qdm12 / gluetun

VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
https://hub.docker.com/r/qmcgaw/gluetun
MIT License
7.89k stars 366 forks source link

Bug: [wireguard]i/o timeout error when starting up using gluetun:latest #1976

Closed Miku-programm closed 11 months ago

Miku-programm commented 11 months ago

Is this urgent?

Yes

Host OS

Ubuntu 22.0

CPU arch

armv7l

VPN service provider

Surfshark

What are you using to run the container

docker-compose

What is the version of Gluetun

qmcgaw/gluetun:latest

What's the problem 🤔

This was elevated when I opened docker for use, which hadn't even happened before, the problem was a startup failure caused by a dns error in wireguard

Share your logs (at least 10 lines)

kazakhstan-gluetun-1  | 2023-11-24T06:21:51Z INFO [vpn] stopping
kazakhstan-gluetun-1  | 2023-11-24T06:21:51Z INFO [vpn] starting

kazakhstan-gluetun-1  | 2023-11-24T06:21:51Z INFO [firewall] allowing VPN connection...

kazakhstan-gluetun-1  | 2023-11-24T06:21:51Z INFO [wireguard] Using userspace implementation since Kernel support does not exist

kazakhstan-gluetun-1  | 2023-11-24T06:21:51Z INFO [wireguard] Connecting to 45.130.139.36:51820

kazakhstan-gluetun-1  | 2023-11-24T06:21:51Z INFO [wireguard] Wireguard setup is complete. Note

 Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working.

kazakhstan-gluetun-1  | 2023-11-24T06:23:06Z WARN [dns] cannot update files: Get "https://www.internic.net/domain/named.root": dial tcp: lookup www.internic.net on 1.1.1.1:53: read udp 10.14.0.2:50012->1.1.1.1:53: i/o timeout
kazakhstan-gluetun-1  | 2023-11-24T06:23:06Z INFO [dns] attempting restart in 5m20s

Share your configuration

version: "3"
services:
  gluetun:
    image: qmcgaw/gluetun
    cap_add:
      - NET_ADMIN
    ports:
      - 29333:8888/tcp # HTTP proxy
      - 28378:1080
    environment:
      - VPN_SERVICE_PROVIDER=surfshark
      - VPN_TYPE=wireguard
      - WIREGUARD_PRIVATE_KEY=
      - WIREGUARD_ADDRESSES=10.14.0.2/16
      - SERVER_COUNTRIES=
      - HTTPPROXY=on
  socks5:
    image: serjs/go-socks5-proxy
    depends_on:
      - gluetun
qdm12 commented 11 months ago

the problem was a startup failure caused by a dns error in wireguard

As the log says:

Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working

So not due to DNS, just Wireguard doesn't work. See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md#unhealthy on how to resolve it. I tested just now the latest image and it works fine.