search

qdm12 / gluetun

VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
https://hub.docker.com/r/qmcgaw/gluetun
MIT License
6.77k stars 333 forks source link

ERROR [ip getter] too many requests sent for this month from https://ipinfo.io/: 429 429 Too Many Requests - retrying in 5s #1900

Closed rajmondburgaj closed 9 months ago

rajmondburgaj commented 9 months ago

When I try to use Wireshark with surfshark VPN I constantly get the error as below:

2023-10-06 19:22:52 2023-10-06T17:22:52Z INFO [routing] default route found: interface eth0, gateway 172.20.0.1, assigned IP 172.20.0.3 and family v4
2023-10-06 19:22:52 2023-10-06T17:22:52Z INFO [routing] local ethernet link found: eth0
2023-10-06 19:22:52 2023-10-06T17:22:52Z INFO [routing] local ipnet found: 172.20.0.0/16
2023-10-06 19:22:52 2023-10-06T17:22:52Z INFO [firewall] enabling...
2023-10-06 19:22:52 2023-10-06T17:22:52Z INFO [firewall] enabled successfully
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO [storage] merging by most recent 17689 hardcoded servers and 17689 servers read from /gluetun/servers.json
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO Alpine version: 3.18.4
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO OpenVPN 2.5 version: 2.5.8
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO OpenVPN 2.6 version: 2.6.5
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO Unbound version: 1.17.1
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO IPtables version: v1.8.9
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO Settings summary:
2023-10-06 19:22:53 ├── VPN settings:
2023-10-06 19:22:53 |   ├── VPN provider settings:
2023-10-06 19:22:53 |   |   ├── Name: surfshark
2023-10-06 19:22:53 |   |   └── Server selection settings:
2023-10-06 19:22:53 |   |       ├── VPN type: wireguard
2023-10-06 19:22:53 |   |       ├── Countries: albania
2023-10-06 19:22:53 |   |       └── Wireguard selection settings:
2023-10-06 19:22:53 |   └── Wireguard settings:
2023-10-06 19:22:53 |       ├── Private key: oOO...0k=
2023-10-06 19:22:53 |       ├── Interface addresses:
2023-10-06 19:22:53 |       |   └── 10.14.0.2/16
2023-10-06 19:22:53 |       ├── Allowed IPs:
2023-10-06 19:22:53 |       |   ├── 0.0.0.0/0
2023-10-06 19:22:53 |       |   └── ::/0
2023-10-06 19:22:53 |       └── Network interface: tun0
2023-10-06 19:22:53 |           └── MTU: 1400
2023-10-06 19:22:53 ├── DNS settings:
2023-10-06 19:22:53 |   ├── Keep existing nameserver(s): no
2023-10-06 19:22:53 |   ├── DNS server address to use: 127.0.0.1
2023-10-06 19:22:53 |   └── DNS over TLS settings:
2023-10-06 19:22:53 |       ├── Enabled: yes
2023-10-06 19:22:53 |       ├── Update period: every 24h0m0s
2023-10-06 19:22:53 |       ├── Unbound settings:
2023-10-06 19:22:53 |       |   ├── Authoritative servers:
2023-10-06 19:22:53 |       |   |   └── cloudflare
2023-10-06 19:22:53 |       |   ├── Caching: yes
2023-10-06 19:22:53 |       |   ├── IPv6: no
2023-10-06 19:22:53 |       |   ├── Verbosity level: 1
2023-10-06 19:22:53 |       |   ├── Verbosity details level: 0
2023-10-06 19:22:53 |       |   ├── Validation log level: 0
2023-10-06 19:22:53 |       |   ├── System user: root
2023-10-06 19:22:53 |       |   └── Allowed networks:
2023-10-06 19:22:53 |       |       ├── 0.0.0.0/0
2023-10-06 19:22:53 |       |       └── ::/0
2023-10-06 19:22:53 |       └── DNS filtering settings:
2023-10-06 19:22:53 |           ├── Block malicious: yes
2023-10-06 19:22:53 |           ├── Block ads: no
2023-10-06 19:22:53 |           ├── Block surveillance: no
2023-10-06 19:22:53 |           └── Blocked IP networks:
2023-10-06 19:22:53 |               ├── 127.0.0.1/8
2023-10-06 19:22:53 |               ├── 10.0.0.0/8
2023-10-06 19:22:53 |               ├── 172.16.0.0/12
2023-10-06 19:22:53 |               ├── 192.168.0.0/16
2023-10-06 19:22:53 |               ├── 169.254.0.0/16
2023-10-06 19:22:53 |               ├── ::1/128
2023-10-06 19:22:53 |               ├── fc00::/7
2023-10-06 19:22:53 |               ├── fe80::/10
2023-10-06 19:22:53 |               ├── ::ffff:127.0.0.1/104
2023-10-06 19:22:53 |               ├── ::ffff:10.0.0.0/104
2023-10-06 19:22:53 |               ├── ::ffff:169.254.0.0/112
2023-10-06 19:22:53 |               ├── ::ffff:172.16.0.0/108
2023-10-06 19:22:53 |               └── ::ffff:192.168.0.0/112
2023-10-06 19:22:53 ├── Firewall settings:
2023-10-06 19:22:53 |   └── Enabled: yes
2023-10-06 19:22:53 ├── Log settings:
2023-10-06 19:22:53 |   └── Log level: INFO
2023-10-06 19:22:53 ├── Health settings:
2023-10-06 19:22:53 |   ├── Server listening address: 127.0.0.1:9999
2023-10-06 19:22:53 |   ├── Target address: cloudflare.com:443
2023-10-06 19:22:53 |   ├── Duration to wait after success: 5s
2023-10-06 19:22:53 |   ├── Read header timeout: 100ms
2023-10-06 19:22:53 |   ├── Read timeout: 500ms
2023-10-06 19:22:53 |   └── VPN wait durations:
2023-10-06 19:22:53 |       ├── Initial duration: 6s
2023-10-06 19:22:53 |       └── Additional duration: 5s
2023-10-06 19:22:53 ├── Shadowsocks server settings:
2023-10-06 19:22:53 |   └── Enabled: no
2023-10-06 19:22:53 ├── HTTP proxy settings:
2023-10-06 19:22:53 |   └── Enabled: no
2023-10-06 19:22:53 ├── Control server settings:
2023-10-06 19:22:53 |   ├── Listening address: :8000
2023-10-06 19:22:53 |   └── Logging: yes
2023-10-06 19:22:53 ├── OS Alpine settings:
2023-10-06 19:22:53 |   ├── Process UID: 1000
2023-10-06 19:22:53 |   └── Process GID: 1000
2023-10-06 19:22:53 ├── Public IP settings:
2023-10-06 19:22:53 |   ├── Fetching: every 12h0m0s
2023-10-06 19:22:53 |   └── IP file path: /tmp/gluetun/ip
2023-10-06 19:22:53 └── Version settings:
2023-10-06 19:22:53     └── Enabled: yes
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO [routing] default route found: interface eth0, gateway 172.20.0.1, assigned IP 172.20.0.3 and family v4
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO [routing] adding route for 0.0.0.0/0
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO [firewall] setting allowed subnets...
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO [routing] default route found: interface eth0, gateway 172.20.0.1, assigned IP 172.20.0.3 and family v4
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO [dns] using plaintext DNS at address 1.1.1.1
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO [http server] http server listening on [::]:8000
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO [healthcheck] listening on 127.0.0.1:9999
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO [firewall] allowing VPN connection...
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO [wireguard] Using available kernelspace implementation
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO [wireguard] Connecting to 31.171.155.131:51820
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO [wireguard] Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working.
2023-10-06 19:22:53 2023-10-06T17:22:53Z INFO [dns] downloading DNS over TLS cryptographic files
2023-10-06 19:22:54 2023-10-06T17:22:54Z INFO [healthcheck] healthy!
2023-10-06 19:22:57 2023-10-06T17:22:57Z INFO [dns] downloading hostnames and IP block lists
2023-10-06 19:23:05 2023-10-06T17:23:05Z INFO [dns] init module 0: validator
2023-10-06 19:23:05 2023-10-06T17:23:05Z INFO [dns] init module 1: iterator
2023-10-06 19:23:05 2023-10-06T17:23:05Z INFO [dns] start of service (unbound 1.17.1).
2023-10-06 19:23:06 2023-10-06T17:23:06Z INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-10-06 19:23:06 2023-10-06T17:23:06Z INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2023-10-06 19:23:06 2023-10-06T17:23:06Z INFO [dns] ready
2023-10-06 19:23:07 2023-10-06T17:23:07Z INFO [vpn] You are running on the bleeding edge of latest!
2023-10-06 19:23:07 2023-10-06T17:23:07Z ERROR [ip getter] too many requests sent for this month from https://ipinfo.io/: 429 429 Too Many Requests - retrying in 5s
2023-10-06 19:23:12 2023-10-06T17:23:12Z ERROR [ip getter] too many requests sent for this month from https://ipinfo.io/: 429 429 Too Many Requests - retrying in 10s
2023-10-06 19:23:22 2023-10-06T17:23:22Z ERROR [ip getter] too many requests sent for this month from https://ipinfo.io/: 429 429 Too Many Requests - retrying in 20s
2023-10-06 19:23:43 2023-10-06T17:23:43Z ERROR [ip getter] too many requests sent for this month from https://ipinfo.io/: 429 429 Too Many Requests - retrying in 40s
2023-10-06 19:24:23 2023-10-06T17:24:23Z ERROR [ip getter] too many requests sent for this month from https://ipinfo.io/: 429 429 Too Many Requests - retrying in 1m20s
2023-10-06 19:25:43 2023-10-06T17:25:43Z ERROR [ip getter] too many requests sent for this month from https://ipinfo.io/: 429 429 Too Many Requests - retrying in 2m40s
2023-10-06 19:28:23 2023-10-06T17:28:23Z ERROR [ip getter] too many requests sent for this month from https://ipinfo.io/: 429 429 Too Many Requests - retrying in 5m20s
2023-10-06 19:33:44 2023-10-06T17:33:44Z ERROR [ip getter] too many requests sent for this month from https://ipinfo.io/: 429 429 Too Many Requests - retrying in 10m40s

As a result, the connection is not established in the specified location but rather sticks to the Netherlands which I think is the default location for Surfshark. Is this error originating from the gluetun itself, or is it related to the Surfshark?

The docker compose is fairly easy.

    image: qmcgaw/gluetun
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    environment:
      VPN_SERVICE_PROVIDER: surfshark
      VPN_TYPE: wireguard
      SERVER_COUNTRIES: Albania
      WIREGUARD_PRIVATE_KEY: 'xxx'
      WIREGUARD_ADDRESSES: 10.14.0.2/16
    volumes:
      - ./Volumes/gluetun:/gluetun
qdm12 commented 9 months ago

I constantly get the error as below

The log 'spam' should be re-fixed in 6c639fcf7f547c09cd6ec46a19ce40298042dc63 where if ipinfo.io responds that too many requests are sent, it logs the error once as warning, and does not keep on retrying. This was previous behavior and most likely a regression introduced recently, although YOU DID NOT ATTACH THE GLUETUN VERSION AS REQUESTED!!!... so I can't tell 😭

As a result, the connection is not established in the specified location but rather sticks to the Netherlands which I think is the default location for Surfshark. Is this error originating from the gluetun itself, or is it related to the Surfshark?

Incorrect, you would need to filter servers (see the wiki). By default Gluetun picks at random a server from the pool of all surfshark servers. Now this error is just because ipinfo.io received too many requests from that particular VPN server, so it blocks you. Although this log line is for informational purposes only, it does not affect the VPN or server selection or healthiness or anything really.

molomby commented 3 months ago

Regarding the ipinfo.io errors:

[ip getter] too many requests sent for this month from https://ipinfo.io/: 429 429 Too Many Requests

The ipinfo.io service (quite sensibly) applies rate limiting for unidentified requests. I suspect this is performed by source IP address so becomes a problem when you're connected to a VPN because, of course, you're sharing an IP with many others. You can however register at ipinfo.io (with an email address) and they'll give you an API key of your very own, entitling you to 50k requests/month for free.

Pass the API to your gluetun container with the PUBLICIP_API_TOKEN env var:

PUBLICIP_API=ipinfo
PUBLICIP_API_TOKEN=YourKeyHere02345
crispybegs commented 1 day ago

Regarding the ipinfo.io errors:

[ip getter] too many requests sent for this month from https://ipinfo.io/: 429 429 Too Many Requests

The ipinfo.io service (quite sensibly) applies rate limiting for unidentified requests. I suspect this is performed by source IP address so becomes a problem when you're connected to a VPN because, of course, you're sharing an IP with many others. You can however register at ipinfo.io (with an email address) and they'll give you an API key of your very own, entitling you to 50k requests/month for free.

Pass the API to your gluetun container with the PUBLICIP_API_TOKEN env var:

PUBLICIP_API=ipinfo
PUBLICIP_API_TOKEN=YourKeyHere02345

Hi there, I tried including the two lines above in my compose but still have the too many requests error. Have I implemented correctly?

services:
  gluetun:
    image: qmcgaw/gluetun:latest
    container_name: gluetun
    restart: always
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun
    volumes:
      - /home/crispy/docker/gluetun2/config:/config
    ports:
      - "8009:8000/tcp"
      - "6081:6881"
      - "6081:6881/udp"
      - "6011:6011"

    environment:
      VPN_SERVICE_PROVIDER: windscribe
      VPN_TYPE: wireguard
      WIREGUARD_PRIVATE_KEY: <<<<redacted>>>>
      WIREGUARD_ADDRESSES: <<<<redacted>>>>
      WIREGUARD_PRESHARED_KEY: <<<<redacted>>>>
      SERVER_REGIONS: Poland
      SERVER_CITIES: Gdansk
      PUBLICIP_API: ipinfo
      PUBLICIP_API_TOKEN: <<<<redacted>>>>