Bug: VPN Server doesn't try next in list if connection fails

[warrentc3]

Is this urgent?

No

Host OS

Debian Buster

CPU arch

x86_64

VPN service provider

ProtonVPN

What are you using to run the container

docker run

What is the version of Gluetun

3.34.3

What's the problem 🤔

When a node goes down for maintenance, gluetun doesn't attempt to connect to another node... it just continuously restarts connecting to the same downed node.

Share your logs

2023-06-09T15:20:34.417865574Z 2023-06-09T11:20:34-04:00 INFO [openvpn] [node-us-59.protonvpn.net] Peer Connection Initiated with [AF_INET]89.187.171.239:4569
2023-06-09T15:20:40.493263765Z 2023-06-09T11:20:40-04:00 ERROR [openvpn] AUTH: Received control message: AUTH_FAILED
2023-06-09T15:20:40.493658572Z 
2023-06-09T15:20:40.493696352Z Your credentials might be wrong 🤨
2023-06-09T15:20:40.493730322Z 
2023-06-09T15:20:40.493756112Z 
2023-06-09T15:20:40.493779152Z 2023-06-09T11:20:40-04:00 INFO [openvpn] SIGUSR1[soft,auth-failure] received, process restarting
2023-06-09T15:20:45.170499313Z 2023-06-09T11:20:45-04:00 INFO [healthcheck] program has been unhealthy for 26s: restarting VPN (see https://github.com/qdm12/gluetun/wiki/Healthcheck)
2023-06-09T15:20:45.170900221Z 2023-06-09T11:20:45-04:00 INFO [vpn] stopping
2023-06-09T15:20:45.170960931Z 2023-06-09T11:20:45-04:00 INFO [vpn] starting

Share your configuration

sudo docker run -d --name gluetun --restart unless-stopped --network gluetun_network --device /dev/net/tun:/dev/net/tun -p 8888:8888/tcp -p 8080:8080 --cap-add NET_ADMIN --cap-add NET_RAW --dns=x -e TZ=America/New_York  \
-e OPENVPN_PROCESS_USER=user ${OPENVPN_PROCESS_USER} -e OPENVPN_VERBOSITY=2 -e OPENVPN_USER=" +f2" -e OPENVPN_PASSWORD=" " -e OPENVPN_VERSION=2.5 \
-e VPN_SERVICE_PROVIDER=protonvpn -e VPN_ENDPOINT_PORT=4569 -e SERVER_HOSTNAMES="node-us-121.protonvpn.net,node-us-69.protonvpn.net,node-us-59.protonvpn.net"  \
-e DNS_KEEP_NAMESERVER=off -e DOT=off -e DNS_ADDRESS=  \
-e HTTPPROXY=on -e HTTPPROXY_LOG=on -e HTTPPROXY_STEALTH=on  \
-e FIREWALL=on -e FIREWALL_OUTBOUND_SUBNETS=x/24 -e FIREWALL_DEBUG=off \
qmcgaw/gluetun:v3.34

[warrentc3]

Seems like this behavior is undesirable...
[openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]89.187.170.135:4569

[qdm12]

TCP/UDP: Preserving recently used remote address: [AF_INET]89.187.170.135:4569

Is that after an openvpn full restart?

Can you share more logs? As far as I know it's working fine, although note it picks a server at random from the filtered servers so it can happen it repicks the same one at random.

[warrentc3]

It appears that it happened to randomly pick the same one 30 times in a row... it eventually connected to a different node, which about an hour after that, the maintenance for the downed node had completed.

I also attempted to use my own custom configuration where the servers and ports were defined... but gluetun seemed to want to not let me do any thinking and didn't like me using different servers and especially different ports.

ProtonVPN supports connectivity on 1194,4569,5060,51820.

I restarted the container at least a half dozen times to encourage it to pick a different server...

[warrentc3]

And now Proton has added more capacity, but i can't use the specified servernames....

ERROR VPN settings: provider settings: server selection: the hostname specified is not valid: value is not one of the possible choices:

UPDATER_PERIOD=0 seems to have zero effect as well... so the json I've updated just gets overridden.

[warrentc3]

Why does it force a merge?

merging by most recent 17678 hardcoded servers and 7 servers read from /gluetun/servers.json