search

qdm12 / gluetun

VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
https://hub.docker.com/r/qmcgaw/gluetun
MIT License
6.71k stars 331 forks source link

Bug: unhealthy with Unraid template against github.com:443 #1940

Open t46g opened 7 months ago

t46g commented 7 months ago

Is this urgent?

No

Host OS

Unraid

CPU arch

x86_64

VPN service provider

Cyberghost

What are you using to run the container

Unraid

What is the version of Gluetun

Running version latest built on 2023-10-07T13:26:08.155Z (commit 1c43a1d)

What's the problem 🤔

I configured a Cyberghost connection which is working but the container is unhealthy and is retrying constantly to reconnect.

Share your logs (at least 10 lines)

2023-11-02T13:41:37+01:00 INFO OpenVPN 2.5 version: 2.5.8
2023-11-02T13:41:37+01:00 INFO OpenVPN 2.6 version: 2.6.5
2023-11-02T13:41:37+01:00 INFO Unbound version: 1.17.1
2023-11-02T13:41:37+01:00 INFO IPtables version: v1.8.9
2023-11-02T13:41:37+01:00 INFO Settings summary:
├── VPN settings:
|   ├── VPN provider settings:
|   |   ├── Name: cyberghost
|   |   └── Server selection settings:
|   |       ├── VPN type: openvpn
|   |       ├── Countries: germany
|   |       └── OpenVPN server selection settings:
|   |           └── Protocol: UDP
|   └── OpenVPN settings:
|       ├── OpenVPN version: 2.5
|       ├── User: [set]
|       ├── Password: [set]
|       ├── Client crt: MII...A==
|       ├── Client key: MII...CM=
|       ├── Network interface: tun0
|       ├── Run OpenVPN as: no
|       └── Verbosity level: 1
├── DNS settings:
|   └── Keep existing nameserver(s): yes
├── Firewall settings:
|   ├── Enabled: yes
|   └── Input ports:
|       └── XXXXXX
├── Log settings:
|   └── Log level: INFO
├── Health settings:
|   ├── Server listening address: 127.0.0.1:9999
|   ├── Target address: github.com:443
|   ├── Duration to wait after success: 5s
|   ├── Read header timeout: 100ms
|   ├── Read timeout: 500ms
|   └── VPN wait durations:
|       ├── Initial duration: 6s
|       └── Additional duration: 5s
├── Shadowsocks server settings:
|   └── Enabled: no
├── HTTP proxy settings:
|   ├── Enabled: yes
|   ├── Listening address: :8888
|   ├── User: 
|   ├── Password: [not set]
|   ├── Stealth mode: no
|   ├── Log: no
|   ├── Read header timeout: 1s
|   └── Read timeout: 3s
├── Control server settings:
|   ├── Listening address: :8000
|   └── Logging: yes
├── OS Alpine settings:
|   ├── Process UID: 1000
|   ├── Process GID: 1000
|   └── Timezone: europe/berlin
├── Public IP settings:
|   ├── Fetching: every 12h0m0s
|   └── IP file path: /gluetun/ip
└── Version settings:
    └── Enabled: yes
2023-11-02T13:41:37+01:00 INFO [routing] default route found: interface eth0, gateway 172.17.0.1, assigned IP 172.17.0.14 and family v4
2023-11-02T13:41:37+01:00 INFO [routing] adding route for 0.0.0.0/0
2023-11-02T13:41:37+01:00 INFO [firewall] setting allowed subnets...
2023-11-02T13:41:37+01:00 INFO [routing] default route found: interface eth0, gateway 172.17.0.1, assigned IP 172.17.0.14 and family v4
2023-11-02T13:41:37+01:00 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
2023-11-02T13:41:37+01:00 INFO [firewall] setting allowed input port XXXXXX through interface eth0...
2023-11-02T13:41:37+01:00 WARN [dns] ⚠️⚠️⚠️  keeping the default container nameservers, this will likely leak DNS traffic outside the VPN and go through your container network DNS outside the VPN tunnel!
2023-11-02T13:41:37+01:00 INFO [http proxy] listening on :8888
2023-11-02T13:41:37+01:00 INFO [http server] http server listening on [::]:8000
2023-11-02T13:41:37+01:00 INFO [healthcheck] listening on 127.0.0.1:9999
2023-11-02T13:41:37+01:00 INFO [firewall] allowing VPN connection...
2023-11-02T13:41:37+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2023-11-02T13:41:37+01:00 INFO [openvpn] library versions: OpenSSL 3.1.3 19 Sep 2023, LZO 2.10
2023-11-02T13:41:37+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.17.49.57:443
2023-11-02T13:41:37+01:00 INFO [openvpn] UDP link local: (not bound)
2023-11-02T13:41:37+01:00 INFO [openvpn] UDP link remote: [AF_INET]84.17.49.57:443
2023-11-02T13:41:37+01:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1549', remote='link-mtu 1553'
2023-11-02T13:41:37+01:00 WARN [openvpn] 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA256'
2023-11-02T13:41:37+01:00 WARN [openvpn] 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
2023-11-02T13:41:37+01:00 INFO [openvpn] [frankfurt-rack410.nodes.gen4.ninja] Peer Connection Initiated with [AF_INET]84.17.49.57:443
2023-11-02T13:41:37+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2023-11-02T13:41:37+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2023-11-02T13:41:37+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2023-11-02T13:41:37+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.26.4.89/24
2023-11-02T13:41:37+01:00 INFO [openvpn] UID set to nonrootuser
2023-11-02T13:41:37+01:00 INFO [openvpn] Initialization Sequence Completed
2023-11-02T13:41:42+01:00 INFO [ip getter] Public IP address is 84.17.49.57 (Germany, Hesse, Frankfurt am Main)
2023-11-02T13:41:43+01:00 INFO [vpn] You are running 14 commits behind the most recent latest
2023-11-02T13:41:45+01:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
2023-11-02T13:41:45+01:00 INFO [vpn] stopping
2023-11-02T13:41:45+01:00 INFO [vpn] starting
2023-11-02T13:41:45+01:00 INFO [firewall] allowing VPN connection...
2023-11-02T13:41:45+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2023-11-02T13:41:45+01:00 INFO [openvpn] library versions: OpenSSL 3.1.3 19 Sep 2023, LZO 2.10
2023-11-02T13:41:45+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.17.48.112:443
2023-11-02T13:41:45+01:00 INFO [openvpn] UDP link local: (not bound)
2023-11-02T13:41:45+01:00 INFO [openvpn] UDP link remote: [AF_INET]84.17.48.112:443
2023-11-02T13:41:45+01:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1549', remote='link-mtu 1553'
2023-11-02T13:41:45+01:00 WARN [openvpn] 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA256'
2023-11-02T13:41:45+01:00 WARN [openvpn] 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
2023-11-02T13:41:45+01:00 INFO [openvpn] [frankfurt-rack417.nodes.gen4.ninja] Peer Connection Initiated with [AF_INET]84.17.48.112:443
2023-11-02T13:41:45+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2023-11-02T13:41:45+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2023-11-02T13:41:45+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2023-11-02T13:41:45+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.21.4.70/24
2023-11-02T13:41:45+01:00 INFO [openvpn] UID set to nonrootuser
2023-11-02T13:41:45+01:00 INFO [openvpn] Initialization Sequence Completed
2023-11-02T13:41:51+01:00 INFO [ip getter] Public IP address is 84.17.48.112 (Germany, Hesse, Frankfurt am Main)
2023-11-02T13:41:57+01:00 INFO [healthcheck] program has been unhealthy for 11s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
2023-11-02T13:41:57+01:00 INFO [vpn] stopping
2023-11-02T13:41:57+01:00 INFO [vpn] starting
2023-11-02T13:41:57+01:00 INFO [firewall] allowing VPN connection...
2023-11-02T13:41:57+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2023-11-02T13:41:57+01:00 INFO [openvpn] library versions: OpenSSL 3.1.3 19 Sep 2023, LZO 2.10
2023-11-02T13:41:57+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.17.49.50:443
2023-11-02T13:41:57+01:00 INFO [openvpn] UDP link local: (not bound)
2023-11-02T13:41:57+01:00 INFO [openvpn] UDP link remote: [AF_INET]84.17.49.50:443
2023-11-02T13:41:57+01:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1549', remote='link-mtu 1553'
2023-11-02T13:41:57+01:00 WARN [openvpn] 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA256'
2023-11-02T13:41:57+01:00 WARN [openvpn] 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
2023-11-02T13:41:57+01:00 INFO [openvpn] [frankfurt-rack410.nodes.gen4.ninja] Peer Connection Initiated with [AF_INET]84.17.49.50:443
2023-11-02T13:41:57+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2023-11-02T13:41:57+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2023-11-02T13:41:57+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2023-11-02T13:41:58+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.19.4.110/24
2023-11-02T13:41:58+01:00 INFO [openvpn] UID set to nonrootuser
2023-11-02T13:41:58+01:00 INFO [openvpn] Initialization Sequence Completed
2023-11-02T13:42:03+01:00 INFO [ip getter] Public IP address is 84.17.49.50 (Germany, Hesse, Frankfurt am Main)

Share your configuration

docker run
  -d
  --name='GluetunVPN'
  --net='bridge'
  -e TZ="Europe/Paris"
  -e HOST_OS="Unraid"
  -e HOST_HOSTNAME="Tower"
  -e HOST_CONTAINERNAME="GluetunVPN"
  -e 'TZ'='Europe/Berlin'
  -e 'VPN_SERVICE_PROVIDER'='cyberghost'
  -e 'VPN_TYPE'='openvpn'
  -e 'VPN_INTERFACE'='tun0'
  -e 'VPN_ENDPOINT_PORT'=''
  -e 'VPN_ENDPOINT_IP'=''
  -e 'OPENVPN_PROTOCOL'='udp'
  -e 'OPENVPN_USER'='XXXXXXX'
  -e 'OPENVPN_PASSWORD'='XXXXXXX'
  -e 'OPENVPN_VERSION'='2.5'
  -e 'OPENVPN_VERBOSITY'='1'
  -e 'OPENVPN_FLAGS'=''
  -e 'OPENVPN_CIPHERS'=''
  -e 'OPENVPN_AUTH'=''
  -e 'OPENVPN_PROCESS_USER'='no'
  -e 'OPENVPN_IPV6'='off'
  -e 'OPENVPN_CUSTOM_CONFIG'=''
  -e 'WIREGUARD_IMPLEMENTATION'='auto'
  -e 'WIREGUARD_PRIVATE_KEY'=''
  -e 'WIREGUARD_PRESHARED_KEY'=''
  -e 'WIREGUARD_PUBLIC_KEY'=''
  -e 'WIREGUARD_ADDRESSES'=''
  -e 'SERVER_REGIONS'=''
  -e 'SERVER_COUNTRIES'='Germany'
  -e 'SERVER_CITIES'=''
  -e 'SERVER_NAMES'=''
  -e 'SERVER_HOSTNAMES'=''
  -e 'FIREWALL'='on'
  -e 'FIREWALL_VPN_INPUT_PORTS'=''
  -e 'FIREWALL_INPUT_PORTS'='XXXXXX'
  -e 'FIREWALL_OUTBOUND_SUBNETS'=''
  -e 'FIREWALL_DEBUG'='off'
  -e 'LOG_LEVEL'='info'
  -e 'DOT'='off'
  -e 'DOT_PROVIDERS'='cloudflare'
  -e 'DOT_PRIVATE_ADDRESS'='127.0.0.1/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,169.254.0.0/16,::1/128,fc00::/7,fe80::/10,::ffff:7f00:1/104,::ffff:a00:0/104,::ffff:a9fe:0/112,::ffff:ac10:0/108,::ffff:c0a8:0/112'
  -e 'DOT_VERBOSITY'='1'
  -e 'DOT_VERBOSITY_DETAILS'='0'
  -e 'DOT_VALIDATION_LOGLEVEL'='0'
  -e 'DOT_CACHING'='on'
  -e 'DOT_IPV6'='off'
  -e 'BLOCK_MALICIOUS'='on'
  -e 'BLOCK_SURVEILLANCE'='off'
  -e 'BLOCK_ADS'='off'
  -e 'UNBLOCK'=''
  -e 'DNS_UPDATE_PERIOD'='24h'
  -e 'DNS_ADDRESS'=''
  -e 'DNS_KEEP_NAMESERVER'='on'
  -e 'HTTPPROXY'='on'
  -e 'HTTPPROXY_LOG'='off'
  -e 'HTTPPROXY_USER'=''
  -e 'HTTPPROXY_PASSWORD'=''
  -e 'HTTPPROXY_STEALTH'='off'
  -e 'SHADOWSOCKS'='off'
  -e 'SHADOWSOCKS_LOG'='off'
  -e ':8388'=':8388'
  -e 'SHADOWSOCKS_PASSWORD'=''
  -e 'SHADOWSOCKS_CIPHER'='chacha20-ietf-poly1305'
  -e 'HEALTH_SERVER_ADDRESS'='127.0.0.1:9999'
  -e 'HEALTH_TARGET_ADDRESS'='github.com:443'
  -e 'HEALTH_VPN_DURATION_INITIAL'='6s'
  -e 'HEALTH_VPN_DURATION_ADDITION'='5s'
  -e 'UPDATER_PERIOD'='0'
  -e 'PUBLICIP_FILE'='/gluetun/ip'
  -e 'PUBLICIP_PERIOD'='12h'
  -e 'VERSION_INFORMATION'='on'
  -e 'HTTP_CONTROL_SERVER_LOG'='on'
  -e 'PUID'='1000'
  -e 'PGID'='1000'
  -l net.unraid.docker.managed=dockerman
  -l net.unraid.docker.webui='http://[IP]:[PORT:8000]'
  -l net.unraid.docker.icon='https://raw.githubusercontent.com/qdm12/gluetun/master/doc/logo_256.png'
  -p '8888:8888/tcp'
  -p 'XXXXXX:XXXXXX/tcp'
  -p '8002:8000/tcp'
  -v '/mnt/user/appdata/gluetun':'/gluetun':'rw'
  --cap-add=NET_ADMIN
  --restart always 'qmcgaw/gluetun'
qdm12 commented 7 months ago

That is indeed strange, does setting HEALTH_VPN_DURATION_INITIAL to 30s help? 🤔

t46g commented 7 months ago

Unfortunately this changed only that the reconnect is now less frequent. But its still detected as unhealth. Does enabling Debug output help maybe to get more information?

qdm12 commented 7 months ago

I think I spotted the problem 😉 The unraid template is still using the (way older) default of github.com:443 to run the healthcheck against, but this one is not really reliable and tends to not work. It's changed to cloudflare.com:443 which works quite reliably as far as I have seen. I proposed changes to the Unraid template in https://github.com/DiamondPrecisionComputing/unraid-templates/compare/master...qdm12:unraid-templates:patch-3

In the meantime, try changing HEALTH_TARGET_ADDRESS to cloudflare.com:443 and check how it goes?

You can also read up on how the healthcheck works regarding timings, timeouts etc.

t46g commented 7 months ago

@qdm12 I tested changing the health_target_address to cloudflare and also updated the container to the latest version. But I can not notice any changement in the behaviour. The container is still unhealthy and is reconnecting.

qdm12 commented 6 months ago

Does it get unhealthy AFTER you see the log line

INFO [ip getter] Public IP address is

? What unhealthy log line message do you get now?

t46g commented 5 months ago

Sorry for the late response. After the line you mentioned is printed into log, the health status is still on "health: starting". After about 5 seconds the status will switch to unhealthy. But this could be caused also by a small delay due the Unraid web interface.

Here is an current print from my logs:

2024-01-29T22:34:59+01:00 INFO [storage] merging by most recent 17743 hardcoded servers and 17743 servers read from /gluetun/servers.json
2024-01-29T22:34:59+01:00 INFO Alpine version: 3.18.6
2024-01-29T22:34:59+01:00 INFO OpenVPN 2.5 version: 2.5.8
2024-01-29T22:34:59+01:00 INFO OpenVPN 2.6 version: 2.6.8
2024-01-29T22:34:59+01:00 INFO Unbound version: 1.17.1
2024-01-29T22:34:59+01:00 INFO IPtables version: v1.8.9
2024-01-29T22:34:59+01:00 INFO Settings summary:
├── VPN settings:
|   ├── VPN provider settings:
|   |   ├── Name: cyberghost
|   |   └── Server selection settings:
|   |       ├── VPN type: openvpn
|   |       ├── Countries: germany
|   |       └── OpenVPN server selection settings:
|   |           └── Protocol: UDP
|   └── OpenVPN settings:
|       ├── OpenVPN version: 2.5
|       ├── User: [set]
|       ├── Password: [set]
|       ├── Client crt: MII...A==
|       ├── Client key: MII...CM=
|       ├── Network interface: tun0
|       ├── Run OpenVPN as: no
|       └── Verbosity level: 1
├── DNS settings:
|   └── Keep existing nameserver(s): yes
├── Firewall settings:
|   ├── Enabled: yes
|   └── Input ports:
|       └── 34400
├── Log settings:
|   └── Log level: INFO
├── Health settings:
|   ├── Server listening address: 127.0.0.1:9999
|   ├── Target address: xonn.de:443
|   ├── Duration to wait after success: 5s
|   ├── Read header timeout: 100ms
|   ├── Read timeout: 500ms
|   └── VPN wait durations:
|       ├── Initial duration: 1m0s
|       └── Additional duration: 5s
├── Shadowsocks server settings:
|   └── Enabled: no
├── HTTP proxy settings:
|   ├── Enabled: yes
|   ├── Listening address: :8888
|   ├── User: 
|   ├── Password: [not set]
|   ├── Stealth mode: no
|   ├── Log: no
|   ├── Read header timeout: 1s
|   └── Read timeout: 3s
├── Control server settings:
|   ├── Listening address: :8000
|   └── Logging: yes
├── OS Alpine settings:
|   ├── Process UID: 1000
|   ├── Process GID: 1000
|   └── Timezone: europe/berlin
├── Public IP settings:
|   ├── Fetching: every 12h0m0s
|   └── IP file path: /gluetun/ip
└── Version settings:
    └── Enabled: yes
2024-01-29T22:34:59+01:00 INFO [routing] default route found: interface eth0, gateway 172.17.0.1, assigned IP 172.17.0.2 and family v4
2024-01-29T22:34:59+01:00 INFO [routing] adding route for 0.0.0.0/0
2024-01-29T22:34:59+01:00 INFO [firewall] setting allowed subnets...
2024-01-29T22:34:59+01:00 INFO [routing] default route found: interface eth0, gateway 172.17.0.1, assigned IP 172.17.0.2 and family v4
2024-01-29T22:34:59+01:00 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
2024-01-29T22:34:59+01:00 INFO [firewall] setting allowed input port 34400 through interface eth0...
2024-01-29T22:34:59+01:00 WARN [dns] ⚠️⚠️⚠️  keeping the default container nameservers, this will likely leak DNS traffic outside the VPN and go through your container network DNS outside the VPN tunnel!
2024-01-29T22:34:59+01:00 INFO [http proxy] listening on :8888
2024-01-29T22:34:59+01:00 INFO [http server] http server listening on [::]:8000
2024-01-29T22:34:59+01:00 INFO [healthcheck] listening on 127.0.0.1:9999
2024-01-29T22:34:59+01:00 INFO [firewall] allowing VPN connection...
2024-01-29T22:34:59+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2024-01-29T22:34:59+01:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-01-29T22:34:59+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.17.49.47:443
2024-01-29T22:34:59+01:00 INFO [openvpn] UDP link local: (not bound)
2024-01-29T22:34:59+01:00 INFO [openvpn] UDP link remote: [AF_INET]84.17.49.47:443
2024-01-29T22:34:59+01:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1549', remote='link-mtu 1553'
2024-01-29T22:34:59+01:00 WARN [openvpn] 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA256'
2024-01-29T22:34:59+01:00 WARN [openvpn] 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
2024-01-29T22:34:59+01:00 INFO [openvpn] [frankfurt-rack410.nodes.gen4.ninja] Peer Connection Initiated with [AF_INET]84.17.49.47:443
2024-01-29T22:34:59+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-01-29T22:34:59+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-01-29T22:34:59+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-01-29T22:34:59+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.16.4.37/24
2024-01-29T22:34:59+01:00 INFO [openvpn] UID set to nonrootuser
2024-01-29T22:34:59+01:00 INFO [openvpn] Initialization Sequence Completed
2024-01-29T22:35:59+01:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
2024-01-29T22:35:59+01:00 INFO [vpn] stopping
2024-01-29T22:35:59+01:00 ERROR [vpn] cannot get version information: Get "https://api.github.com/repos/qdm12/gluetun/commits": context canceled
2024-01-29T22:35:59+01:00 INFO [vpn] starting
2024-01-29T22:35:59+01:00 INFO [firewall] allowing VPN connection...
2024-01-29T22:35:59+01:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2024-01-29T22:35:59+01:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-01-29T22:35:59+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.17.49.32:443
2024-01-29T22:35:59+01:00 INFO [openvpn] UDP link local: (not bound)
2024-01-29T22:35:59+01:00 INFO [openvpn] UDP link remote: [AF_INET]84.17.49.32:443
2024-01-29T22:35:59+01:00 WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1549', remote='link-mtu 1553'
2024-01-29T22:35:59+01:00 WARN [openvpn] 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA256'
2024-01-29T22:35:59+01:00 WARN [openvpn] 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
2024-01-29T22:35:59+01:00 INFO [openvpn] [frankfurt-rack410.nodes.gen4.ninja] Peer Connection Initiated with [AF_INET]84.17.49.32:443
2024-01-29T22:35:59+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-01-29T22:35:59+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-01-29T22:35:59+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-01-29T22:35:59+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.1.4.248/24
2024-01-29T22:35:59+01:00 INFO [openvpn] UID set to nonrootuser
2024-01-29T22:35:59+01:00 INFO [openvpn] Initialization Sequence Completed
t46g commented 3 months ago

I played around with some settings and found out, that setting the following option to off will solve the problem: -e 'DNS_KEEP_NAMESERVER'='off'