Open t46g opened 7 months ago
That is indeed strange, does setting HEALTH_VPN_DURATION_INITIAL
to 30s
help? 🤔
Unfortunately this changed only that the reconnect is now less frequent. But its still detected as unhealth. Does enabling Debug output help maybe to get more information?
I think I spotted the problem 😉 The unraid template is still using the (way older) default of github.com:443
to run the healthcheck against, but this one is not really reliable and tends to not work. It's changed to cloudflare.com:443
which works quite reliably as far as I have seen. I proposed changes to the Unraid template in https://github.com/DiamondPrecisionComputing/unraid-templates/compare/master...qdm12:unraid-templates:patch-3
In the meantime, try changing HEALTH_TARGET_ADDRESS
to cloudflare.com:443
and check how it goes?
You can also read up on how the healthcheck works regarding timings, timeouts etc.
@qdm12 I tested changing the health_target_address to cloudflare and also updated the container to the latest version. But I can not notice any changement in the behaviour. The container is still unhealthy and is reconnecting.
Does it get unhealthy AFTER you see the log line
INFO [ip getter] Public IP address is
? What unhealthy log line message do you get now?
Sorry for the late response. After the line you mentioned is printed into log, the health status is still on "health: starting". After about 5 seconds the status will switch to unhealthy. But this could be caused also by a small delay due the Unraid web interface.
Here is an current print from my logs:
2024-01-29T22:34:59+01:00 INFO [storage] merging by most recent 17743 hardcoded servers and 17743 servers read from /gluetun/servers.json
2024-01-29T22:34:59+01:00 INFO Alpine version: 3.18.6
2024-01-29T22:34:59+01:00 INFO OpenVPN 2.5 version: 2.5.8
2024-01-29T22:34:59+01:00 INFO OpenVPN 2.6 version: 2.6.8
2024-01-29T22:34:59+01:00 INFO Unbound version: 1.17.1
2024-01-29T22:34:59+01:00 INFO IPtables version: v1.8.9
2024-01-29T22:34:59+01:00 INFO Settings summary:
├── VPN settings:
| ├── VPN provider settings:
| | ├── Name: cyberghost
| | └── Server selection settings:
| | ├── VPN type: openvpn
| | ├── Countries: germany
| | └── OpenVPN server selection settings:
| | └── Protocol: UDP
| └── OpenVPN settings:
| ├── OpenVPN version: 2.5
| ├── User: [set]
| ├── Password: [set]
| ├── Client crt: MII...A==
| ├── Client key: MII...CM=
| ├── Network interface: tun0
| ├── Run OpenVPN as: no
| └── Verbosity level: 1
├── DNS settings:
| └── Keep existing nameserver(s): yes
├── Firewall settings:
| ├── Enabled: yes
| └── Input ports:
| └── 34400
├── Log settings:
| └── Log level: INFO
├── Health settings:
| ├── Server listening address: 127.0.0.1:9999
| ├── Target address: xonn.de:443
| ├── Duration to wait after success: 5s
| ├── Read header timeout: 100ms
| ├── Read timeout: 500ms
| └── VPN wait durations:
| ├── Initial duration: 1m0s
| └── Additional duration: 5s
├── Shadowsocks server settings:
| └── Enabled: no
├── HTTP proxy settings:
| ├── Enabled: yes
| ├── Listening address: :8888
| ├── User:
| ├── Password: [not set]
| ├── Stealth mode: no
| ├── Log: no
| ├── Read header timeout: 1s
| └── Read timeout: 3s
├── Control server settings:
| ├── Listening address: :8000
| └── Logging: yes
├── OS Alpine settings:
| ├── Process UID: 1000
| ├── Process GID: 1000
| └── Timezone: europe/berlin
├── Public IP settings:
| ├── Fetching: every 12h0m0s
| └── IP file path: /gluetun/ip
└── Version settings:
└── Enabled: yes
2024-01-29T22:34:59+01:00 INFO [routing] default route found: interface eth0, gateway 172.17.0.1, assigned IP 172.17.0.2 and family v4
2024-01-29T22:34:59+01:00 INFO [routing] adding route for 0.0.0.0/0
2024-01-29T22:34:59+01:00 INFO [firewall] setting allowed subnets...
2024-01-29T22:34:59+01:00 INFO [routing] default route found: interface eth0, gateway 172.17.0.1, assigned IP 172.17.0.2 and family v4
2024-01-29T22:34:59+01:00 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
2024-01-29T22:34:59+01:00 INFO [firewall] setting allowed input port 34400 through interface eth0...
2024-01-29T22:34:59+01:00 WARN [dns] ⚠️⚠️⚠️ keeping the default container nameservers, this will likely leak DNS traffic outside the VPN and go through your container network DNS outside the VPN tunnel!
2024-01-29T22:34:59+01:00 INFO [http proxy] listening on :8888
2024-01-29T22:34:59+01:00 INFO [http server] http server listening on [::]:8000
2024-01-29T22:34:59+01:00 INFO [healthcheck] listening on 127.0.0.1:9999
2024-01-29T22:34:59+01:00 INFO [firewall] allowing VPN connection...
2024-01-29T22:34:59+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 2 2022
2024-01-29T22:34:59+01:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-01-29T22:34:59+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.17.49.47:443
2024-01-29T22:34:59+01:00 INFO [openvpn] UDP link local: (not bound)
2024-01-29T22:34:59+01:00 INFO [openvpn] UDP link remote: [AF_INET]84.17.49.47:443
2024-01-29T22:34:59+01:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1549', remote='link-mtu 1553'
2024-01-29T22:34:59+01:00 WARN [openvpn] 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA256'
2024-01-29T22:34:59+01:00 WARN [openvpn] 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
2024-01-29T22:34:59+01:00 INFO [openvpn] [frankfurt-rack410.nodes.gen4.ninja] Peer Connection Initiated with [AF_INET]84.17.49.47:443
2024-01-29T22:34:59+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-01-29T22:34:59+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-01-29T22:34:59+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-01-29T22:34:59+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.16.4.37/24
2024-01-29T22:34:59+01:00 INFO [openvpn] UID set to nonrootuser
2024-01-29T22:34:59+01:00 INFO [openvpn] Initialization Sequence Completed
2024-01-29T22:35:59+01:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
2024-01-29T22:35:59+01:00 INFO [vpn] stopping
2024-01-29T22:35:59+01:00 ERROR [vpn] cannot get version information: Get "https://api.github.com/repos/qdm12/gluetun/commits": context canceled
2024-01-29T22:35:59+01:00 INFO [vpn] starting
2024-01-29T22:35:59+01:00 INFO [firewall] allowing VPN connection...
2024-01-29T22:35:59+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 2 2022
2024-01-29T22:35:59+01:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-01-29T22:35:59+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.17.49.32:443
2024-01-29T22:35:59+01:00 INFO [openvpn] UDP link local: (not bound)
2024-01-29T22:35:59+01:00 INFO [openvpn] UDP link remote: [AF_INET]84.17.49.32:443
2024-01-29T22:35:59+01:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1549', remote='link-mtu 1553'
2024-01-29T22:35:59+01:00 WARN [openvpn] 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA256'
2024-01-29T22:35:59+01:00 WARN [openvpn] 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
2024-01-29T22:35:59+01:00 INFO [openvpn] [frankfurt-rack410.nodes.gen4.ninja] Peer Connection Initiated with [AF_INET]84.17.49.32:443
2024-01-29T22:35:59+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-01-29T22:35:59+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-01-29T22:35:59+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-01-29T22:35:59+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.1.4.248/24
2024-01-29T22:35:59+01:00 INFO [openvpn] UID set to nonrootuser
2024-01-29T22:35:59+01:00 INFO [openvpn] Initialization Sequence Completed
I played around with some settings and found out, that setting the following option to off will solve the problem: -e 'DNS_KEEP_NAMESERVER'='off'
Is this urgent?
No
Host OS
Unraid
CPU arch
x86_64
VPN service provider
Cyberghost
What are you using to run the container
Unraid
What is the version of Gluetun
Running version latest built on 2023-10-07T13:26:08.155Z (commit 1c43a1d)
What's the problem 🤔
I configured a Cyberghost connection which is working but the container is unhealthy and is retrying constantly to reconnect.
Share your logs (at least 10 lines)
Share your configuration