Bug: openvpn `ip -6 addr` and error `RTNETLINK answers: Permission denied`

[Scotty1928]

Is this urgent?

No

Host OS

Synology DSM 7.1.1

CPU arch

x86_64

VPN service provider

PrivateVPN

What are you using to run the container

Portainer

What is the version of Gluetun

Running version latest built on 2024-08-25T07:04:32.409Z (commit 01fa993)

What's the problem 🤔

Since a few hours my gluetun is unable to connect to my VPN provider (Perfect Privacy, not available in form Dropdown!!!). FAQ healthcheck and update provider list have been checked and done already. Update seems to be successful as per „last edited“ of that json file on host.

Seems related to RTNETLINK issue as per the logs. Unsure on how to solve this

Share your logs (at least 10 lines)

========================================
========================================
=============== gluetun ================
========================================
=========== Made with ❤️ by ============
======= https://github.com/qdm12 =======
========================================
========================================

Running version latest built on 2024-08-25T07:04:32.409Z (commit 01fa993)

🔧 Need help? ☕ Discussion? https://github.com/qdm12/gluetun/discussions/new/choose
🐛 Bug? ✨ New feature? https://github.com/qdm12/gluetun/issues/new/choose
💻 Email? quentin.mcgaw@gmail.com
💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
2024-08-31T13:18:37+02:00 INFO [routing] default route found: interface eth0, gateway 172.17.0.1, assigned IP 172.17.0.8 and family v4
2024-08-31T13:18:37+02:00 INFO [routing] local ethernet link found: eth0
2024-08-31T13:18:37+02:00 INFO [routing] local ipnet found: 172.17.0.0/16
2024-08-31T13:18:37+02:00 INFO [firewall] enabling...
2024-08-31T13:18:37+02:00 INFO [firewall] enabled successfully
2024-08-31T13:18:38+02:00 INFO [storage] merging by most recent 20480 hardcoded servers and 20475 servers read from /gluetun/servers.json
2024-08-31T13:18:38+02:00 INFO [storage] Using perfect privacy servers from file which are 498 days more recent
2024-08-31T13:18:39+02:00 INFO Alpine version: 3.20.2
2024-08-31T13:18:39+02:00 INFO OpenVPN 2.5 version: 2.5.10
2024-08-31T13:18:39+02:00 INFO OpenVPN 2.6 version: 2.6.11
2024-08-31T13:18:39+02:00 INFO IPtables version: v1.8.10
2024-08-31T13:18:39+02:00 INFO Settings summary:
├── VPN settings:
|   ├── VPN provider settings:
|   |   ├── Name: perfect privacy
|   |   └── Server selection settings:
|   |       ├── VPN type: openvpn
|   |       ├── Cities: Amsterdam
|   |       └── OpenVPN server selection settings:
|   |           └── Protocol: UDP
|   └── OpenVPN settings:
|       ├── OpenVPN version: 2.6
|       ├── User: [set]
|       ├── Password: [set]
|       ├── Network interface: tun0
|       ├── Run OpenVPN as: root
|       └── Verbosity level: 1
├── DNS settings:
|   ├── Keep existing nameserver(s): no
|   ├── DNS server address to use: 127.0.0.1
|   └── DNS over TLS settings:
|       ├── Enabled: yes
|       ├── Update period: every 24h0m0s
|       ├── Upstream resolvers:
|       |   └── cloudflare
|       ├── Caching: yes
|       ├── IPv6: no
|       └── DNS filtering settings:
|           ├── Block malicious: yes
|           ├── Block ads: no
|           ├── Block surveillance: no
|           └── Blocked IP networks:
|               ├── 127.0.0.1/8
|               ├── 10.0.0.0/8
|               ├── 172.16.0.0/12
|               ├── 192.168.0.0/16
|               ├── 169.254.0.0/16
|               ├── ::1/128
|               ├── fc00::/7
|               ├── fe80::/10
|               ├── ::ffff:127.0.0.1/104
|               ├── ::ffff:10.0.0.0/104
|               ├── ::ffff:169.254.0.0/112
|               ├── ::ffff:172.16.0.0/108
|               └── ::ffff:192.168.0.0/112
├── Firewall settings:
|   └── Enabled: yes
├── Log settings:
|   └── Log level: info
├── Health settings:
|   ├── Server listening address: 127.0.0.1:9999
|   ├── Target address: cloudflare.com:443
|   ├── Duration to wait after success: 5s
|   ├── Read header timeout: 100ms
|   ├── Read timeout: 500ms
|   └── VPN wait durations:
|       ├── Initial duration: 6s
|       └── Additional duration: 5s
├── Shadowsocks server settings:
|   └── Enabled: no
├── HTTP proxy settings:
|   └── Enabled: no
├── Control server settings:
|   ├── Listening address: :8000
|   └── Logging: yes
├── Storage settings:
|   └── Filepath: /gluetun/servers.json
├── OS Alpine settings:
|   ├── Process UID: 1000
|   ├── Process GID: 1000
|   └── Timezone: Europe/Berlin
├── Public IP settings:
|   ├── Fetching: every 12h0m0s
|   ├── IP file path: /tmp/gluetun/ip
|   └── Public IP data API: ipinfo
├── Server data updater settings:
|   ├── Update period: 24h0m0s
|   ├── DNS address: 1.1.1.1:53
|   ├── Minimum ratio: 0.8
|   └── Providers to update: perfect privacy
└── Version settings:
    └── Enabled: yes
2024-08-31T13:18:39+02:00 INFO [routing] default route found: interface eth0, gateway 172.17.0.1, assigned IP 172.17.0.8 and family v4
2024-08-31T13:18:39+02:00 INFO [routing] adding route for 0.0.0.0/0
2024-08-31T13:18:39+02:00 INFO [firewall] setting allowed subnets...
2024-08-31T13:18:39+02:00 INFO [routing] default route found: interface eth0, gateway 172.17.0.1, assigned IP 172.17.0.8 and family v4
2024-08-31T13:18:39+02:00 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
2024-08-31T13:18:39+02:00 INFO [dns] using plaintext DNS at address 1.1.1.1
2024-08-31T13:18:39+02:00 INFO [http server] http server listening on [::]:8000
2024-08-31T13:18:39+02:00 INFO [healthcheck] listening on 127.0.0.1:9999
2024-08-31T13:18:39+02:00 INFO [firewall] allowing VPN connection...
2024-08-31T13:18:39+02:00 INFO [openvpn] OpenVPN 2.6.11 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-08-31T13:18:39+02:00 INFO [openvpn] library versions: OpenSSL 3.3.1 4 Jun 2024, LZO 2.10
2024-08-31T13:18:39+02:00 WARN [openvpn] No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
2024-08-31T13:18:39+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]95.211.95.233:443
2024-08-31T13:18:39+02:00 INFO [openvpn] UDPv4 link local: (not bound)
2024-08-31T13:18:39+02:00 INFO [openvpn] UDPv4 link remote: [AF_INET]95.211.95.233:443
2024-08-31T13:18:39+02:00 INFO [openvpn] [Server_amsterdam.perfect-privacy.com] Peer Connection Initiated with [AF_INET]95.211.95.233:443
2024-08-31T13:18:40+02:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-08-31T13:18:40+02:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-08-31T13:18:40+02:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-08-31T13:18:40+02:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.0.51.248/24
2024-08-31T13:18:40+02:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-08-31T13:18:40+02:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-08-31T13:18:40+02:00 INFO [openvpn] /sbin/ip -6 addr add fdbf:1d37:bbe0:0:3:3:0:f8/112 dev tun0
2024-08-31T13:18:40+02:00 ERROR [openvpn] RTNETLINK answers: Permission denied
2024-08-31T13:18:40+02:00 INFO [openvpn] Linux ip -6 addr add failed: external program exited with error status: 2
2024-08-31T13:18:40+02:00 INFO [openvpn] Exiting due to fatal error
2024-08-31T13:18:40+02:00 ERROR [vpn] exit status 1
2024-08-31T13:18:40+02:00 INFO [vpn] retrying in 15s
2024-08-31T13:18:45+02:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN
2024-08-31T13:18:45+02:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-08-31T13:18:45+02:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-08-31T13:18:55+02:00 INFO [firewall] allowing VPN connection...
2024-08-31T13:18:55+02:00 INFO [openvpn] OpenVPN 2.6.11 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-08-31T13:18:55+02:00 INFO [openvpn] library versions: OpenSSL 3.3.1 4 Jun 2024, LZO 2.10
2024-08-31T13:18:55+02:00 WARN [openvpn] No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
2024-08-31T13:18:55+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]95.168.167.236:443
2024-08-31T13:18:55+02:00 INFO [openvpn] UDPv4 link local: (not bound)
2024-08-31T13:18:55+02:00 INFO [openvpn] UDPv4 link remote: [AF_INET]95.168.167.236:443
2024-08-31T13:18:55+02:00 INFO [openvpn] [Server_amsterdam.perfect-privacy.com] Peer Connection Initiated with [AF_INET]95.168.167.236:443
2024-08-31T13:18:56+02:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-08-31T13:18:56+02:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-08-31T13:18:56+02:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-08-31T13:18:56+02:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.5.209.64/24
2024-08-31T13:18:56+02:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-08-31T13:18:56+02:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-08-31T13:18:56+02:00 INFO [openvpn] /sbin/ip -6 addr add fdbf:1d37:bbe0:0:93:1:0:40/112 dev tun0
2024-08-31T13:18:56+02:00 ERROR [openvpn] RTNETLINK answers: Permission denied
2024-08-31T13:18:56+02:00 INFO [openvpn] Linux ip -6 addr add failed: external program exited with error status: 2
2024-08-31T13:18:56+02:00 INFO [openvpn] Exiting due to fatal error
2024-08-31T13:18:56+02:00 ERROR [vpn] exit status 1
2024-08-31T13:18:56+02:00 INFO [vpn] retrying in 15s
2024-08-31T13:19:06+02:00 INFO [healthcheck] program has been unhealthy for 11s: restarting VPN
2024-08-31T13:19:06+02:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-08-31T13:19:06+02:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-08-31T13:19:11+02:00 INFO [firewall] allowing VPN connection...
2024-08-31T13:19:11+02:00 INFO [openvpn] OpenVPN 2.6.11 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-08-31T13:19:11+02:00 INFO [openvpn] library versions: OpenSSL 3.3.1 4 Jun 2024, LZO 2.10
2024-08-31T13:19:11+02:00 WARN [openvpn] No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
2024-08-31T13:19:11+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]37.48.94.1:443
2024-08-31T13:19:11+02:00 INFO [openvpn] UDPv4 link local: (not bound)
2024-08-31T13:19:11+02:00 INFO [openvpn] UDPv4 link remote: [AF_INET]37.48.94.1:443
2024-08-31T13:19:27+02:00 INFO [healthcheck] program has been unhealthy for 16s: restarting VPN
2024-08-31T13:19:27+02:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-08-31T13:19:27+02:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-08-31T13:19:27+02:00 INFO [vpn] stopping
2024-08-31T13:19:27+02:00 INFO [vpn] starting
2024-08-31T13:19:27+02:00 INFO [firewall] allowing VPN connection...
2024-08-31T13:19:27+02:00 INFO [openvpn] OpenVPN 2.6.11 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-08-31T13:19:27+02:00 INFO [openvpn] library versions: OpenSSL 3.3.1 4 Jun 2024, LZO 2.10
2024-08-31T13:19:27+02:00 WARN [openvpn] No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
2024-08-31T13:19:27+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]95.168.167.236:443
2024-08-31T13:19:27+02:00 INFO [openvpn] UDPv4 link local: (not bound)
2024-08-31T13:19:27+02:00 INFO [openvpn] UDPv4 link remote: [AF_INET]95.168.167.236:443
2024-08-31T13:19:27+02:00 INFO [openvpn] [Server_amsterdam.perfect-privacy.com] Peer Connection Initiated with [AF_INET]95.168.167.236:443
2024-08-31T13:19:27+02:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-08-31T13:19:27+02:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-08-31T13:19:28+02:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-08-31T13:19:28+02:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.5.209.73/24
2024-08-31T13:19:28+02:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-08-31T13:19:28+02:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-08-31T13:19:28+02:00 INFO [openvpn] /sbin/ip -6 addr add fdbf:1d37:bbe0:0:93:1:0:49/112 dev tun0
2024-08-31T13:19:28+02:00 INFO [openvpn] Linux ip -6 addr add failed: external program exited with error status: 2
2024-08-31T13:19:28+02:00 ERROR [openvpn] RTNETLINK answers: Permission denied
2024-08-31T13:19:28+02:00 INFO [openvpn] Exiting due to fatal error
2024-08-31T13:19:28+02:00 ERROR [vpn] exit status 1
2024-08-31T13:19:28+02:00 INFO [vpn] retrying in 15s
2024-08-31T13:19:43+02:00 INFO [firewall] allowing VPN connection...
2024-08-31T13:19:43+02:00 INFO [openvpn] OpenVPN 2.6.11 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-08-31T13:19:43+02:00 INFO [openvpn] library versions: OpenSSL 3.3.1 4 Jun 2024, LZO 2.10
2024-08-31T13:19:43+02:00 WARN [openvpn] No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
2024-08-31T13:19:43+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]95.211.95.244:443
2024-08-31T13:19:43+02:00 INFO [openvpn] UDPv4 link local: (not bound)
2024-08-31T13:19:43+02:00 INFO [openvpn] UDPv4 link remote: [AF_INET]95.211.95.244:443
2024-08-31T13:19:43+02:00 INFO [openvpn] [Server_amsterdam.perfect-privacy.com] Peer Connection Initiated with [AF_INET]95.211.95.244:443
2024-08-31T13:19:44+02:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-08-31T13:19:44+02:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-08-31T13:19:44+02:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-08-31T13:19:44+02:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.0.64.50/24
2024-08-31T13:19:44+02:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-08-31T13:19:44+02:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-08-31T13:19:44+02:00 INFO [openvpn] /sbin/ip -6 addr add fdbf:1d37:bbe0:0:4::32/112 dev tun0
2024-08-31T13:19:44+02:00 ERROR [openvpn] RTNETLINK answers: Permission denied
2024-08-31T13:19:44+02:00 INFO [openvpn] Linux ip -6 addr add failed: external program exited with error status: 2
2024-08-31T13:19:44+02:00 INFO [openvpn] Exiting due to fatal error
2024-08-31T13:19:44+02:00 ERROR [vpn] exit status 1
2024-08-31T13:19:44+02:00 INFO [vpn] retrying in 15s
2024-08-31T13:19:48+02:00 INFO [healthcheck] program has been unhealthy for 21s: restarting VPN
2024-08-31T13:19:48+02:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-08-31T13:19:48+02:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION

Share your configuration

version: "3.8"
services:
  gluetun:
    image: qmcgaw/gluetun
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    ports:
      - 8888:8888/tcp # HTTP proxy
      - 8388:8388/tcp # Shadowsocks
      - 8388:8388/udp # Shadowsocks
      - 8090:8090 # port for app web ui
      - 6881:6881 # port for app data
    volumes:
      - /volume/for/container/configs/gluetun:/gluetun
    environment:
      - VPN_SERVICE_PROVIDER=perfect privacy
      - VPN_TYPE=openvpn
      - OPENVPN_USER=redacted-user
      - OPENVPN_PASSWORD=redacted-password
      - SERVER_CITIES=Amsterdam
      - UPDATER_PERIOD=24h     # update provider list
      - UPDATER_VPN_SERVICE_PROVIDERS=perfect privacy
      - TZ=Europe/Berlin
    network_mode: bridge
    restart: always
#    privileged: true
#    devices:
#      - /dev/net/tun:/dev/net/tun
#    command: update -enduser -providers "perfect privacy"     # Force update of list

[github-actions[bot]]

@qdm12 is more or less the only maintainer of this project and works on it in his free time. Please:

• do not ask for updates, be patient
• :+1: the issue to show your support instead of commenting @qdm12 usually checks issues at least once a week, if this is a new urgent bug, revert to an older tagged container image

[qdm12]

The problem seems to be openvpn trying to add an ipv6 address to tun0 and getting denied permission.

2024-08-31T13:18:56+02:00 INFO [openvpn] /sbin/ip -6 addr add fdbf:1d37:bbe0:0:93:1:0:40/112 dev tun0
2024-08-31T13:18:56+02:00 ERROR [openvpn] RTNETLINK answers: Permission denied
2024-08-31T13:18:56+02:00 INFO [openvpn] Linux ip -6 addr add failed: external program exited with error status: 2
2024-08-31T13:18:56+02:00 INFO [openvpn] Exiting due to fatal error

Any idea why that would be?

Otherwise, does one of the following workaround fix it?

1. Set OPENVPN_VERSION=2.5
2. Revert to image tag v3.39
3. Revert to image tag v3.38

[Scotty1928]

Thank you for your quick response!

No, i have no clue as to why it would not allow setting an IPv6. My network allows and is properly set up for IPv6, addresses are issued as they should. The error appeared after a regular update of the gluetun container, i just did not immediately notice.

1 did not work (same error message) 2 worked 3 worked as well

Thanks!

[qdm12]

Ok that is rather strange! On the success tries, for example 2., did you also get an info message similar to [openvpn] /sbin/ip -6 addr add fdbf:1d37:bbe0:0:93:1:0:40/112 dev tun0?

[Scotty1928]

Negative, i only receive /sbin/ip messages like public IPv4 and MTU 1500.

Here are a few examples (redacted ip obviously)

[openvpn] /sbin/ip link set dev tun0 up mtu 1500 [openvpn] /sbin/ip link set dev tun0 up [openvpn] /sbin/ip addr add dev tun0 123.456.789.555/24

[qdm12]

Just to triple check, are you sure if you run the latest image, and set OPENVPN_VERSION=2.5, does openvpn log it's running 2.5 as well? I'm still kind of confused why this would happen, especially since there has not been any change since v3.39 regarding alpine/openvpn/ipv6 really 😕

[Scotty1928]

Let me get back to you on a later date, i am currently out of town and sort of AFK. Sunday at the earliest

[figarospares]

I am having same issue on synology as well see log below

========================================
========================================
=============== gluetun ================
========================================
=========== Made with ❤️ by ============
======= https://github.com/qdm12 =======
========================================
========================================

Running version latest built on 2024-09-18T11:32:40.539Z (commit a2e76e1)

📣 All control server routes will become private by default after the v3.41.0 release

🔧 Need help? ☕ Discussion? https://github.com/qdm12/gluetun/discussions/new/choose
🐛 Bug? ✨ New feature? https://github.com/qdm12/gluetun/issues/new/choose
💻 Email? quentin.mcgaw@gmail.com
💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
2024-09-27T10:40:39+01:00 INFO [routing] default route found: interface eth0, gateway 192.168.240.1, assigned IP 192.168.240.2 and family v4
2024-09-27T10:40:39+01:00 INFO [routing] local ethernet link found: eth0
2024-09-27T10:40:39+01:00 INFO [routing] local ipnet found: 192.168.240.0/20
2024-09-27T10:40:39+01:00 INFO [firewall] enabling...
2024-09-27T10:40:39+01:00 INFO [firewall] enabled successfully
2024-09-27T10:40:41+01:00 INFO [storage] merging by most recent 20553 hardcoded servers and 20553 servers read from /gluetun/servers.json
2024-09-27T10:40:42+01:00 INFO Alpine version: 3.20.3
2024-09-27T10:40:42+01:00 INFO OpenVPN 2.5 version: 2.5.10
2024-09-27T10:40:42+01:00 INFO OpenVPN 2.6 version: 2.6.11
2024-09-27T10:40:42+01:00 INFO IPtables version: v1.8.10
2024-09-27T10:40:42+01:00 INFO Settings summary:
├── VPN settings:
|   ├── VPN provider settings:
|   |   ├── Name: custom
|   |   └── Server selection settings:
|   |       ├── VPN type: openvpn
|   |       └── OpenVPN server selection settings:
|   |           ├── Protocol: UDP
|   |           └── Custom configuration file: /gluetun/ovpn/london10.ovpn
|   └── OpenVPN settings:
|       ├── OpenVPN version: 2.5
|       ├── User: [set]
|       ├── Password: [set]
|       ├── Custom configuration file: /gluetun/ovpn/london10.ovpn
|       ├── Network interface: tun0
|       ├── Run OpenVPN as: root
|       └── Verbosity level: 1
├── DNS settings:
|   ├── Keep existing nameserver(s): no
|   ├── DNS server address to use: 127.0.0.1
|   └── DNS over TLS settings:
|       ├── Enabled: yes
|       ├── Update period: every 24h0m0s
|       ├── Upstream resolvers:
|       |   └── cloudflare
|       ├── Caching: yes
|       ├── IPv6: no
|       └── DNS filtering settings:
|           ├── Block malicious: yes
|           ├── Block ads: no
|           ├── Block surveillance: no
|           └── Blocked IP networks:
|               ├── 127.0.0.1/8
|               ├── 10.0.0.0/8
|               ├── 172.16.0.0/12
|               ├── 192.168.0.0/16
|               ├── 169.254.0.0/16
|               ├── ::1/128
|               ├── fc00::/7
|               ├── fe80::/10
|               ├── ::ffff:127.0.0.1/104
|               ├── ::ffff:10.0.0.0/104
|               ├── ::ffff:169.254.0.0/112
|               ├── ::ffff:172.16.0.0/108
|               └── ::ffff:192.168.0.0/112
├── Firewall settings:
|   └── Enabled: yes
├── Log settings:
|   └── Log level: info
├── Health settings:
|   ├── Server listening address: 127.0.0.1:9999
|   ├── Target address: cloudflare.com:443
|   ├── Duration to wait after success: 5s
|   ├── Read header timeout: 100ms
|   ├── Read timeout: 500ms
|   └── VPN wait durations:
|       ├── Initial duration: 6s
|       └── Additional duration: 5s
├── Shadowsocks server settings:
|   └── Enabled: no
├── HTTP proxy settings:
|   └── Enabled: no
├── Control server settings:
|   ├── Listening address: :8000
|   ├── Logging: yes
|   └── Authentication file path: /gluetun/auth/config.toml
├── Storage settings:
|   └── Filepath: /gluetun/servers.json
├── OS Alpine settings:
|   ├── Process UID: 1026
|   ├── Process GID: 100
|   └── Timezone: Europe/London
├── Public IP settings:
|   ├── Fetching: every 12h0m0s
|   ├── IP file path: /tmp/gluetun/ip
|   └── Public IP data API: ipinfo
└── Version settings:
    └── Enabled: yes
2024-09-27T10:40:42+01:00 INFO [routing] default route found: interface eth0, gateway 192.168.240.1, assigned IP 192.168.240.2 and family v4
2024-09-27T10:40:42+01:00 INFO [routing] adding route for 0.0.0.0/0
2024-09-27T10:40:42+01:00 INFO [firewall] setting allowed subnets...
2024-09-27T10:40:42+01:00 INFO [routing] default route found: interface eth0, gateway 192.168.240.1, assigned IP 192.168.240.2 and family v4
2024-09-27T10:40:42+01:00 INFO [dns] using plaintext DNS at address 1.1.1.1
2024-09-27T10:40:42+01:00 INFO [http server] http server listening on [::]:8000
2024-09-27T10:40:42+01:00 INFO [healthcheck] listening on 127.0.0.1:9999
2024-09-27T10:40:42+01:00 INFO [firewall] allowing VPN connection...
2024-09-27T10:40:42+01:00 INFO [openvpn] 2024-09-27 10:40:42 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-09-27T10:40:42+01:00 INFO [openvpn] DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2024-09-27T10:40:42+01:00 INFO [openvpn] OpenVPN 2.5.10 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jul  2 2024
2024-09-27T10:40:42+01:00 INFO [openvpn] library versions: OpenSSL 3.3.2 3 Sep 2024, LZO 2.10
2024-09-27T10:40:42+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]107.181.136.103:1194
2024-09-27T10:40:42+01:00 INFO [openvpn] UDP link local: (not bound)
2024-09-27T10:40:42+01:00 INFO [openvpn] UDP link remote: [AF_INET]107.181.136.103:1194
2024-09-27T10:40:42+01:00 WARN [openvpn] 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
2024-09-27T10:40:42+01:00 INFO [openvpn] [server] Peer Connection Initiated with [AF_INET]107.181.136.103:1194
2024-09-27T10:40:42+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:40:42+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:40:42+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-09-27T10:40:42+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:40:43+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:40:43+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 local 10.8.0.30 peer 10.8.0.29
2024-09-27T10:40:43+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:40:43+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:40:43+01:00 INFO [openvpn] /sbin/ip -6 addr add fd15:53b6:dead::2/64 dev tun0
2024-09-27T10:40:43+01:00 ERROR [openvpn] RTNETLINK answers: Permission denied
2024-09-27T10:40:43+01:00 INFO [openvpn] Linux ip -6 addr add failed: external program exited with error status: 2
2024-09-27T10:40:43+01:00 INFO [openvpn] Exiting due to fatal error
2024-09-27T10:40:43+01:00 ERROR [vpn] exit status 1
2024-09-27T10:40:43+01:00 INFO [vpn] retrying in 15s
2024-09-27T10:40:48+01:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN
2024-09-27T10:40:48+01:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-09-27T10:40:48+01:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-09-27T10:40:58+01:00 INFO [firewall] allowing VPN connection...
2024-09-27T10:40:58+01:00 INFO [openvpn] 2024-09-27 10:40:58 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-09-27T10:40:58+01:00 INFO [openvpn] DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2024-09-27T10:40:58+01:00 INFO [openvpn] OpenVPN 2.5.10 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jul  2 2024
2024-09-27T10:40:58+01:00 INFO [openvpn] library versions: OpenSSL 3.3.2 3 Sep 2024, LZO 2.10
2024-09-27T10:40:58+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]107.181.136.103:1194
2024-09-27T10:40:58+01:00 INFO [openvpn] UDP link local: (not bound)
2024-09-27T10:40:58+01:00 INFO [openvpn] UDP link remote: [AF_INET]107.181.136.103:1194
2024-09-27T10:40:58+01:00 WARN [openvpn] 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
2024-09-27T10:40:58+01:00 INFO [openvpn] [server] Peer Connection Initiated with [AF_INET]107.181.136.103:1194
2024-09-27T10:40:58+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:40:58+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:40:58+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-09-27T10:40:58+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:40:58+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:40:58+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 local 10.8.0.42 peer 10.8.0.41
2024-09-27T10:40:58+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:40:58+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:40:58+01:00 INFO [openvpn] /sbin/ip -6 addr add fd15:53b6:dead::2/64 dev tun0
2024-09-27T10:40:58+01:00 ERROR [openvpn] RTNETLINK answers: Permission denied
2024-09-27T10:40:58+01:00 INFO [openvpn] Linux ip -6 addr add failed: external program exited with error status: 2
2024-09-27T10:40:58+01:00 INFO [openvpn] Exiting due to fatal error
2024-09-27T10:40:58+01:00 ERROR [vpn] exit status 1
2024-09-27T10:40:58+01:00 INFO [vpn] retrying in 15s
2024-09-27T10:41:09+01:00 INFO [healthcheck] program has been unhealthy for 11s: restarting VPN
2024-09-27T10:41:09+01:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-09-27T10:41:09+01:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-09-27T10:41:13+01:00 INFO [firewall] allowing VPN connection...
2024-09-27T10:41:13+01:00 INFO [openvpn] 2024-09-27 10:41:13 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-09-27T10:41:13+01:00 INFO [openvpn] DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2024-09-27T10:41:13+01:00 INFO [openvpn] OpenVPN 2.5.10 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jul  2 2024
2024-09-27T10:41:13+01:00 INFO [openvpn] library versions: OpenSSL 3.3.2 3 Sep 2024, LZO 2.10
2024-09-27T10:41:13+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]107.181.136.103:1194
2024-09-27T10:41:13+01:00 INFO [openvpn] UDP link local: (not bound)
2024-09-27T10:41:13+01:00 INFO [openvpn] UDP link remote: [AF_INET]107.181.136.103:1194
2024-09-27T10:41:13+01:00 WARN [openvpn] 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
2024-09-27T10:41:13+01:00 INFO [openvpn] [server] Peer Connection Initiated with [AF_INET]107.181.136.103:1194
2024-09-27T10:41:13+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:41:13+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:41:13+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-09-27T10:41:13+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:41:13+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:41:13+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 local 10.8.0.46 peer 10.8.0.45
2024-09-27T10:41:13+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:41:13+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:41:13+01:00 INFO [openvpn] /sbin/ip -6 addr add fd15:53b6:dead::2/64 dev tun0
2024-09-27T10:41:13+01:00 ERROR [openvpn] RTNETLINK answers: Permission denied
2024-09-27T10:41:13+01:00 INFO [openvpn] Linux ip -6 addr add failed: external program exited with error status: 2
2024-09-27T10:41:13+01:00 INFO [openvpn] Exiting due to fatal error
2024-09-27T10:41:13+01:00 ERROR [vpn] exit status 1
2024-09-27T10:41:13+01:00 INFO [vpn] retrying in 15s
2024-09-27T10:41:28+01:00 INFO [firewall] allowing VPN connection...
2024-09-27T10:41:28+01:00 INFO [openvpn] 2024-09-27 10:41:28 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-09-27T10:41:28+01:00 INFO [openvpn] DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2024-09-27T10:41:28+01:00 INFO [openvpn] OpenVPN 2.5.10 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jul  2 2024
2024-09-27T10:41:28+01:00 INFO [openvpn] library versions: OpenSSL 3.3.2 3 Sep 2024, LZO 2.10
2024-09-27T10:41:28+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]107.181.136.103:1194
2024-09-27T10:41:28+01:00 INFO [openvpn] UDP link local: (not bound)
2024-09-27T10:41:28+01:00 INFO [openvpn] UDP link remote: [AF_INET]107.181.136.103:1194
2024-09-27T10:41:29+01:00 WARN [openvpn] 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
2024-09-27T10:41:29+01:00 INFO [openvpn] [server] Peer Connection Initiated with [AF_INET]107.181.136.103:1194
2024-09-27T10:41:29+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:41:29+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:41:29+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-09-27T10:41:29+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:41:29+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:41:29+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 local 10.8.0.50 peer 10.8.0.49
2024-09-27T10:41:29+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:41:29+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:41:29+01:00 INFO [openvpn] /sbin/ip -6 addr add fd15:53b6:dead::2/64 dev tun0
2024-09-27T10:41:29+01:00 ERROR [openvpn] RTNETLINK answers: Permission denied
2024-09-27T10:41:29+01:00 INFO [openvpn] Linux ip -6 addr add failed: external program exited with error status: 2
2024-09-27T10:41:29+01:00 INFO [openvpn] Exiting due to fatal error
2024-09-27T10:41:29+01:00 ERROR [vpn] exit status 1
2024-09-27T10:41:29+01:00 INFO [vpn] retrying in 15s
2024-09-27T10:41:29+01:00 INFO [healthcheck] program has been unhealthy for 16s: restarting VPN
2024-09-27T10:41:29+01:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-09-27T10:41:29+01:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-09-27T10:41:44+01:00 INFO [firewall] allowing VPN connection...
2024-09-27T10:41:44+01:00 INFO [openvpn] 2024-09-27 10:41:44 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-09-27T10:41:44+01:00 INFO [openvpn] DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2024-09-27T10:41:44+01:00 INFO [openvpn] OpenVPN 2.5.10 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jul  2 2024
2024-09-27T10:41:44+01:00 INFO [openvpn] library versions: OpenSSL 3.3.2 3 Sep 2024, LZO 2.10
2024-09-27T10:41:44+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]107.181.136.103:1194
2024-09-27T10:41:44+01:00 INFO [openvpn] UDP link local: (not bound)
2024-09-27T10:41:44+01:00 INFO [openvpn] UDP link remote: [AF_INET]107.181.136.103:1194
2024-09-27T10:41:44+01:00 WARN [openvpn] 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
2024-09-27T10:41:44+01:00 INFO [openvpn] [server] Peer Connection Initiated with [AF_INET]107.181.136.103:1194
2024-09-27T10:41:44+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:41:44+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:41:44+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-09-27T10:41:44+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:41:44+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:41:44+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 local 10.8.0.54 peer 10.8.0.53
2024-09-27T10:41:44+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:41:44+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:41:44+01:00 INFO [openvpn] /sbin/ip -6 addr add fd15:53b6:dead::2/64 dev tun0
2024-09-27T10:41:44+01:00 ERROR [openvpn] RTNETLINK answers: Permission denied
2024-09-27T10:41:44+01:00 INFO [openvpn] Linux ip -6 addr add failed: external program exited with error status: 2
2024-09-27T10:41:44+01:00 INFO [openvpn] Exiting due to fatal error
2024-09-27T10:41:44+01:00 ERROR [vpn] exit status 1
2024-09-27T10:41:44+01:00 INFO [vpn] retrying in 15s
2024-09-27T10:41:59+01:00 INFO [firewall] allowing VPN connection...
2024-09-27T10:41:59+01:00 INFO [openvpn] 2024-09-27 10:41:59 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-09-27T10:41:59+01:00 INFO [openvpn] DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2024-09-27T10:41:59+01:00 INFO [openvpn] OpenVPN 2.5.10 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jul  2 2024
2024-09-27T10:41:59+01:00 INFO [openvpn] library versions: OpenSSL 3.3.2 3 Sep 2024, LZO 2.10
2024-09-27T10:41:59+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]107.181.136.103:1194
2024-09-27T10:41:59+01:00 INFO [openvpn] UDP link local: (not bound)
2024-09-27T10:41:59+01:00 INFO [openvpn] UDP link remote: [AF_INET]107.181.136.103:1194
2024-09-27T10:41:59+01:00 WARN [openvpn] 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
2024-09-27T10:41:59+01:00 INFO [openvpn] [server] Peer Connection Initiated with [AF_INET]107.181.136.103:1194
2024-09-27T10:41:59+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:41:59+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:41:59+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-09-27T10:41:59+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:41:59+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:41:59+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 local 10.8.0.62 peer 10.8.0.61
2024-09-27T10:41:59+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:41:59+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:41:59+01:00 INFO [openvpn] /sbin/ip -6 addr add fd15:53b6:dead::2/64 dev tun0
2024-09-27T10:41:59+01:00 ERROR [openvpn] RTNETLINK answers: Permission denied
2024-09-27T10:41:59+01:00 INFO [openvpn] Linux ip -6 addr add failed: external program exited with error status: 2
2024-09-27T10:41:59+01:00 INFO [openvpn] Exiting due to fatal error
2024-09-27T10:41:59+01:00 ERROR [vpn] exit status 1
2024-09-27T10:41:59+01:00 INFO [vpn] retrying in 15s
2024-09-27T10:42:05+01:00 INFO [healthcheck] program has been unhealthy for 21s: restarting VPN
2024-09-27T10:42:05+01:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-09-27T10:42:05+01:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-09-27T10:42:14+01:00 INFO [firewall] allowing VPN connection...
2024-09-27T10:42:14+01:00 INFO [openvpn] 2024-09-27 10:42:14 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-09-27T10:42:14+01:00 INFO [openvpn] DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2024-09-27T10:42:14+01:00 INFO [openvpn] OpenVPN 2.5.10 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jul  2 2024
2024-09-27T10:42:14+01:00 INFO [openvpn] library versions: OpenSSL 3.3.2 3 Sep 2024, LZO 2.10
2024-09-27T10:42:14+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]107.181.136.103:1194
2024-09-27T10:42:14+01:00 INFO [openvpn] UDP link local: (not bound)
2024-09-27T10:42:14+01:00 INFO [openvpn] UDP link remote: [AF_INET]107.181.136.103:1194
2024-09-27T10:42:15+01:00 WARN [openvpn] 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
2024-09-27T10:42:15+01:00 INFO [openvpn] [server] Peer Connection Initiated with [AF_INET]107.181.136.103:1194
2024-09-27T10:42:15+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:42:15+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:42:15+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-09-27T10:42:15+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:42:15+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:42:15+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 local 10.8.0.78 peer 10.8.0.77
2024-09-27T10:42:15+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:42:15+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:42:15+01:00 INFO [openvpn] /sbin/ip -6 addr add fd15:53b6:dead::2/64 dev tun0
2024-09-27T10:42:15+01:00 ERROR [openvpn] RTNETLINK answers: Permission denied
2024-09-27T10:42:15+01:00 INFO [openvpn] Linux ip -6 addr add failed: external program exited with error status: 2
2024-09-27T10:42:15+01:00 INFO [openvpn] Exiting due to fatal error
2024-09-27T10:42:15+01:00 ERROR [vpn] exit status 1
2024-09-27T10:42:15+01:00 INFO [vpn] retrying in 15s
2024-09-27T10:42:30+01:00 INFO [firewall] allowing VPN connection...
2024-09-27T10:42:30+01:00 INFO [openvpn] 2024-09-27 10:42:30 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-09-27T10:42:30+01:00 INFO [openvpn] DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2024-09-27T10:42:30+01:00 INFO [openvpn] OpenVPN 2.5.10 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jul  2 2024
2024-09-27T10:42:30+01:00 INFO [openvpn] library versions: OpenSSL 3.3.2 3 Sep 2024, LZO 2.10
2024-09-27T10:42:30+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]107.181.136.103:1194
2024-09-27T10:42:30+01:00 INFO [openvpn] UDP link local: (not bound)
2024-09-27T10:42:30+01:00 INFO [openvpn] UDP link remote: [AF_INET]107.181.136.103:1194
2024-09-27T10:42:30+01:00 WARN [openvpn] 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
2024-09-27T10:42:30+01:00 INFO [openvpn] [server] Peer Connection Initiated with [AF_INET]107.181.136.103:1194
2024-09-27T10:42:30+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:42:30+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:42:30+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-09-27T10:42:30+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:42:30+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:42:30+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 local 10.8.0.86 peer 10.8.0.85
2024-09-27T10:42:30+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:42:30+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:42:30+01:00 INFO [openvpn] /sbin/ip -6 addr add fd15:53b6:dead::2/64 dev tun0
2024-09-27T10:42:30+01:00 ERROR [openvpn] RTNETLINK answers: Permission denied
2024-09-27T10:42:30+01:00 INFO [openvpn] Linux ip -6 addr add failed: external program exited with error status: 2
2024-09-27T10:42:30+01:00 INFO [openvpn] Exiting due to fatal error
2024-09-27T10:42:30+01:00 ERROR [vpn] exit status 1
2024-09-27T10:42:30+01:00 INFO [vpn] retrying in 15s
2024-09-27T10:42:40+01:00 INFO [healthcheck] program has been unhealthy for 26s: restarting VPN
2024-09-27T10:42:40+01:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-09-27T10:42:40+01:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-09-27T10:42:45+01:00 INFO [firewall] allowing VPN connection...
2024-09-27T10:42:45+01:00 INFO [openvpn] 2024-09-27 10:42:45 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-09-27T10:42:45+01:00 INFO [openvpn] DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2024-09-27T10:42:45+01:00 INFO [openvpn] OpenVPN 2.5.10 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jul  2 2024
2024-09-27T10:42:45+01:00 INFO [openvpn] library versions: OpenSSL 3.3.2 3 Sep 2024, LZO 2.10
2024-09-27T10:42:45+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]107.181.136.103:1194
2024-09-27T10:42:45+01:00 INFO [openvpn] UDP link local: (not bound)
2024-09-27T10:42:45+01:00 INFO [openvpn] UDP link remote: [AF_INET]107.181.136.103:1194
2024-09-27T10:42:45+01:00 WARN [openvpn] 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
2024-09-27T10:42:45+01:00 INFO [openvpn] [server] Peer Connection Initiated with [AF_INET]107.181.136.103:1194
2024-09-27T10:42:45+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:42:45+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:42:45+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-09-27T10:42:45+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:42:45+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:42:45+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 local 10.8.0.30 peer 10.8.0.29
2024-09-27T10:42:45+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:42:45+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:42:45+01:00 INFO [openvpn] /sbin/ip -6 addr add fd15:53b6:dead::2/64 dev tun0
2024-09-27T10:42:45+01:00 ERROR [openvpn] RTNETLINK answers: Permission denied
2024-09-27T10:42:45+01:00 INFO [openvpn] Linux ip -6 addr add failed: external program exited with error status: 2
2024-09-27T10:42:45+01:00 INFO [openvpn] Exiting due to fatal error
2024-09-27T10:42:45+01:00 ERROR [vpn] exit status 1
2024-09-27T10:42:45+01:00 INFO [vpn] retrying in 15s
2024-09-27T10:43:00+01:00 INFO [firewall] allowing VPN connection...
2024-09-27T10:43:00+01:00 INFO [openvpn] 2024-09-27 10:43:00 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-09-27T10:43:00+01:00 INFO [openvpn] DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2024-09-27T10:43:00+01:00 INFO [openvpn] OpenVPN 2.5.10 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Jul  2 2024
2024-09-27T10:43:00+01:00 INFO [openvpn] library versions: OpenSSL 3.3.2 3 Sep 2024, LZO 2.10
2024-09-27T10:43:00+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]107.181.136.103:1194
2024-09-27T10:43:00+01:00 INFO [openvpn] UDP link local: (not bound)
2024-09-27T10:43:00+01:00 INFO [openvpn] UDP link remote: [AF_INET]107.181.136.103:1194
2024-09-27T10:43:00+01:00 WARN [openvpn] 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
2024-09-27T10:43:00+01:00 INFO [openvpn] [server] Peer Connection Initiated with [AF_INET]107.181.136.103:1194
2024-09-27T10:43:00+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:43:00+01:00 WARN [openvpn] You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2024-09-27T10:43:00+01:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-09-27T10:43:00+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:43:00+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:43:00+01:00 INFO [openvpn] /sbin/ip addr add dev tun0 local 10.8.0.42 peer 10.8.0.41
2024-09-27T10:43:00+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-27T10:43:00+01:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-27T10:43:00+01:00 INFO [openvpn] /sbin/ip -6 addr add fd15:53b6:dead::2/64 dev tun0
2024-09-27T10:43:00+01:00 ERROR [openvpn] RTNETLINK answers: Permission denied
2024-09-27T10:43:00+01:00 INFO [openvpn] Linux ip -6 addr add failed: external program exited with error status: 2
2024-09-27T10:43:00+01:00 INFO [openvpn] Exiting due to fatal error
2024-09-27T10:43:00+01:00 ERROR [vpn] exit status 1
2024-09-27T10:43:00+01:00 INFO [vpn] retrying in 15s

[Scotty1928]

Sorry, it took slightly longer. I have just checked again.

OPENVPN_VERSION=2.5 with gluetun:latest YES it is running 2.5 as per the logs but NO it does not work. Everything else was kept the same.

[arseneyr]

Have you tried adding

sysctls:
  - net.ipv6.conf.all.disable_ipv6=0

to your compose file?

[Scotty1928]

Lol, i have completely missed your response! Yes, that works with :latest as well.

[qdm12]

Interesting! I'm working in #2523 on improving IPv6 support detection, since it's, as you've seen, not really reliable. This would also solve a few issues, including this one. Can any of you try out image qmcgaw/gluetun:pr-2523 together with LOG_LEVEL=debug and remove the option net.ipv6.conf.all.disable_ipv6=0 to see how it performs, and, if it fails, what logs you get?