Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Container doesn't switch from starting to running #1416

Closed
gitdeath opened this issue Oct 24, 2020 · 4 comments
Closed

Container doesn't switch from starting to running #1416

gitdeath opened this issue Oct 24, 2020 · 4 comments
Labels
inactivity Used by Stale bot to mark issues that will be closed

Comments

@gitdeath
Copy link

gitdeath commented Oct 24, 2020
edited
Loading

Describe the problem
Container never completes "Starting"

Add your docker run command
docker stack deploy -c transmission.yml --resolve-image=never transmission

 transmissionopenvpn:
    volumes:
      - /mnt/transmission:/data
      - /etc/localtime:/etc/localtime:ro
    environment:
      - PUID=1000
      - GUID=1000
      - CREATE_TUN_DEVICE=true
      - OPENVPN_PROVIDER=HIDEMYASS
      - OPENVPN_CONFIG=USA.Illinois.Chicago.UDP,USA.UDP,Canada.BritishColumbia.Vancouver.UDP
      - OPENVPN_USERNAME=<edit username out>
      - OPENVPN_PASSWORD=<edit password out>
      - WEBPROXY_ENABLED=false
      - LOCAL_NETWORK=192.168.0.0/16 #,10.0.0.0/8 #,172.19.0.0/16
      - OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60
    cap_add:
      - NET_ADMIN
    sysctls:
      - net.ipv6.conf.all.disable_ipv6=0
    ports:
      - 9091:9091
      - 8888:8888
    image: haugene/transmission-openvpn:latest-armhf

Logs

pi@manager2:/mnt/config/compose_files $ docker ps

CONTAINER ID   IMAGE                                       COMMAND                  CREATED         STATUS                            PORTS      NAMES
805c6e27540f   haugene/transmission-openvpn:latest-armhf   "/usr/bin/entry.sh d…"   3 minutes ago   Up 3 minutes (health: starting)   9091/tcp   transmission_transmissionopenvpn.1.dlb4msi6r1ls8naglzmv0pw4i

pi@manager2:/mnt/config/compose_files $ docker logs 805c6e27540f

Using OpenVPN provider: HIDEMYASS
3 servers found in OPENVPN_CONFIG, USA.UDP chosen randomly
Starting OpenVPN using config USA.UDP.ovpn
Setting OPENVPN credentials...
adding route to local network 192.168.0.0/16 via 172.19.0.1 dev eth2
Fri Oct 23 19:10:16 2020 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019
Fri Oct 23 19:10:16 2020 library versions: OpenSSL 1.1.1d  10 Sep 2019, LZO 2.10
Fri Oct 23 19:10:16 2020 WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.
Fri Oct 23 19:10:16 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Fri Oct 23 19:10:20 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]181.214.107.31:553
Fri Oct 23 19:10:20 2020 Socket Buffers: R=[163840->163840] S=[163840->163840]
Fri Oct 23 19:10:20 2020 UDP link local: (not bound)
Fri Oct 23 19:10:20 2020 UDP link remote: [AF_INET]181.214.107.31:553
Fri Oct 23 19:10:20 2020 TLS: Initial packet from [AF_INET]181.214.107.31:553, sid=a0a9f5a0 604559fe
Fri Oct 23 19:10:20 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Oct 23 19:10:20 2020 VERIFY OK: depth=1, C=UK, ST=London, L=London, O=Privax Ltd, OU=HMA Pro VPN, CN=hidemyass.com, emailAddress=info@privax.com
Fri Oct 23 19:10:20 2020 VERIFY OK: nsCertType=SERVER
Fri Oct 23 19:10:20 2020 VERIFY OK: depth=0, C=UK, ST=London, L=London, O=Privax Ltd, OU=HMA Pro VPN, CN=server, emailAddress=info@privax.com
Fri Oct 23 19:10:20 2020 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Fri Oct 23 19:10:20 2020 [server] Peer Connection Initiated with [AF_INET]181.214.107.31:553
Fri Oct 23 19:10:21 2020 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Fri Oct 23 19:10:21 2020 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 100.120.72.1,redirect-gateway def1,ping 9,ping-restart 30,explicit-exit-notify 1,sndbuf 196608,rcvbuf 196608,route-gateway 100.120.72.1,topology subnet,redirect-gateway def1,ifconfig-ipv6 2001:db8:123::2/64 2001:db8:123::1,route-ipv6 2000::/3 2001:db8:123::1,explicit-exit-notify 2,compress,ifconfig 100.120.74.22 255.255.252.0,peer-id 23,cipher AES-256-GCM'
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: timers and/or timeouts modified
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: explicit notify parm(s) modified
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: compression parms modified
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Fri Oct 23 19:10:21 2020 Socket Buffers: R=[163840->327680] S=[163840->327680]
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: --ifconfig/up options modified
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: route options modified
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: route-related options modified
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: peer-id set
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: adjusting link_mtu to 1625
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: data channel crypto options modified
Fri Oct 23 19:10:21 2020 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Oct 23 19:10:21 2020 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Oct 23 19:10:21 2020 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Oct 23 19:10:21 2020 ROUTE_GATEWAY 172.19.0.1/255.255.0.0 IFACE=eth2 HWADDR=02:42:ac:13:00:06
Fri Oct 23 19:10:21 2020 GDG6: remote_host_ipv6=n/a
Fri Oct 23 19:10:21 2020 ROUTE6: default_gateway=UNDEF
Fri Oct 23 19:10:21 2020 TUN/TAP device tun0 opened
Fri Oct 23 19:10:21 2020 TUN/TAP TX queue length set to 100
Fri Oct 23 19:10:21 2020 /sbin/ip link set dev tun0 up mtu 1500
Fri Oct 23 19:10:21 2020 /sbin/ip addr add dev tun0 100.120.74.22/22 broadcast 100.120.75.255
Fri Oct 23 19:10:21 2020 /sbin/ip -6 addr add 2001:db8:123::2/64 dev tun0
Fri Oct 23 19:10:21 2020 /etc/openvpn/tunnelUp.sh tun0 1500 1553 100.120.74.22 255.255.252.0 init
Up script executed with tun0 1500 1553 100.120.74.22 255.255.252.0 init
Updating TRANSMISSION_BIND_ADDRESS_IPV4 to the ip of tun0 : 100.120.74.22
Generating transmission settings.json from env variables
sed'ing True to true
Enforcing ownership on transmission config directories
Applying permissions to transmission config directories
Setting owner for transmission paths to 1000:
Setting permission for files (644) and directories (755)
Setting permission for watch directory (775) and its files (664)

-------------------------------------
Transmission will run as
-------------------------------------
User name:   abc
User uid:    1000
User gid:    1001
-------------------------------------

STARTING TRANSMISSION
NO PORT UPDATER FOR THIS PROVIDER
Transmission startup script complete.
Fri Oct 23 19:10:22 2020 /sbin/ip route add 181.214.107.31/32 via 172.19.0.1
Fri Oct 23 19:10:22 2020 /sbin/ip route add 0.0.0.0/1 via 100.120.72.1
Fri Oct 23 19:10:22 2020 /sbin/ip route add 128.0.0.0/1 via 100.120.72.1
Fri Oct 23 19:10:22 2020 add_route_ipv6(2000::/3 -> 2001:db8:123::1 metric 1) dev tun0
Fri Oct 23 19:10:22 2020 /sbin/ip -6 route add 2000::/3 dev tun0 metric 1
Fri Oct 23 19:10:22 2020 Initialization Sequence Completed

pi@manager2:/mnt/config/compose_files $ docker exec -it transmission_transmissionopenvpn.1.dlb4msi6r1ls8naglzmv0pw4i /bin/bash

root@805c6e27540f:/# ip r

0.0.0.0/1 via 100.120.72.1 dev tun0
default via 172.19.0.1 dev eth2
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.216
10.0.29.0/24 dev eth1 proto kernel scope link src 10.0.29.3
100.120.72.0/22 dev tun0 proto kernel scope link src 100.120.74.22
128.0.0.0/1 via 100.120.72.1 dev tun0
172.19.0.0/16 dev eth2 proto kernel scope link src 172.19.0.6
181.214.107.31 via 172.19.0.1 dev eth2
192.168.0.0/16 via 172.19.0.1 dev eth2

root@805c6e27540f:/# ping google.com

PING google.com(ord36s01-in-x0e.1e100.net (2607:f8b0:4009:80c::200e)) 56 data bytes
^C
--- google.com ping statistics ---
15 packets transmitted, 0 received, 100% packet loss, time 570ms

root@805c6e27540f:/# netstat -an

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 0.0.0.0:9091            0.0.0.0:*               LISTEN
tcp        0      0 127.0.0.11:39529        0.0.0.0:*               LISTEN
tcp        0      0 100.120.74.22:51413     0.0.0.0:*               LISTEN
tcp6       0      0 :::51413                :::*                    LISTEN
udp        0      0 127.0.0.11:34876        0.0.0.0:*
udp        0      0 100.120.74.22:51413     0.0.0.0:*
udp        0      0 0.0.0.0:45939           0.0.0.0:*
udp6       0      0 2001:db8:123::2:51413   :::*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags       Type       State         I-Node   Path

root@805c6e27540f:/# ifconfig

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450
        inet 10.0.0.216  netmask 255.255.255.0  broadcast 10.0.0.255
        inet6 fe80::42:aff:fe00:d8  prefixlen 64  scopeid 0x20<link>
        ether 02:42:0a:00:00:d8  txqueuelen 0  (Ethernet)
        RX packets 1  bytes 74 (74.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 16  bytes 1624 (1.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450
        inet 10.0.29.3  netmask 255.255.255.0  broadcast 10.0.29.255
        inet6 fe80::42:aff:fe00:1d03  prefixlen 64  scopeid 0x20<link>
        ether 02:42:0a:00:1d:03  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 16  bytes 1624 (1.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.19.0.6  netmask 255.255.0.0  broadcast 172.19.255.255
        inet6 fe80::42:acff:fe13:6  prefixlen 64  scopeid 0x20<link>
        ether 02:42:ac:13:00:06  txqueuelen 0  (Ethernet)
        RX packets 130  bytes 19795 (19.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 129  bytes 16371 (15.9 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 24  bytes 2133 (2.0 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 24  bytes 2133 (2.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 100.120.74.22  netmask 255.255.252.0  destination 100.120.74.22
        inet6 fe80::3894:6bd9:a546:f2f6  prefixlen 64  scopeid 0x20<link>
        inet6 2001:db8:123::2  prefixlen 64  scopeid 0x0<global>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 100  (UNSPEC)
        RX packets 1  bytes 114 (114.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 31  bytes 2730 (2.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

pi@manager2:/mnt/config/compose_files $ docker service ls

ID             NAME                               MODE         REPLICAS               IMAGE                                             PORTS
8iwoh1zi9nrz   transmission_transmissionopenvpn   replicated   0/1                    haugene/transmission-openvpn:latest-armhf         *:8888->8888/tcp, *:9091->9091/tcp

pi@manager2:/mnt/config/compose_files $ docker service ps transmission_transmissionopenvpn

ID             NAME                                 IMAGE                                       NODE       DESIRED STATE   CURRENT STATE            ERROR     PORTS
dlb4msi6r1ls   transmission_transmissionopenvpn.1   haugene/transmission-openvpn:latest-armhf   manager2   Running         Starting 5 minutes ago

pi@manager2:/mnt/config/compose_files $ docker logs transmission_transmissionopenvpn.1.dlb4msi6r1ls8naglzmv0pw4i

Using OpenVPN provider: HIDEMYASS
3 servers found in OPENVPN_CONFIG, USA.UDP chosen randomly
Starting OpenVPN using config USA.UDP.ovpn
Setting OPENVPN credentials...
adding route to local network 192.168.0.0/16 via 172.19.0.1 dev eth2
Fri Oct 23 19:10:16 2020 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019
Fri Oct 23 19:10:16 2020 library versions: OpenSSL 1.1.1d  10 Sep 2019, LZO 2.10
Fri Oct 23 19:10:16 2020 WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.
Fri Oct 23 19:10:16 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Fri Oct 23 19:10:20 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]181.214.107.31:553
Fri Oct 23 19:10:20 2020 Socket Buffers: R=[163840->163840] S=[163840->163840]
Fri Oct 23 19:10:20 2020 UDP link local: (not bound)
Fri Oct 23 19:10:20 2020 UDP link remote: [AF_INET]181.214.107.31:553
Fri Oct 23 19:10:20 2020 TLS: Initial packet from [AF_INET]181.214.107.31:553, sid=a0a9f5a0 604559fe
Fri Oct 23 19:10:20 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Oct 23 19:10:20 2020 VERIFY OK: depth=1, C=UK, ST=London, L=London, O=Privax Ltd, OU=HMA Pro VPN, CN=hidemyass.com, emailAddress=info@privax.com
Fri Oct 23 19:10:20 2020 VERIFY OK: nsCertType=SERVER
Fri Oct 23 19:10:20 2020 VERIFY OK: depth=0, C=UK, ST=London, L=London, O=Privax Ltd, OU=HMA Pro VPN, CN=server, emailAddress=info@privax.com
Fri Oct 23 19:10:20 2020 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Fri Oct 23 19:10:20 2020 [server] Peer Connection Initiated with [AF_INET]181.214.107.31:553
Fri Oct 23 19:10:21 2020 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Fri Oct 23 19:10:21 2020 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 100.120.72.1,redirect-gateway def1,ping 9,ping-restart 30,explicit-exit-notify 1,sndbuf 196608,rcvbuf 196608,route-gateway 100.120.72.1,topology subnet,redirect-gateway def1,ifconfig-ipv6 2001:db8:123::2/64 2001:db8:123::1,route-ipv6 2000::/3 2001:db8:123::1,explicit-exit-notify 2,compress,ifconfig 100.120.74.22 255.255.252.0,peer-id 23,cipher AES-256-GCM'
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: timers and/or timeouts modified
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: explicit notify parm(s) modified
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: compression parms modified
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Fri Oct 23 19:10:21 2020 Socket Buffers: R=[163840->327680] S=[163840->327680]
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: --ifconfig/up options modified
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: route options modified
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: route-related options modified
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: peer-id set
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: adjusting link_mtu to 1625
Fri Oct 23 19:10:21 2020 OPTIONS IMPORT: data channel crypto options modified
Fri Oct 23 19:10:21 2020 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Oct 23 19:10:21 2020 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Oct 23 19:10:21 2020 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Oct 23 19:10:21 2020 ROUTE_GATEWAY 172.19.0.1/255.255.0.0 IFACE=eth2 HWADDR=02:42:ac:13:00:06
Fri Oct 23 19:10:21 2020 GDG6: remote_host_ipv6=n/a
Fri Oct 23 19:10:21 2020 ROUTE6: default_gateway=UNDEF
Fri Oct 23 19:10:21 2020 TUN/TAP device tun0 opened
Fri Oct 23 19:10:21 2020 TUN/TAP TX queue length set to 100
Fri Oct 23 19:10:21 2020 /sbin/ip link set dev tun0 up mtu 1500
Fri Oct 23 19:10:21 2020 /sbin/ip addr add dev tun0 100.120.74.22/22 broadcast 100.120.75.255
Fri Oct 23 19:10:21 2020 /sbin/ip -6 addr add 2001:db8:123::2/64 dev tun0
Fri Oct 23 19:10:21 2020 /etc/openvpn/tunnelUp.sh tun0 1500 1553 100.120.74.22 255.255.252.0 init
Up script executed with tun0 1500 1553 100.120.74.22 255.255.252.0 init
Updating TRANSMISSION_BIND_ADDRESS_IPV4 to the ip of tun0 : 100.120.74.22
Generating transmission settings.json from env variables
sed'ing True to true
Enforcing ownership on transmission config directories
Applying permissions to transmission config directories
Setting owner for transmission paths to 1000:
Setting permission for files (644) and directories (755)
Setting permission for watch directory (775) and its files (664)

-------------------------------------
Transmission will run as
-------------------------------------
User name:   abc
User uid:    1000
User gid:    1001
-------------------------------------

STARTING TRANSMISSION
NO PORT UPDATER FOR THIS PROVIDER
Transmission startup script complete.
Fri Oct 23 19:10:22 2020 /sbin/ip route add 181.214.107.31/32 via 172.19.0.1
Fri Oct 23 19:10:22 2020 /sbin/ip route add 0.0.0.0/1 via 100.120.72.1
Fri Oct 23 19:10:22 2020 /sbin/ip route add 128.0.0.0/1 via 100.120.72.1
Fri Oct 23 19:10:22 2020 add_route_ipv6(2000::/3 -> 2001:db8:123::1 metric 1) dev tun0
Fri Oct 23 19:10:22 2020 /sbin/ip -6 route add 2000::/3 dev tun0 metric 1
Fri Oct 23 19:10:22 2020 Initialization Sequence Completed
Fri Oct 23 19:15:35 2020 event_wait : Interrupted system call (code=4)
Fri Oct 23 19:15:35 2020 SIGUSR1[hard,] received, process restarting
Fri Oct 23 19:15:35 2020 Restart pause, 5 second(s)
Fri Oct 23 19:15:40 2020 WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.
Fri Oct 23 19:15:40 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Fri Oct 23 19:15:44 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]181.214.102.159:553
Fri Oct 23 19:15:44 2020 Socket Buffers: R=[163840->327680] S=[163840->327680]
Fri Oct 23 19:15:44 2020 UDP link local: (not bound)
Fri Oct 23 19:15:44 2020 UDP link remote: [AF_INET]181.214.102.159:553
Fri Oct 23 19:15:44 2020 TLS: Initial packet from [AF_INET]181.214.102.159:553, sid=9a036d6a aaf0b627
Fri Oct 23 19:15:44 2020 VERIFY OK: depth=1, C=UK, ST=London, L=London, O=Privax Ltd, OU=HMA Pro VPN, CN=hidemyass.com, emailAddress=info@privax.com
Fri Oct 23 19:15:44 2020 VERIFY OK: nsCertType=SERVER
Fri Oct 23 19:15:44 2020 VERIFY OK: depth=0, C=UK, ST=London, L=London, O=Privax Ltd, OU=HMA Pro VPN, CN=server, emailAddress=info@privax.com
Fri Oct 23 19:15:44 2020 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Fri Oct 23 19:15:44 2020 [server] Peer Connection Initiated with [AF_INET]181.214.102.159:553
Fri Oct 23 19:15:45 2020 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Fri Oct 23 19:15:45 2020 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 100.120.44.1,redirect-gateway def1,ping 9,ping-restart 30,explicit-exit-notify 1,sndbuf 196608,rcvbuf 196608,route-gateway 100.120.44.1,topology subnet,redirect-gateway def1,ifconfig-ipv6 2001:db8:123::2/64 2001:db8:123::1,route-ipv6 2000::/3 2001:db8:123::1,explicit-exit-notify 2,compress,ifconfig 100.120.45.194 255.255.252.0,peer-id 19,cipher AES-256-GCM'
Fri Oct 23 19:15:45 2020 OPTIONS IMPORT: timers and/or timeouts modified
Fri Oct 23 19:15:45 2020 OPTIONS IMPORT: explicit notify parm(s) modified
Fri Oct 23 19:15:45 2020 OPTIONS IMPORT: compression parms modified
Fri Oct 23 19:15:45 2020 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Fri Oct 23 19:15:45 2020 Socket Buffers: R=[327680->327680] S=[327680->327680]
Fri Oct 23 19:15:45 2020 OPTIONS IMPORT: --ifconfig/up options modified
Fri Oct 23 19:15:45 2020 OPTIONS IMPORT: route options modified
Fri Oct 23 19:15:45 2020 OPTIONS IMPORT: route-related options modified
Fri Oct 23 19:15:45 2020 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Oct 23 19:15:45 2020 OPTIONS IMPORT: peer-id set
Fri Oct 23 19:15:45 2020 OPTIONS IMPORT: adjusting link_mtu to 1625
Fri Oct 23 19:15:45 2020 OPTIONS IMPORT: data channel crypto options modified
Fri Oct 23 19:15:45 2020 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Oct 23 19:15:45 2020 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Oct 23 19:15:45 2020 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Oct 23 19:15:45 2020 Preserving previous TUN/TAP instance: tun0
Fri Oct 23 19:15:45 2020 NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP device.
Fri Oct 23 19:15:45 2020 /sbin/ip route del 181.214.107.31/32
Fri Oct 23 19:15:45 2020 /sbin/ip route del 0.0.0.0/1
RTNETLINK answers: No such process
Fri Oct 23 19:15:45 2020 ERROR: Linux route delete command failed: external program exited with error status: 2
Fri Oct 23 19:15:45 2020 /sbin/ip route del 128.0.0.0/1
RTNETLINK answers: No such process
Fri Oct 23 19:15:45 2020 ERROR: Linux route delete command failed: external program exited with error status: 2
Fri Oct 23 19:15:45 2020 delete_route_ipv6(2000::/3)
Fri Oct 23 19:15:45 2020 /sbin/ip -6 route del 2000::/3 dev tun0
RTNETLINK answers: No such process
Fri Oct 23 19:15:45 2020 ERROR: Linux route -6/-A inet6 del command failed: external program exited with error status: 2
Fri Oct 23 19:15:45 2020 Closing TUN/TAP interface
Fri Oct 23 19:15:45 2020 /sbin/ip addr del dev tun0 100.120.74.22/22
Fri Oct 23 19:15:45 2020 /sbin/ip -6 addr del 2001:db8:123::2/64 dev tun0
RTNETLINK answers: Cannot assign requested address
Fri Oct 23 19:15:45 2020 Linux ip -6 addr del failed: external program exited with error status: 2
Fri Oct 23 19:15:45 2020 /etc/openvpn/tunnelDown.sh tun0 1500 1553 100.120.74.22 255.255.252.0 init
Fri Oct 23 19:15:46 2020 ROUTE_GATEWAY 172.19.0.1/255.255.0.0 IFACE=eth2 HWADDR=02:42:ac:13:00:06
Fri Oct 23 19:15:46 2020 GDG6: remote_host_ipv6=n/a
Fri Oct 23 19:15:46 2020 ROUTE6: default_gateway=UNDEF
Fri Oct 23 19:15:46 2020 TUN/TAP device tun0 opened
Fri Oct 23 19:15:46 2020 TUN/TAP TX queue length set to 100
Fri Oct 23 19:15:46 2020 /sbin/ip link set dev tun0 up mtu 1500
Fri Oct 23 19:15:46 2020 /sbin/ip addr add dev tun0 100.120.45.194/22 broadcast 100.120.47.255
Fri Oct 23 19:15:46 2020 /sbin/ip -6 addr add 2001:db8:123::2/64 dev tun0
Fri Oct 23 19:15:46 2020 /etc/openvpn/tunnelUp.sh tun0 1500 1553 100.120.45.194 255.255.252.0 init
Up script executed with tun0 1500 1553 100.120.45.194 255.255.252.0 init
Updating TRANSMISSION_BIND_ADDRESS_IPV4 to the ip of tun0 : 100.120.45.194
Generating transmission settings.json from env variables
sed'ing True to true
Enforcing ownership on transmission config directories
Applying permissions to transmission config directories
Setting owner for transmission paths to 1000:
Setting permission for files (644) and directories (755)
Setting permission for watch directory (775) and its files (664)

-------------------------------------
Transmission will run as
-------------------------------------
User name:   abc
User uid:    1000
User gid:    1001
-------------------------------------

STARTING TRANSMISSION
NO PORT UPDATER FOR THIS PROVIDER
Transmission startup script complete.
Fri Oct 23 19:15:46 2020 /sbin/ip route add 181.214.102.159/32 via 172.19.0.1
Fri Oct 23 19:15:47 2020 /sbin/ip route add 0.0.0.0/1 via 100.120.44.1
Fri Oct 23 19:15:47 2020 /sbin/ip route add 128.0.0.0/1 via 100.120.44.1
Fri Oct 23 19:15:47 2020 add_route_ipv6(2000::/3 -> 2001:db8:123::1 metric 1) dev tun0
Fri Oct 23 19:15:47 2020 /sbin/ip -6 route add 2000::/3 dev tun0 metric 1
Fri Oct 23 19:15:47 2020 Initialization Sequence Completed

`

Host system:
Raspberry Pi

pi@manager2:/mnt/config/compose_files $ uname -a
Linux manager2 4.19.118-v7l+ #1311 SMP Mon Apr 27 14:26:42 BST 2020 armv7l GNU/Linux
pi@manager2:/mnt/config/compose_files $ docker version

Client: Docker Engine - Community
 Version:           20.10.0-beta1
 API version:       1.41
 Go version:        go1.13.15
 Git commit:        ac365d7
 Built:             Tue Oct 13 18:22:54 2020
 OS/Arch:           linux/arm
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.0-beta1
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.13.15
  Git commit:       9c15e82
  Built:            Tue Oct 13 18:15:46 2020
  OS/Arch:          linux/arm
  Experimental:     false
 containerd:
  Version:          1.4.1
  GitCommit:        c623d1b36f09f8ef6536a057bd658b3aa8632828
 runc:
  Version:          1.0.0-rc92
  GitCommit:        ff819c7e9184c13b7c2607fe6c30ae19403a7aff
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0
@gitdeath
Copy link
Author

gitdeath commented Oct 24, 2020
edited
Loading

Using this because otherwise the container crashes.

    sysctls:
      - net.ipv6.conf.all.disable_ipv6=0

Disabling ipv6 does this:


    sysctls:
      - net.ipv6.conf.all.disable_ipv6=1



Using OpenVPN provider: HIDEMYASS
3 servers found in OPENVPN_CONFIG, USA.Illinois.Chicago.UDP chosen randomly
Starting OpenVPN using config USA.Illinois.Chicago.UDP.ovpn
Setting OPENVPN credentials...
adding route to local network 192.168.0.0/16 via 172.19.0.1 dev eth2
Fri Oct 23 20:20:58 2020 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019
Fri Oct 23 20:20:58 2020 library versions: OpenSSL 1.1.1d  10 Sep 2019, LZO 2.10
Fri Oct 23 20:20:58 2020 WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.
Fri Oct 23 20:20:58 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Fri Oct 23 20:20:58 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]181.214.107.47:553
Fri Oct 23 20:20:58 2020 Socket Buffers: R=[163840->163840] S=[163840->163840]
Fri Oct 23 20:20:58 2020 UDP link local: (not bound)
Fri Oct 23 20:20:58 2020 UDP link remote: [AF_INET]181.214.107.47:553
Fri Oct 23 20:20:58 2020 TLS: Initial packet from [AF_INET]181.214.107.47:553, sid=dc97569e a6e5395e
Fri Oct 23 20:20:58 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Oct 23 20:20:58 2020 VERIFY OK: depth=1, C=UK, ST=London, L=London, O=Privax Ltd, OU=HMA Pro VPN, CN=hidemyass.com, emailAddress=info@privax.com
Fri Oct 23 20:20:58 2020 VERIFY OK: nsCertType=SERVER
Fri Oct 23 20:20:58 2020 VERIFY OK: depth=0, C=UK, ST=London, L=London, O=Privax Ltd, OU=HMA Pro VPN, CN=server, emailAddress=info@privax.com
Fri Oct 23 20:20:58 2020 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Fri Oct 23 20:20:58 2020 [server] Peer Connection Initiated with [AF_INET]181.214.107.47:553
Fri Oct 23 20:20:59 2020 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Fri Oct 23 20:20:59 2020 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 100.120.40.1,redirect-gateway def1,ping 9,ping-restart 30,explicit-exit-notify 1,sndbuf 196608,rcvbuf 196608,route-gateway 100.120.40.1,topology subnet,redirect-gateway def1,ifconfig-ipv6 2001:db8:123::2/64 2001:db8:123::1,route-ipv6 2000::/3 2001:db8:123::1,explicit-exit-notify 2,compress,ifconfig 100.120.42.122 255.255.252.0,peer-id 20,cipher AES-256-GCM'
Fri Oct 23 20:20:59 2020 OPTIONS IMPORT: timers and/or timeouts modified
Fri Oct 23 20:20:59 2020 OPTIONS IMPORT: explicit notify parm(s) modified
Fri Oct 23 20:20:59 2020 OPTIONS IMPORT: compression parms modified
Fri Oct 23 20:20:59 2020 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Fri Oct 23 20:20:59 2020 Socket Buffers: R=[163840->327680] S=[163840->327680]
Fri Oct 23 20:20:59 2020 OPTIONS IMPORT: --ifconfig/up options modified
Fri Oct 23 20:20:59 2020 OPTIONS IMPORT: route options modified
Fri Oct 23 20:20:59 2020 OPTIONS IMPORT: route-related options modified
Fri Oct 23 20:20:59 2020 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Oct 23 20:20:59 2020 OPTIONS IMPORT: peer-id set
Fri Oct 23 20:20:59 2020 OPTIONS IMPORT: adjusting link_mtu to 1625
Fri Oct 23 20:20:59 2020 OPTIONS IMPORT: data channel crypto options modified
Fri Oct 23 20:20:59 2020 Data Channel: using negotiated cipher 'AES-256-GCM'
Fri Oct 23 20:20:59 2020 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Oct 23 20:20:59 2020 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Fri Oct 23 20:20:59 2020 ROUTE_GATEWAY 172.19.0.1/255.255.0.0 IFACE=eth2 HWADDR=02:42:ac:13:00:06
Fri Oct 23 20:20:59 2020 GDG6: remote_host_ipv6=n/a
Fri Oct 23 20:20:59 2020 ROUTE6: default_gateway=UNDEF
Fri Oct 23 20:20:59 2020 TUN/TAP device tun0 opened
Fri Oct 23 20:20:59 2020 TUN/TAP TX queue length set to 100
Fri Oct 23 20:20:59 2020 /sbin/ip link set dev tun0 up mtu 1500
Fri Oct 23 20:20:59 2020 /sbin/ip addr add dev tun0 100.120.42.122/22 broadcast 100.120.43.255
Fri Oct 23 20:20:59 2020 /sbin/ip -6 addr add 2001:db8:123::2/64 dev tun0
RTNETLINK answers: Permission denied
Fri Oct 23 20:20:59 2020 Linux ip -6 addr add failed: external program exited with error status: 2
Fri Oct 23 20:20:59 2020 Exiting due to fatal error

Realizing now that it is resolving google.com as an IPv6 address. Which it can't reach and that the healthcheck.sh (which appears to be pinging google.com) is likely the reason it is still "starting".

PING google.com(ord36s01-in-x0e.1e100.net (2607:f8b0:4009:80c::200e)) 56 data bytes
^C
--- google.com ping statistics ---
15 packets transmitted, 0 received, 100% packet loss, time 570ms

Installed MTR in the container.
8.8.8.8 is in fact using the tunnel and responding to packets.
Google.com is resolving as IPv6 and not going anywhere.

@gitdeath
Copy link
Author

This is the fix. The problem is not all VPN providers support IPV6.

You can change this by editing the precedence blocks in /etc/gai.conf (gai stands for getaddrinfo, the standard system call for resolving host names). Just comment out the line as described in the file:

# For sites which prefer IPv4 connections change the last line to

#precedence ::ffff:0:0/96 100

A detailed explanation on gai.conf can be found in the man page.

Source: https://askubuntu.com/questions/32298/prefer-a-ipv4-dns-lookups-before-aaaaipv6-lookups

@gitdeath gitdeath mentioned this issue Oct 24, 2020
Closed
@xoverride xoverride mentioned this issue Nov 5, 2020
Closed
@stale
Copy link

stale bot commented Dec 23, 2020

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.

@stale stale bot added the inactivity Used by Stale bot to mark issues that will be closed label Dec 23, 2020
@stale
Copy link

stale bot commented Dec 30, 2020

Feel free to re-open this issue if you think it deserves another look.

@stale stale bot closed this as completed Dec 30, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
inactivity Used by Stale bot to mark issues that will be closed
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update healthcheck.sh
1 participant
@gitdeath