.196:51820
gluetun  | 2023-07-26T04:56:41+02:00 INFO [wireguard] Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working.
gluetun  | 2023-07-26T04:56:42+02:00 INFO [dns over tls] downloading DNS over TLS cryptographic files
gluetun  | 2023-07-26T04:56:52+02:00 WARN [dns over tls] cannot update files: Get "https://www.internic.net/domain/named.root": dial tcp: lookup www.internic.net on 1.1.1.1:53: read udp 10.14.0.2:57692->1.1.1.1:53: i/o timeout
gluetun  | 2023-07-26T04:56:52+02:00 INFO [dns over tls] attempting restart in 20s

Share your configuration

OpenVPN:

version: "3"
services:
  gluetun:
    image: qmcgaw/gluetun
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - 8888:8888/tcp # HTTP proxy
      - 8388:8388/tcp # Shadowsocks
      - 8388:8388/udp # Shadowsocks
    volumes:
      - /home/<redacted>/dlstack/gluetun:/gluetun
    environment:
      - VPN_SERVICE_PROVIDER=surfshark
      - VPN_TYPE=openvpn
      - OPENVPN_USER=[REDACTED]
      - OPENVPN_PASSWORD=[REDACTED]
      - TZ=Europe/Rome
      - UPDATER_PERIOD=12h
      - SERVER_COUNTRIES=Netherlands

Wireguard:

version: "3"
services:
  gluetun:
    image: qmcgaw/gluetun
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - 8888:8888/tcp # HTTP proxy
      - 8388:8388/tcp # Shadowsocks
      - 8388:8388/udp # Shadowsocks
    volumes: 
      - /home/<redacted>/dlstack/gluetun:/gluetun
    environment:
      - VPN_SERVICE_PROVIDER=surfshark
      - VPN_TYPE=wireguard
      - WIREGUARD_PRIVATE_KEY=[REDACTED]
      - WIREGUARD_ADDRESSES=10.14.0.2/16
      - SERVER_COUNTRIES=Romania
      - TZ=Europe/Rome
AliceGrey commented 1 year ago

Having the exact same issue with mullvad.

qdm12 commented 1 year ago

Have you tried image qmcgaw/gluetun:v3.35.0? Have you tried updating servers data?

@AliceGrey Just ran mine with Mullvad + Wireguard without any problem, maybe one particular server Ip address is outdated, you may want to update your servers data as well.

proudhon commented 1 year ago

Running the manual update results in:

2023-07-25T23:35:22Z ERROR updating server information: getting servers: not enough servers found: 188 and expected at least 292

proudhon commented 1 year ago

Also if understand the logs correctly:

gluetun-gluetun-1 | 2023-07-26T01:48:17+02:00 INFO [vpn] starting gluetun-gluetun-1 | 2023-07-26T01:48:17+02:00 INFO [firewall] allowing VPN connection... gluetun-gluetun-1 | 2023-07-26T01:48:17+02:00 INFO [wireguard] Using available kernelspace implementation gluetun-gluetun-1 | 2023-07-26T01:48:17+02:00 INFO [wireguard] Connecting to 185.102.217.196:51820 gluetun-gluetun-1 | 2023-07-26T01:48:17+02:00 INFO [wireguard] Wireguard is up

It looks like wireguard successfully connects to the surfshark server (that ip is updated and it is the one shown by surfshark's webui control panel for manual configuration of vpn clients).

i'm running some basic network tests on the container and it looks like it can't resolve hostnames and doesn't have outbound connectivity:

$ docker container exec -it gluetun-gluetun-1 sh
/ # ping archlinux.org
ping: bad address 'archlinux.org'
$ docker container exec -it gluetun-gluetun-1 sh
/ # ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1): 56 data bytes
^C
--- 1.1.1.1 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss
qdm12 commented 1 year ago

@proudhon

Running the manual update results

you can use -minratio 0.5 to change the ratio (0 to 1) to work around the minimum number of servers required to pass the update (by default it's 0.8). It was not really documented, I added a warning in case not enough servers are found in dc8fc5f81f6426bdc1dddbdd5f822f201a623aa3

I also updated Surfshark servers data in b787e12e253e2cc626232796b33c5a15a8d936a3 so you can just pull the latest image for this time 😉

It looks like wireguard successfully connects to the surfshark server

Not necessarily, as the log explains it better now:

Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working.

It likely is not connecting at all in fact. After updating my servers data locally, the ip address you used 185.102.217.196 is no longer there, so it's most likely a no longer working ip address (despite being on their UI, it might also be outdated over there 🤔)

Anyway, I'll close this issue assuming it's back to working state now, please open a new issue if the problem still persists, thanks!