search

qdm12 / gluetun

VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
https://hub.docker.com/r/qmcgaw/gluetun
MIT License
7.89k stars 366 forks source link

Bug: latest after v3.35 OpenVPN setup completes but remains unhealthy #1817

Closed Johnyb62 closed 1 year ago

Johnyb62 commented 1 year ago

Is this urgent?

No

Host OS

Unraid 6.12.3

CPU arch

x86_64

VPN service provider

Surfshark

What are you using to run the container

docker run

What is the version of Gluetun

3.34.1

What's the problem πŸ€”

VPN connection has stopped working (have been using same config for ages all ok) "program has been unhealthy for 6s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)"

Following the healthcheck suggestions:

  1. Deleted the 'servers.json' file from config folder, which was recreated upon rebuild of docker
  2. Set server region to 'Germany UK', no change - so removed
  3. Checked my router, all outbound connections are unrestricted
  4. not using docker desktop (n/a)
  5. Hence why i'm here :-)

Also tried:

  1. Rebooting my router
  2. Creating another instance using same configuration

Any help would be appreciated (if this is a configuration issue rather than bug)

Share your logs

text  error  warn  system  array  login  

2023-08-23T10:55:22+01:00 INFO OpenVPN 2.5 version: 2.5.8
2023-08-23T10:55:22+01:00 INFO OpenVPN 2.6 version: 2.6.5
2023-08-23T10:55:22+01:00 INFO Unbound version: 1.17.1
2023-08-23T10:55:22+01:00 INFO IPtables version: v1.8.9
2023-08-23T10:55:22+01:00 INFO Settings summary:
β”œβ”€β”€ VPN settings:
|   β”œβ”€β”€ VPN provider settings:
|   |   β”œβ”€β”€ Name: surfshark
|   |   └── Server selection settings:
|   |       β”œβ”€β”€ VPN type: openvpn
|   |       └── OpenVPN server selection settings:
|   |           └── Protocol: UDP
|   └── OpenVPN settings:
|       β”œβ”€β”€ OpenVPN version: 2.5
|       β”œβ”€β”€ User: [set]
|       β”œβ”€β”€ Password: [set]
|       β”œβ”€β”€ Network interface: tun0
|       β”œβ”€β”€ Run OpenVPN as: nonrootuser
|       └── Verbosity level: 1
β”œβ”€β”€ DNS settings:
|   └── Keep existing nameserver(s): yes
β”œβ”€β”€ Firewall settings:
|   └── Enabled: yes
β”œβ”€β”€ Log settings:
|   └── Log level: INFO
β”œβ”€β”€ Health settings:
|   β”œβ”€β”€ Server listening address: 127.0.0.1:9999
|   β”œβ”€β”€ Target address: github.com
|   β”œβ”€β”€ Duration to wait after success: 5s
|   β”œβ”€β”€ Read header timeout: 100ms
|   β”œβ”€β”€ Read timeout: 500ms
|   └── VPN wait durations:
|       β”œβ”€β”€ Initial duration: 6s
|       └── Additional duration: 5s
β”œβ”€β”€ Shadowsocks server settings:
|   └── Enabled: no
β”œβ”€β”€ HTTP proxy settings:
|   └── Enabled: no
β”œβ”€β”€ Control server settings:
|   β”œβ”€β”€ Listening address: :8000
|   └── Logging: yes
β”œβ”€β”€ OS Alpine settings:
|   β”œβ”€β”€ Process UID: 1000
|   β”œβ”€β”€ Process GID: 1000
|   └── Timezone: europe/london
β”œβ”€β”€ Public IP settings:
|   β”œβ”€β”€ Fetching: every 12h0m0s
|   └── IP file path: /gluetun/ip
└── Version settings:
    └── Enabled: yes
2023-08-23T10:55:22+01:00 INFO [routing] default route found: interface eth0, gateway 172.17.0.1, assigned IP 172.17.0.2 and family v4
2023-08-23T10:55:22+01:00 INFO [routing] adding route for 0.0.0.0/0
2023-08-23T10:55:22+01:00 INFO [firewall] setting allowed subnets...
2023-08-23T10:55:22+01:00 INFO [routing] default route found: interface eth0, gateway 172.17.0.1, assigned IP 172.17.0.2 and family v4
2023-08-23T10:55:22+01:00 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
2023-08-23T10:55:22+01:00 WARN [dns] ⚠️⚠️⚠️  keeping the default container nameservers, this will likely leak DNS traffic outside the VPN and go through your container network DNS outside the VPN tunnel!
2023-08-23T10:55:22+01:00 INFO [http server] http server listening on [::]:8000
2023-08-23T10:55:22+01:00 INFO [healthcheck] listening on 127.0.0.1:9999
2023-08-23T10:55:22+01:00 INFO [firewall] allowing VPN connection...
2023-08-23T10:55:22+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2023-08-23T10:55:22+01:00 INFO [openvpn] library versions: OpenSSL 3.1.2 1 Aug 2023, LZO 2.10
2023-08-23T10:55:22+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]138.199.40.162:1194
2023-08-23T10:55:22+01:00 INFO [openvpn] UDP link local: (not bound)
2023-08-23T10:55:22+01:00 INFO [openvpn] UDP link remote: [AF_INET]138.199.40.162:1194
2023-08-23T10:55:22+01:00 INFO [openvpn] [us-nyc-v069.prod.surfshark.com] Peer Connection Initiated with [AF_INET]138.199.40.162:1194
2023-08-23T10:55:23+01:00 ERROR [openvpn] Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:7: block-outside-dns (2.5.8)
2023-08-23T10:55:23+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2023-08-23T10:55:23+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2023-08-23T10:55:23+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2023-08-23T10:55:23+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.8.8.6/24
2023-08-23T10:55:23+01:00 INFO [openvpn] UID set to nonrootuser
2023-08-23T10:55:23+01:00 INFO [openvpn] Initialization Sequence Completed
2023-08-23T10:55:28+01:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
2023-08-23T10:55:28+01:00 INFO [vpn] stopping
2023-08-23T10:55:28+01:00 ERROR [vpn] cannot get version information: Get "https://api.github.com/repos/qdm12/gluetun/commits": context canceled
2023-08-23T10:55:28+01:00 INFO [vpn] starting
2023-08-23T10:55:28+01:00 INFO [firewall] allowing VPN connection...
2023-08-23T10:55:28+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2023-08-23T10:55:28+01:00 INFO [openvpn] library versions: OpenSSL 3.1.2 1 Aug 2023, LZO 2.10
2023-08-23T10:55:28+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]66.115.147.67:1194
2023-08-23T10:55:28+01:00 INFO [openvpn] UDP link local: (not bound)
2023-08-23T10:55:28+01:00 INFO [openvpn] UDP link remote: [AF_INET]66.115.147.67:1194
2023-08-23T10:55:28+01:00 INFO [openvpn] [ca-van-v014.prod.surfshark.com] Peer Connection Initiated with [AF_INET]66.115.147.67:1194
2023-08-23T10:55:30+01:00 ERROR [openvpn] Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:7: block-outside-dns (2.5.8)
2023-08-23T10:55:30+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2023-08-23T10:55:30+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2023-08-23T10:55:30+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2023-08-23T10:55:30+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.8.8.9/24
2023-08-23T10:55:30+01:00 INFO [openvpn] UID set to nonrootuser
2023-08-23T10:55:30+01:00 INFO [openvpn] Initialization Sequence Completed

Share your configuration

docker run
  -d
  --name='GluetunVPN'
  --net='bridge'
  -e TZ="Europe/London"
  -e HOST_OS="Unraid"
  -e HOST_HOSTNAME="MS"
  -e HOST_CONTAINERNAME="GluetunVPN"
  -e 'TZ'='Europe/London'
  -e 'VPNSP'='surfshark'
  -e 'VPN_TYPE'='openvpn'
  -e 'OPENVPN_PROTOCOL'='udp'
  -e 'OPENVPN_USER'='xxxxxxxxxxx'
  -e 'OPENVPN_PASSWORD'='xxxxxxxxxxx'
  -e 'OPENVPN_VERSION'='2.5'
  -e 'OPENVPN_VERBOSITY'='1'
  -e 'OPENVPN_FLAGS'=''
  -e 'OPENVPN_CIPHER'=''
  -e 'OPENVPN_AUTH'=''
  -e 'OPENVPN_ROOT'='no'
  -e 'OPENVPN_TARGET_IP'=''
  -e 'OPENVPN_IPV6'='off'
  -e 'OPENVPN_CUSTOM_CONFIG'=''
  -e 'OPENVPN_INTERFACE'='tun0'
  -e 'OPENVPN_PORT'=''
  -e 'WIREGUARD_PRIVATE_KEY'=''
  -e 'WIREGUARD_PRESHARED_KEY'=''
  -e 'WIREGUARD_PUBLIC_KEY'=''
  -e 'WIREGUARD_ADDRESS'=''
  -e 'WIREGUARD_ENDPOINT_IP'=''
  -e 'WIREGUARD_ENDPOINT_PORT'='51820'
  -e 'WIREGUARD_INTERFACE'='wg0'
  -e 'REGION'=''
  -e 'COUNTRY'=''
  -e 'CITY'=''
  -e 'SERVER_HOSTNAME'=''
  -e 'FIREWALL'='on'
  -e 'FIREWALL_VPN_INPUT_PORTS'=''
  -e 'FIREWALL_INPUT_PORTS'=''
  -e 'FIREWALL_OUTBOUND_SUBNETS'=''
  -e 'FIREWALL_DEBUG'='off'
  -e 'LOG_LEVEL'='info'
  -e 'DOT'='on'
  -e 'DOT_PROVIDERS'='cloudflare'
  -e 'DOT_PRIVATE_ADDRESS'='127.0.0.1/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,169.254.0.0/16,::1/128,fc00::/7,fe80::/10,::ffff:7f00:1/104,::ffff:a00:0/104,::ffff:a9fe:0/112,::ffff:ac10:0/108,::ffff:c0a8:0/112'
  -e 'DOT_VERBOSITY'='1'
  -e 'DOT_VERBOSITY_DETAILS'='0'
  -e 'DOT_VALIDATION_LOGLEVEL'='0'
  -e 'DOT_CACHING'='on'
  -e 'DOT_IPV6'='off'
  -e 'BLOCK_MALICIOUS'='on'
  -e 'BLOCK_SURVEILLANCE'='off'
  -e 'BLOCK_ADS'='off'
  -e 'UNBLOCK'=''
  -e 'DNS_UPDATE_PERIOD'='24h'
  -e 'DNS_PLAINTEXT_ADDRESS'=''
  -e 'DNS_KEEP_NAMESERVER'='on'
  -e 'HTTPPROXY'='off'
  -e 'HTTPPROXY_LOG'='off'
  -e 'HTTPPROXY_USER'=''
  -e 'HTTPPROXY_PASSWORD'=''
  -e 'HTTPPROXY_STEALTH'='off'
  -e 'SHADOWSOCKS'='off'
  -e 'SHADOWSOCKS_LOG'='off'
  -e ':8388'=':8388'
  -e 'SHADOWSOCKS_PASSWORD'=''
  -e 'SHADOWSOCKS_CIPHER'='chacha20-ietf-poly1305'
  -e 'WIREGUARD_ADDRESSES'=''
  -e 'SERVER_REGIONS'=''
  -e 'SERVER_COUNTRIES'=''
  -e 'SERVER_CITIES'=''
  -e 'SERVER_NAMES'=''
  -e 'SERVER_HOSTNAMES'=''
  -e 'DNS_ADDRESS'=''
  -e 'HEALTH_SERVER_ADDRESS'='127.0.0.1:9999'
  -e 'HEALTH_ADDRESS_TO_PING'='github.com'
  -e 'HEALTH_VPN_DURATION_INITIAL'='6s'
  -e 'HEALTH_VPN_DURATION_ADDITION'='5s'
  -e 'UPDATER_PERIOD'='0'
  -e 'PUBLICIP_FILE'='/gluetun/ip'
  -e 'PUBLICIP_PERIOD'='12h'
  -e 'VERSION_INFORMATION'='on'
  -e 'HTTP_CONTROL_SERVER_LOG'='on'
  -e 'PUID'='1000'
  -e 'PGID'='1000'
  -e 'HEALTH_TARGET_ADDRESS'='github.com:443'
  -l net.unraid.docker.managed=dockerman
  -l net.unraid.docker.webui='http://[IP]:[PORT:8000]'
  -l net.unraid.docker.icon='https://raw.githubusercontent.com/qdm12/gluetun/master/doc/logo_256.png'
  -p '8888:8888/tcp'
  -p '8112:8112/tcp'
  -p '7807:7807/tcp'
  -p '5800:5800/tcp'
  -p '8000:8000/tcp'
  -v '/mnt/user/appdata/_apps/gluetun':'/gluetun':'rw'
  --cap-add=NET_ADMIN
  --restart always 'qmcgaw/gluetun'
33b5cbee7b98953d28164e9788fafa0bcdb67312258f9a4a5cbda9fe3fdabc20
Johnyb62 commented 1 year ago

Updated today with new build, issue remains.

Running version latest built on 2023-08-24T09:09:29.123Z (commit 1ac031e)

Johnyb62 commented 1 year ago

Reverting back to :v3.35.0 temporarily fixed the issue.

Schaka commented 1 year ago

Same issue, reverting to v3.35 resolved it too.

docker run
  -d
  --name='GluetunVPN'
  --net='htpc'
  -e TZ="Europe/Berlin"
  -e HOST_OS="Unraid"
  -e HOST_HOSTNAME="HTPC"
  -e HOST_CONTAINERNAME="GluetunVPN"
  -e 'TZ'='Europe/Berlin'
  -e 'VPN_SERVICE_PROVIDER'='airvpn'
  -e 'VPN_TYPE'='openvpn'
  -e 'VPN_INTERFACE'='tun0'
  -e 'VPN_ENDPOINT_PORT'=''
  -e 'VPN_ENDPOINT_IP'=''
  -e 'OPENVPN_PROTOCOL'='udp'
  -e 'OPENVPN_USER'='xxxx'
  -e 'OPENVPN_PASSWORD'='xxxx'
  -e 'OPENVPN_VERSION'='2.6'
  -e 'OPENVPN_VERBOSITY'='1'
  -e 'OPENVPN_FLAGS'=''
  -e 'OPENVPN_CIPHERS'=''
  -e 'OPENVPN_AUTH'='SHA256'
  -e 'OPENVPN_PROCESS_USER'='no'
  -e 'OPENVPN_IPV6'='off'
  -e 'OPENVPN_CUSTOM_CONFIG'=''
  -e 'WIREGUARD_PRIVATE_KEY'=''
  -e 'WIREGUARD_PRESHARED_KEY'=''
  -e 'WIREGUARD_PUBLIC_KEY'=''
  -e 'WIREGUARD_ADDRESSES'=''
  -e 'SERVER_REGIONS'=''
  -e 'SERVER_COUNTRIES'='Sweden'
  -e 'SERVER_CITIES'=''
  -e 'SERVER_NAMES'=''
  -e 'SERVER_HOSTNAMES'=''
  -e 'FIREWALL'='on'
  -e 'FIREWALL_VPN_INPUT_PORTS'='57786'
  -e 'FIREWALL_INPUT_PORTS'=''
  -e 'FIREWALL_OUTBOUND_SUBNETS'=''
  -e 'FIREWALL_DEBUG'='off'
  -e 'LOG_LEVEL'='info'
  -e 'DOT'='on'
  -e 'DOT_PROVIDERS'='cloudflare'
  -e 'DOT_PRIVATE_ADDRESS'='127.0.0.1/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,169.254.0.0/16,::1/128,fc00::/7,fe80::/10,::ffff:7f00:1/104,::ffff:a00:0/104,::ffff:a9fe:0/112,::ffff:ac10:0/108,::ffff:c0a8:0/112'
  -e 'DOT_VERBOSITY'='1'
  -e 'DOT_VERBOSITY_DETAILS'='0'
  -e 'DOT_VALIDATION_LOGLEVEL'='0'
  -e 'DOT_CACHING'='on'
  -e 'DOT_IPV6'='off'
  -e 'BLOCK_MALICIOUS'='on'
  -e 'BLOCK_SURVEILLANCE'='off'
  -e 'BLOCK_ADS'='off'
  -e 'UNBLOCK'=''
  -e 'DNS_UPDATE_PERIOD'='24h'
  -e 'DNS_ADDRESS'=''
  -e 'DNS_KEEP_NAMESERVER'='on'
  -e 'HTTPPROXY'='off'
  -e 'HTTPPROXY_LOG'='off'
  -e 'HTTPPROXY_USER'=''
  -e 'HTTPPROXY_PASSWORD'=''
  -e 'HTTPPROXY_STEALTH'='off'
  -e 'SHADOWSOCKS'='off'
  -e 'SHADOWSOCKS_LOG'='off'
  -e ':8388'=':8388'
  -e 'SHADOWSOCKS_PASSWORD'=''
  -e 'SHADOWSOCKS_CIPHER'='chacha20-ietf-poly1305'
  -e 'HEALTH_SERVER_ADDRESS'='127.0.0.1:9999'
  -e 'HEALTH_TARGET_ADDRESS'='github.com:443'
  -e 'HEALTH_VPN_DURATION_INITIAL'='6s'
  -e 'HEALTH_VPN_DURATION_ADDITION'='5s'
  -e 'UPDATER_PERIOD'='0'
  -e 'PUBLICIP_FILE'='/gluetun/ip'
  -e 'PUBLICIP_PERIOD'='12h'
  -e 'VERSION_INFORMATION'='on'
  -e 'HTTP_CONTROL_SERVER_LOG'='on'
  -e 'PUID'='1000'
  -e 'PGID'='1000'
  -l net.unraid.docker.managed=dockerman
  -l net.unraid.docker.webui='http://[IP]:[PORT:8000]'
  -l net.unraid.docker.icon='https://raw.githubusercontent.com/qdm12/gluetun/master/doc/logo_256.png'
  -p '8888:8888/tcp'
  -p '8080:8080/tcp'
  -p '8081-8085:8081-8085/tcp'
  -p '6881-6885:6881-6885/udp'
  -p '6881-6885:6881-6885/tcp'
  -p '8000:8000/tcp'
  -v '/mnt/user/appdata/gluetun':'/gluetun':'rw'
  --cap-add=NET_ADMIN 'qmcgaw/gluetun'
e117fbf21ff09b5a44a10e4f375e7794cf79cff0f58708c10cd013ee0bc1dfbb

The only thing in the logs I noticed is the same error as OP - it can't access the git commits.

Johnyb62 commented 1 year ago

Updated to the latest version, problem still remains:--


2023-09-14T10:58:32+01:00 WARN Shutdown not completed gracefully: ordered shutdown timed out: other: group shutdown timed out: 2 out of 4 goroutines: unbound: goroutine shutdown timed out: after 400ms, public IP: goroutine shutdown timed out: after 400ms
========================================
========================================
=============== gluetun ================
========================================
=========== Made with ❀️ by ============
======= https://github.com/qdm12 =======
========================================
========================================

Running version latest built on 2023-09-13T14:23:59.922Z (commit c0062fb)

πŸ”§ Need help? https://github.com/qdm12/gluetun/discussions/new
πŸ› Bug? https://github.com/qdm12/gluetun/issues/new
✨ New feature? https://github.com/qdm12/gluetun/issues/new
β˜• Discussion? https://github.com/qdm12/gluetun/discussions/new
πŸ’» Email? quentin.mcgaw@gmail.com
πŸ’° Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
2023-09-14T10:58:37+01:00 INFO [routing] default route found: interface eth0, gateway 172.17.0.1, assigned IP 172.17.0.8 and family v4
2023-09-14T10:58:37+01:00 INFO [routing] local ethernet link found: eth0
2023-09-14T10:58:37+01:00 INFO [routing] local ipnet found: 172.17.0.0/16
2023-09-14T10:58:37+01:00 INFO [firewall] enabling...
2023-09-14T10:58:37+01:00 INFO [firewall] enabled successfully
2023-09-14T10:58:37+01:00 INFO [storage] merging by most recent 17692 hardcoded servers and 17692 servers read from /gluetun/servers.json
2023-09-14T10:58:38+01:00 INFO Alpine version: 3.18.3
2023-09-14T10:58:38+01:00 INFO OpenVPN 2.5 version: 2.5.8
2023-09-14T10:58:38+01:00 INFO OpenVPN 2.6 version: 2.6.5
2023-09-14T10:58:38+01:00 INFO Unbound version: 1.17.1
2023-09-14T10:58:38+01:00 INFO IPtables version: v1.8.9
2023-09-14T10:58:38+01:00 INFO Settings summary:
β”œβ”€β”€ VPN settings:
|   β”œβ”€β”€ VPN provider settings:
|   |   β”œβ”€β”€ Name: surfshark
|   |   └── Server selection settings:
|   |       β”œβ”€β”€ VPN type: openvpn
|   |       └── OpenVPN server selection settings:
|   |           └── Protocol: UDP
|   └── OpenVPN settings:
|       β”œβ”€β”€ OpenVPN version: 2.5
|       β”œβ”€β”€ User: [set]
|       β”œβ”€β”€ Password: [set]
|       β”œβ”€β”€ Network interface: tun0
|       β”œβ”€β”€ Run OpenVPN as: no
|       └── Verbosity level: 1
β”œβ”€β”€ DNS settings:
|   └── Keep existing nameserver(s): yes
β”œβ”€β”€ Firewall settings:
|   └── Enabled: yes
β”œβ”€β”€ Log settings:
|   └── Log level: INFO
β”œβ”€β”€ Health settings:
|   β”œβ”€β”€ Server listening address: 127.0.0.1:9999
|   β”œβ”€β”€ Target address: github.com:443
|   β”œβ”€β”€ Duration to wait after success: 5s
|   β”œβ”€β”€ Read header timeout: 100ms
|   β”œβ”€β”€ Read timeout: 500ms
|   └── VPN wait durations:
|       β”œβ”€β”€ Initial duration: 6s
|       └── Additional duration: 5s
β”œβ”€β”€ Shadowsocks server settings:
|   └── Enabled: no
β”œβ”€β”€ HTTP proxy settings:
|   └── Enabled: no
β”œβ”€β”€ Control server settings:
|   β”œβ”€β”€ Listening address: :8000
|   └── Logging: yes
β”œβ”€β”€ OS Alpine settings:
|   β”œβ”€β”€ Process UID: 1000
|   β”œβ”€β”€ Process GID: 1000
|   └── Timezone: europe/london
β”œβ”€β”€ Public IP settings:
|   β”œβ”€β”€ Fetching: every 12h0m0s
|   └── IP file path: /gluetun/ip
└── Version settings:
    └── Enabled: yes
2023-09-14T10:58:38+01:00 INFO [routing] default route found: interface eth0, gateway 172.17.0.1, assigned IP 172.17.0.8 and family v4
2023-09-14T10:58:38+01:00 INFO [routing] adding route for 0.0.0.0/0
2023-09-14T10:58:38+01:00 INFO [firewall] setting allowed subnets...
2023-09-14T10:58:38+01:00 INFO [routing] default route found: interface eth0, gateway 172.17.0.1, assigned IP 172.17.0.8 and family v4
2023-09-14T10:58:38+01:00 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
2023-09-14T10:58:38+01:00 WARN [dns] ⚠️⚠️⚠️  keeping the default container nameservers, this will likely leak DNS traffic outside the VPN and go through your container network DNS outside the VPN tunnel!
2023-09-14T10:58:38+01:00 INFO [http server] http server listening on [::]:8000
2023-09-14T10:58:38+01:00 INFO [healthcheck] listening on 127.0.0.1:9999
2023-09-14T10:58:38+01:00 INFO [firewall] allowing VPN connection...
2023-09-14T10:58:38+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2023-09-14T10:58:38+01:00 INFO [openvpn] library versions: OpenSSL 3.1.2 1 Aug 2023, LZO 2.10
2023-09-14T10:58:38+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]37.19.205.187:1194
2023-09-14T10:58:38+01:00 INFO [openvpn] UDP link local: (not bound)
2023-09-14T10:58:38+01:00 INFO [openvpn] UDP link remote: [AF_INET]37.19.205.187:1194
2023-09-14T10:58:39+01:00 INFO [openvpn] [jp-tok-st014.prod.surfshark.com] Peer Connection Initiated with [AF_INET]37.19.205.187:1194
2023-09-14T10:58:40+01:00 ERROR [openvpn] Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:7: block-outside-dns (2.5.8)
2023-09-14T10:58:40+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2023-09-14T10:58:40+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2023-09-14T10:58:40+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2023-09-14T10:58:40+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.8.8.15/24
2023-09-14T10:58:40+01:00 INFO [openvpn] UID set to nonrootuser
2023-09-14T10:58:40+01:00 INFO [openvpn] Initialization Sequence Completed
2023-09-14T10:58:44+01:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
2023-09-14T10:58:44+01:00 INFO [vpn] stopping
2023-09-14T10:58:44+01:00 ERROR [vpn] cannot get version information: Get "https://api.github.com/repos/qdm12/gluetun/commits": context canceled
2023-09-14T10:58:44+01:00 INFO [vpn] starting
2023-09-14T10:58:44+01:00 INFO [firewall] allowing VPN connection...
2023-09-14T10:58:44+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2023-09-14T10:58:44+01:00 INFO [openvpn] library versions: OpenSSL 3.1.2 1 Aug 2023, LZO 2.10
2023-09-14T10:58:44+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]198.147.22.133:1194
2023-09-14T10:58:44+01:00 INFO [openvpn] UDP link local: (not bound)
2023-09-14T10:58:44+01:00 INFO [openvpn] UDP link remote: [AF_INET]198.147.22.133:1194
2023-09-14T10:58:44+01:00 INFO [openvpn] [us-orl-v008.prod.surfshark.com] Peer Connection Initiated with [AF_INET]198.147.22.133:1194
2023-09-14T10:58:44+01:00 ERROR [openvpn] Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:7: block-outside-dns (2.5.8)
2023-09-14T10:58:44+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2023-09-14T10:58:44+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2023-09-14T10:58:44+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2023-09-14T10:58:44+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.8.8.3/24
2023-09-14T10:58:44+01:00 INFO [openvpn] UID set to nonrootuser
2023-09-14T10:58:44+01:00 INFO [openvpn] Initialization Sequence Completed
2023-09-14T10:58:56+01:00 INFO [healthcheck] program has been unhealthy for 11s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
2023-09-14T10:58:56+01:00 INFO [vpn] stopping
2023-09-14T10:58:56+01:00 INFO [vpn] starting
2023-09-14T10:58:56+01:00 INFO [firewall] allowing VPN connection...
2023-09-14T10:58:56+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2023-09-14T10:58:56+01:00 INFO [openvpn] library versions: OpenSSL 3.1.2 1 Aug 2023, LZO 2.10
2023-09-14T10:58:56+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]45.89.173.181:1194
2023-09-14T10:58:56+01:00 INFO [openvpn] UDP link local: (not bound)
2023-09-14T10:58:56+01:00 INFO [openvpn] UDP link remote: [AF_INET]45.89.173.181:1194
2023-09-14T10:58:56+01:00 INFO [openvpn] [us-las-v035.prod.surfshark.com] Peer Connection Initiated with [AF_INET]45.89.173.181:1194
2023-09-14T10:58:56+01:00 ERROR [openvpn] Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:7: block-outside-dns (2.5.8)
2023-09-14T10:58:56+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2023-09-14T10:58:56+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2023-09-14T10:58:56+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2023-09-14T10:58:57+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.8.8.7/24
2023-09-14T10:58:57+01:00 INFO [openvpn] UID set to nonrootuser
2023-09-14T10:58:57+01:00 INFO [openvpn] Initialization Sequence Completed
2023-09-14T10:59:12+01:00 INFO [healthcheck] program has been unhealthy for 16s: restarting VPN (see 
https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
qdm12 commented 1 year ago

Can you try setting DNS_KEEP_NAMESERVER=off to see if it solves it? By the way, you should always have this to off unless you really have to. The Unraid template defaulted it to on by mistake (I'm not the maintainer), I just opened a PR to change it to off: https://github.com/DiamondPrecisionComputing/unraid-templates/pull/14

Johnyb62 commented 1 year ago

Can you try setting DNS_KEEP_NAMESERVER=off to see if it solves it? By the way, you should always have this to off unless you really have to. The Unraid template defaulted it to on by mistake (I'm not the maintainer), I just opened a PR to change it to off: DiamondPrecisionComputing/unraid-templates#14

Thats solves the problem. Many thanks.

CraziFuzzy commented 1 year ago

Same problem here, using unraid. Turned off DNS_KEEP_NAMESERVER and still doing the same thing.

qdm12 commented 1 year ago

@Johnyb62 Awesome! With the PR merged, I would expect not to have further issues with DNS_KEEP_NAMESERVER=on by default, I'll close this issue.

@CraziFuzzy please create another issue with your logs, since it is a different issue than this one which just got resolved. πŸ˜‰

EDIT: if any other user has a similar problem, create another issue. I do not monitor closed issues (and barely opened ones due to the high number of them), so no point communicating here unless it's to reach out to other implicated users but me. Thanks!

Schaka commented 1 year ago

I can confirm it works, if that helps. Changed it in my template and running the latest image again. Thank you for all your effort.

jwproduction commented 1 year ago

I can also confirm that it now works. thx a lot