Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ERROR [ip getter] and WARN [dns] #59

Closed
hypnosis4u2nv opened this issue Mar 22, 2024 · 19 comments
Closed

ERROR [ip getter] and WARN [dns] #59

hypnosis4u2nv opened this issue Mar 22, 2024 · 19 comments

Comments

@hypnosis4u2nv
Copy link

I see that others are having the same issue with other VPN's, but it seems I can't get Gluetun past these I/O errors. Also the server list for Surfshark needs to be updated, a few locations have changed names.

2024-03-22T13:31:01-04:00 INFO [vpn] starting
2024-03-22T13:31:01-04:00 INFO [firewall] allowing VPN connection...
2024-03-22T13:31:01-04:00 INFO [wireguard] Using available kernelspace implementation
2024-03-22T13:31:01-04:00 INFO [wireguard] Connecting to 37.19.211.29:51820
2024-03-22T13:31:01-04:00 INFO [wireguard] Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working.
2024-03-22T13:31:02-04:00 INFO [dns] downloading DNS over TLS cryptographic files
2024-03-22T13:31:05-04:00 ERROR [ip getter] Get "https://ipinfo.io/": dial tcp: lookup ipinfo.io on 1.1.1.1:53: read udp 10.14.0.2:33315->1.1.1.1:53: i/o timeout - retrying in 10s
2024-03-22T13:31:12-04:00 WARN [dns] cannot update files: Get "https://www.internic.net/domain/named.root": dial tcp: lookup www.internic.net on 1.1.1.1:53: read udp 10.14.0.2:46009->1.1.1.1:53: i/o timeout
2024-03-22T13:31:12-04:00 INFO [dns] attempting restart in 20s
2024-03-22T13:31:17-04:00 INFO [healthcheck] program has been unhealthy for 16s: restarting VPN
2024-03-22T13:31:17-04:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-03-22T13:31:17-04:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-03-22T13:31:17-04:00 INFO [vpn] stopping

@hypnosis4u2nv
Copy link
Author

Changing DOT_PROVIDERS to google

2024-03-22T13:42:45-04:00 INFO [vpn] starting
2024-03-22T13:42:45-04:00 INFO [firewall] allowing VPN connection...
2024-03-22T13:42:45-04:00 INFO [wireguard] Using available kernelspace implementation
2024-03-22T13:42:45-04:00 INFO [wireguard] Connecting to 149.88.97.2:51820
2024-03-22T13:42:45-04:00 INFO [wireguard] Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working.
2024-03-22T13:42:52-04:00 WARN [dns] cannot update files: Get "https://www.internic.net/domain/named.root": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
2024-03-22T13:42:52-04:00 INFO [dns] attempting restart in 20s
2024-03-22T13:43:03-04:00 ERROR [ip getter] Get "https://ipinfo.io/": context deadline exceeded (Client.Timeout exceeded while awaiting headers) - retrying in 20s
2024-03-22T13:43:06-04:00 INFO [healthcheck] program has been unhealthy for 21s: restarting VPN
2024-03-22T13:43:06-04:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-03-22T13:43:06-04:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-03-22T13:43:06-04:00 INFO [vpn] stopping

@hypnosis4u2nv
Copy link
Author

Also, this is an issue with Wireguard as the OpenVPN configuration works fine.

@mikescott55
Copy link

I'm getting the exact same errors. Trying to set it up using Windscribe and no matter what I've tried, it comes back that way.

@avivzk2
Copy link

avivzk2 commented Mar 24, 2024

Is there any update on this? Maybe a working version of the image?

@hypnosis4u2nv
Copy link
Author

No image update yet. Created another container using OpenVPN settings for now since it only affects Wireguard containers.

@fdfytr
Copy link

fdfytr commented Mar 29, 2024

same issue with wireguard + surfshark

@jaybp
Copy link

jaybp commented Apr 11, 2024

Same issue with openvpn + surfshark

@hypnosis4u2nv
Copy link
Author

13:42:45

I confirmed that OpenVPN is working with surfshark on the latest image. Change the server as Surfshark has changed some of the server addresses and they haven't been updated yet.

@jaybp
Copy link

jaybp commented Apr 11, 2024

I confirmed that OpenVPN is working with surfshark on the latest image. Change the server as Surfshark has changed some of the server addresses and they haven't been updated yet.

I copied the server directly from surfshark web login. Would really appreciate if you can look at this log and help figure out what's wrong. Full log is here - #62

2024-04-10T23:10:00-04:00 INFO Settings summary:
├── VPN settings:
|   ├── VPN provider settings:
|   |   ├── Name: surfshark
|   |   └── Server selection settings:
|   |       ├── VPN type: openvpn
|   |       ├── Hostnames: ca-tor.prod.surfshark.com
|   |       └── OpenVPN server selection settings:
|   |           └── Protocol: UDP
|   └── OpenVPN settings:
|       ├── OpenVPN version: 2.5
|       ├── User: [set]
|       ├── Password: [set]
|       ├── Network interface: tun0
|       ├── Run OpenVPN as: root
|       └── Verbosity level: 1
├── DNS settings:
|   └── Keep existing nameserver(s): yes
├── Firewall settings:
|   └── Enabled: no
├── Log settings:
|   └── Log level: INFO
├── Health settings:
|   ├── Server listening address: 127.0.0.1:9999
|   ├── Target address: cloudflare.com:443
|   ├── Duration to wait after success: 5s
|   ├── Read header timeout: 100ms
|   ├── Read timeout: 500ms
|   └── VPN wait durations:
|       ├── Initial duration: 6s
|       └── Additional duration: 5s
├── Shadowsocks server settings:
|   └── Enabled: no
├── HTTP proxy settings:
|   └── Enabled: no
├── Control server settings:
|   ├── Listening address: :8000
|   └── Logging: yes
├── OS Alpine settings:
|   ├── Process UID: 568
|   ├── Process GID: 568
|   └── Timezone: america/toronto
├── Public IP settings:
|   ├── Fetching: every 12h0m0s
|   ├── IP file path: /tmp/gluetun/ip
|   └── Public IP data API: ipinfo
└── Version settings:
└── Enabled: yes

@hypnosis4u2nv
Copy link
Author

I confirmed that OpenVPN is working with surfshark on the latest image. Change the server as Surfshark has changed some of the server addresses and they haven't been updated yet.

I copied the server directly from surfshark web login. Would really appreciate if you can look at this log and help figure out what's wrong. Full log is here - #62

2024-04-10T23:10:00-04:00 INFO Settings summary:
├── VPN settings:
|   ├── VPN provider settings:
|   |   ├── Name: surfshark
|   |   └── Server selection settings:
|   |       ├── VPN type: openvpn
|   |       ├── Hostnames: ca-tor.prod.surfshark.com
|   |       └── OpenVPN server selection settings:
|   |           └── Protocol: UDP
|   └── OpenVPN settings:
|       ├── OpenVPN version: 2.5
|       ├── User: [set]
|       ├── Password: [set]
|       ├── Network interface: tun0
|       ├── Run OpenVPN as: root
|       └── Verbosity level: 1
├── DNS settings:
|   └── Keep existing nameserver(s): yes
├── Firewall settings:
|   └── Enabled: no
├── Log settings:
|   └── Log level: INFO
├── Health settings:
|   ├── Server listening address: 127.0.0.1:9999
|   ├── Target address: cloudflare.com:443
|   ├── Duration to wait after success: 5s
|   ├── Read header timeout: 100ms
|   ├── Read timeout: 500ms
|   └── VPN wait durations:
|       ├── Initial duration: 6s
|       └── Additional duration: 5s
├── Shadowsocks server settings:
|   └── Enabled: no
├── HTTP proxy settings:
|   └── Enabled: no
├── Control server settings:
|   ├── Listening address: :8000
|   └── Logging: yes
├── OS Alpine settings:
|   ├── Process UID: 568
|   ├── Process GID: 568
|   └── Timezone: america/toronto
├── Public IP settings:
|   ├── Fetching: every 12h0m0s
|   ├── IP file path: /tmp/gluetun/ip
|   └── Public IP data API: ipinfo
└── Version settings:
└── Enabled: yes

I'm actually using the same server. There's one setting that is different - try Enable Firewall Settings to yes (on)

@hypnosis4u2nv
Copy link
Author

Here's my settings and log

├── VPN settings:
|   ├── VPN provider settings:
|   |   ├── Name: surfshark
|   |   └── Server selection settings:
|   |       ├── VPN type: openvpn
|   |       ├── Hostnames: ca-tor.prod.surfshark.com
|   |       └── OpenVPN server selection settings:
|   |           └── Protocol: UDP
|   └── OpenVPN settings:
|       ├── OpenVPN version: 2.5
|       ├── User: [set]
|       ├── Password: [set]
|       ├── Network interface: tun0
|       ├── Run OpenVPN as: root
|       └── Verbosity level: 1
├── DNS settings:
|   ├── Keep existing nameserver(s): no
|   ├── DNS server address to use: 127.0.0.1
|   └── DNS over TLS settings:
|       ├── Enabled: yes
|       ├── Update period: every 24h0m0s
|       ├── Unbound settings:
|       |   ├── Authoritative servers:
|       |   |   └── cloudflare
|       |   ├── Caching: yes
|       |   ├── IPv6: no
|       |   ├── Verbosity level: 1
|       |   ├── Verbosity details level: 0
|       |   ├── Validation log level: 0
|       |   ├── System user: root
|       |   └── Allowed networks:
|       |       ├── 0.0.0.0/0
|       |       └── ::/0
|       └── DNS filtering settings:
|           ├── Block malicious: yes
|           ├── Block ads: no
|           ├── Block surveillance: no
|           └── Blocked IP networks:
|               ├── 127.0.0.1/8
|               ├── 10.0.0.0/8
|               ├── 172.16.0.0/12
|               ├── 192.168.0.0/16
|               ├── 169.254.0.0/16
|               ├── ::1/128
|               ├── fc00::/7
|               ├── fe80::/10
|               ├── ::ffff:127.0.0.1/104
|               ├── ::ffff:10.0.0.0/104
|               ├── ::ffff:169.254.0.0/112
|               ├── ::ffff:172.16.0.0/108
|               └── ::ffff:192.168.0.0/112
├── Firewall settings:
|   └── Enabled: yes
├── Log settings:
|   └── Log level: info
├── Health settings:
|   ├── Server listening address: 127.0.0.1:9999
|   ├── Target address: cloudflare.com:443
|   ├── Duration to wait after success: 5s
|   ├── Read header timeout: 100ms
|   ├── Read timeout: 500ms
|   └── VPN wait durations:
|       ├── Initial duration: 6s
|       └── Additional duration: 5s
├── Shadowsocks server settings:
|   └── Enabled: no
|   └── Public IP data API: ipinfo
└── Version settings:
    └── Enabled: yes
2024-04-08T03:53:51-04:00 INFO [routing] default route found: interface eth0, gateway 10.0.3.1, assigned IP 10.0.3.12 and family v4
2024-04-08T03:53:51-04:00 INFO [routing] adding route for 0.0.0.0/0
2024-04-08T03:53:51-04:00 INFO [firewall] setting allowed subnets...
2024-04-08T03:53:51-04:00 INFO [routing] default route found: interface eth0, gateway 10.0.3.1, assigned IP 10.0.3.12 and family v4
2024-04-08T03:53:51-04:00 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
2024-04-08T03:53:51-04:00 INFO [dns] using plaintext DNS at address 1.1.1.1
2024-04-08T03:53:51-04:00 INFO [http server] http server listening on [::]:8000
2024-04-08T03:53:51-04:00 INFO [healthcheck] listening on 127.0.0.1:9999
2024-04-08T03:53:51-04:00 INFO [firewall] allowing VPN connection...
2024-04-08T03:53:51-04:00 INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2024-04-08T03:53:51-04:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-04-08T03:53:51-04:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]37.19.211.94:1194
2024-04-08T03:53:51-04:00 INFO [openvpn] UDP link local: (not bound)
2024-04-08T03:53:51-04:00 INFO [openvpn] UDP link remote: [AF_INET]37.19.211.94:1194
2024-04-08T03:53:51-04:00 INFO [openvpn] [ca-tor-v083.prod.surfshark.com] Peer Connection Initiated with [AF_INET]37.19.211.94:1194
2024-04-08T03:53:52-04:00 ERROR [openvpn] Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:7: block-outside-dns (2.5.8)
2024-04-08T03:53:52-04:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-04-08T03:53:52-04:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-04-08T03:53:52-04:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-04-08T03:53:52-04:00 INFO [openvpn] /sbin/ip addr add dev tun0 10.8.8.2/24
2024-04-08T03:53:52-04:00 INFO [openvpn] UID set to nonrootuser
2024-04-08T03:53:52-04:00 INFO [openvpn] Initialization Sequence Completed
2024-04-08T03:53:52-04:00 INFO [dns] downloading DNS over TLS cryptographic files
2024-04-08T03:53:53-04:00 INFO [healthcheck] healthy!

@fdfytr
Copy link

fdfytr commented Apr 12, 2024

had similar issue with wireguard and surfshark

solution: had to change incorrect server IP from gluetun wiki to updated from surfshark

@jaybp
Copy link

jaybp commented Apr 12, 2024

had similar issue with wireguard and surfshark

solution: had to change incorrect server IP from gluetun wiki to updated from surfshark

Yep, I copied my server name directly from surfshark
Hostnames: ca-tor.prod.surfshark.com

@jaybp
Copy link

jaybp commented Apr 12, 2024

Here's my settings and log

├── VPN settings:
├── Firewall settings:
|   └── Enabled: yes

How do I set Firewall to true? This page doesn't show that option
https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/surfshark.md

@ItzDerock
Copy link

running into the same issue with wireguard + windscribe, using openvpn works fine. Not sure if this matters, but I am running docker in a privileged LXC container on Proxmox.

@crispybegs
Copy link

same problem with windscribe. tried downloading a new wireguard config, no luck. Tried a new config with a new location, still no luck.

any pointers gratefully received. gluetun's been working fine for months but now suddenly not.

@crispybegs
Copy link

I'm getting the exact same errors. Trying to set it up using Windscribe and no matter what I've tried, it comes back that way.

did you find a fix? same windscribe issue here

@qdm12
Copy link
Owner

qdm12 commented Jul 29, 2024

First, have you read Typically i/o timeout errors indicate the Wireguard connection is not working. in your logs???

Second have you read

2024-03-22T13:31:17-04:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-03-22T13:31:17-04:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE 

Have you updated your servers data??????

How do I set Firewall to true? This page doesn't show that option

This drives me mad. Don't touch it. It's undocumented on purpose. The firewall is enabled by default. I even renamed the environment variable to FIREWALL_ENABLED_DISABLING_IT_SHOOTS_YOU_IN_YOUR_FOOT so it's clear you should NOT use it!!!

Finally, this is the WIKI so not a place for reporting bugs (this is unlikely a bug on top of this). Please migrate this to Github discussion on the Gluetun repository, or qdm12/gluetun#2154 🤷

@qdm12 qdm12 closed this as not planned Won't fix, can't repro, duplicate, stale Jul 29, 2024
Copy link

Closed issues are NOT monitored, so commenting here will NOT be seen by the maintainer.
If you think this is still unresolved and have more information to bring, please create another issue.

This is an automated comment setup because @qdm12 is the sole maintainer of this project
which became too popular to monitor closed issues for additional comments.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

8 participants