Bug: vpn constantly restarts due to being unhealthy

[r3ps4J]

Is this urgent?

None

Host OS

Debian 12 Bookworm

CPU arch

aarch64

VPN service provider

PureVPN

What are you using to run the container

docker-compose

What is the version of Gluetun

Running version latest built on 2024-03-07T12:32:25.391Z (commit 3254fc8)

What's the problem 🤔

My gluetun container started constantly restarting the vpn. I understand this is the "auto-healing" mechanism, but I can't figure out what causes it. Especially since I haven't changed anything in my gluetun configuration. Unsure if it's actually a bug or just a user error, but any help would be appreciated.

I checked the healthcheck page as well, so find my answers for each step below:

1. The VPN server IP address you are trying to connect to is no longer valid 🔌 Update your server information
   It should be correct, but just in case I also tried a manual configuration downloaded from PureVPN's dashboard with the latest IP which resulted in the same problem.
2. The VPN server crashed 💥, try changing your VPN servers filtering options such as SERVER_REGIONS
   I removed the countries filter altogether, but no luck.
3. Your host firewall is blocking outbound connections
   I haven't changed my firewall or installed a new one, and it worked before.
4. Your Internet connection is not working 🤯, ensure it works
   It is definitely working outside the gluetun container.
5. Are you using Docker Desktop >= v4.5.1?? Then downgrade back to v4.5.1. See @Miexil's comment.
   Running on Debian 12 Bookworm so not relevant.
6. Something else ➡️ https://github.com/qdm12/gluetun/issues/new/choose
   Here I am lol!

Share your logs (at least 10 lines)

========================================
========================================
=============== gluetun ================
========================================
=========== Made with ❤️ by ============
======= https://github.com/qdm12 =======
========================================
========================================

Running version latest built on 2024-03-07T12:32:25.391Z (commit 3254fc8)

🔧 Need help? https://github.com/qdm12/gluetun/discussions/new
🐛 Bug? https://github.com/qdm12/gluetun/issues/new
✨ New feature? https://github.com/qdm12/gluetun/issues/new
☕ Discussion? https://github.com/qdm12/gluetun/discussions/new
💻 Email? quentin.mcgaw@gmail.com
💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
2024-03-12T20:40:36+01:00 INFO [routing] default route found: interface eth0, gateway 172.21.0.1, assigned IP 172.21.0.3 and family v4
2024-03-12T20:40:36+01:00 INFO [routing] local ethernet link found: eth0
2024-03-12T20:40:36+01:00 INFO [routing] local ipnet found: 172.21.0.0/16
2024-03-12T20:40:36+01:00 INFO [firewall] enabling...
2024-03-12T20:40:36+01:00 DEBUG [firewall] iptables --policy INPUT DROP
2024-03-12T20:40:36+01:00 DEBUG [firewall] iptables --policy OUTPUT DROP
2024-03-12T20:40:36+01:00 DEBUG [firewall] iptables --policy FORWARD DROP
2024-03-12T20:40:36+01:00 DEBUG [firewall] ip6tables-nft --policy INPUT DROP
2024-03-12T20:40:36+01:00 DEBUG [firewall] ip6tables-nft --policy OUTPUT DROP
2024-03-12T20:40:36+01:00 DEBUG [firewall] ip6tables-nft --policy FORWARD DROP
2024-03-12T20:40:36+01:00 DEBUG [firewall] iptables --append INPUT -i lo -j ACCEPT
2024-03-12T20:40:36+01:00 DEBUG [firewall] ip6tables-nft --append INPUT -i lo -j ACCEPT
2024-03-12T20:40:36+01:00 DEBUG [firewall] iptables --append OUTPUT -o lo -j ACCEPT
2024-03-12T20:40:36+01:00 DEBUG [firewall] ip6tables-nft --append OUTPUT -o lo -j ACCEPT
2024-03-12T20:40:36+01:00 DEBUG [firewall] iptables --append OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
2024-03-12T20:40:36+01:00 DEBUG [firewall] ip6tables-nft --append OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
2024-03-12T20:40:36+01:00 DEBUG [firewall] iptables --append INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
2024-03-12T20:40:36+01:00 DEBUG [firewall] ip6tables-nft --append INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
2024-03-12T20:40:36+01:00 DEBUG [firewall] iptables --append OUTPUT -o eth0 -s 172.21.0.3 -d 172.21.0.0/16 -j ACCEPT
2024-03-12T20:40:36+01:00 DEBUG [firewall] ip6tables-nft --append OUTPUT -o eth0 -d ff02::1:ff/104 -j ACCEPT
2024-03-12T20:40:36+01:00 DEBUG [firewall] iptables --append INPUT -i eth0 -d 172.21.0.0/16 -j ACCEPT
2024-03-12T20:40:36+01:00 INFO [firewall] enabled successfully
2024-03-12T20:40:37+01:00 INFO [storage] creating /gluetun/servers.json with 17820 hardcoded servers
2024-03-12T20:40:37+01:00 DEBUG [netlink] IPv6 is not supported after searching 0 routes
2024-03-12T20:40:37+01:00 INFO Alpine version: 3.18.6
2024-03-12T20:40:37+01:00 INFO OpenVPN 2.5 version: 2.5.8
2024-03-12T20:40:37+01:00 INFO OpenVPN 2.6 version: 2.6.8
2024-03-12T20:40:37+01:00 INFO Unbound version: 1.19.1
2024-03-12T20:40:37+01:00 INFO IPtables version: v1.8.9
2024-03-12T20:40:37+01:00 INFO Settings summary:
├── VPN settings:
|   ├── VPN provider settings:
|   |   ├── Name: purevpn
|   |   └── Server selection settings:
|   |       ├── VPN type: openvpn
|   |       └── OpenVPN server selection settings:
|   |           └── Protocol: UDP
|   └── OpenVPN settings:
|       ├── OpenVPN version: 2.5
|       ├── User: [set]
|       ├── Password: [set]
|       ├── Network interface: tun0
|       ├── Run OpenVPN as: root
|       └── Verbosity level: 1
├── DNS settings:
|   ├── Keep existing nameserver(s): no
|   ├── DNS server address to use: 127.0.0.1
|   └── DNS over TLS settings:
|       ├── Enabled: yes
|       ├── Update period: every 24h0m0s
|       ├── Unbound settings:
|       |   ├── Authoritative servers:
|       |   |   └── cloudflare
|       |   ├── Caching: yes
|       |   ├── IPv6: no
|       |   ├── Verbosity level: 1
|       |   ├── Verbosity details level: 0
|       |   ├── Validation log level: 0
|       |   ├── System user: root
|       |   └── Allowed networks:
|       |       ├── 0.0.0.0/0
|       |       └── ::/0
|       └── DNS filtering settings:
|           ├── Block malicious: yes
|           ├── Block ads: no
|           ├── Block surveillance: no
|           └── Blocked IP networks:
|               ├── 127.0.0.1/8
|               ├── 10.0.0.0/8
|               ├── 172.16.0.0/12
|               ├── 192.168.0.0/16
|               ├── 169.254.0.0/16
|               ├── ::1/128
|               ├── fc00::/7
|               ├── fe80::/10
|               ├── ::ffff:127.0.0.1/104
|               ├── ::ffff:10.0.0.0/104
|               ├── ::ffff:169.254.0.0/112
|               ├── ::ffff:172.16.0.0/108
|               └── ::ffff:192.168.0.0/112
├── Firewall settings:
|   ├── Enabled: yes
|   └── Outbound subnets:
|       └── 192.168.178.0/24
├── Log settings:
|   └── Log level: DEBUG
├── Health settings:
|   ├── Server listening address: 127.0.0.1:9999
|   ├── Target address: cloudflare.com:443
|   ├── Duration to wait after success: 5s
|   ├── Read header timeout: 100ms
|   ├── Read timeout: 500ms
|   └── VPN wait durations:
|       ├── Initial duration: 6s
|       └── Additional duration: 5s
├── Shadowsocks server settings:
|   └── Enabled: no
├── HTTP proxy settings:
|   └── Enabled: no
├── Control server settings:
|   ├── Listening address: :8000
|   └── Logging: yes
├── OS Alpine settings:
|   ├── Process UID: 1000
|   ├── Process GID: 1000
|   └── Timezone: europe/amsterdam
├── Public IP settings:
|   ├── Fetching: every 12h0m0s
|   ├── IP file path: /tmp/gluetun/ip
|   └── Public IP data API: ipinfo
└── Version settings:
    └── Enabled: yes
2024-03-12T20:40:37+01:00 INFO [routing] default route found: interface eth0, gateway 172.21.0.1, assigned IP 172.21.0.3 and family v4
2024-03-12T20:40:37+01:00 DEBUG [routing] ip rule add from 172.21.0.3/32 lookup 200 pref 100
2024-03-12T20:40:37+01:00 INFO [routing] adding route for 0.0.0.0/0
2024-03-12T20:40:37+01:00 DEBUG [routing] ip route replace 0.0.0.0/0 via 172.21.0.1 dev eth0 table 200
2024-03-12T20:40:37+01:00 INFO [firewall] setting allowed subnets...
2024-03-12T20:40:37+01:00 DEBUG [firewall] iptables --append OUTPUT -o eth0 -s 172.21.0.3 -d 192.168.178.0/24 -j ACCEPT
2024-03-12T20:40:37+01:00 INFO [routing] default route found: interface eth0, gateway 172.21.0.1, assigned IP 172.21.0.3 and family v4
2024-03-12T20:40:37+01:00 INFO [routing] adding route for 192.168.178.0/24
2024-03-12T20:40:37+01:00 DEBUG [routing] ip route replace 192.168.178.0/24 via 172.21.0.1 dev eth0 table 199
2024-03-12T20:40:37+01:00 DEBUG [routing] ip rule add to 192.168.178.0/24 lookup 199 pref 99
2024-03-12T20:40:37+01:00 DEBUG [routing] ip rule add to 172.21.0.0/16 lookup 254 pref 98
2024-03-12T20:40:37+01:00 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
2024-03-12T20:40:37+01:00 INFO [dns] using plaintext DNS at address 1.1.1.1
2024-03-12T20:40:37+01:00 INFO [http server] http server listening on [::]:8000
2024-03-12T20:40:37+01:00 INFO [healthcheck] listening on 127.0.0.1:9999
2024-03-12T20:40:37+01:00 INFO [firewall] allowing VPN connection...
2024-03-12T20:40:37+01:00 DEBUG [firewall] iptables --append OUTPUT -d 146.70.155.11 -o eth0 -p udp -m udp --dport 53 -j ACCEPT
2024-03-12T20:40:37+01:00 DEBUG [firewall] iptables --append OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:40:37+01:00 DEBUG [firewall] ip6tables-nft --append OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:40:37+01:00 INFO [openvpn] OpenVPN 2.5.8 aarch64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2024-03-12T20:40:37+01:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-03-12T20:40:37+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]146.70.155.11:53
2024-03-12T20:40:37+01:00 INFO [openvpn] UDP link local: (not bound)
2024-03-12T20:40:37+01:00 INFO [openvpn] UDP link remote: [AF_INET]146.70.155.11:53
2024-03-12T20:40:43+01:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN
2024-03-12T20:40:43+01:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-03-12T20:40:43+01:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-03-12T20:40:43+01:00 INFO [vpn] stopping
2024-03-12T20:40:43+01:00 INFO [vpn] starting
2024-03-12T20:40:43+01:00 INFO [firewall] allowing VPN connection...
2024-03-12T20:40:43+01:00 DEBUG [firewall] iptables --delete OUTPUT -d 146.70.155.11 -o eth0 -p udp -m udp --dport 53 -j ACCEPT
2024-03-12T20:40:43+01:00 DEBUG [firewall] iptables --delete OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:40:43+01:00 DEBUG [firewall] ip6tables-nft --delete OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:40:43+01:00 DEBUG [firewall] iptables --append OUTPUT -d 43.250.205.50 -o eth0 -p udp -m udp --dport 53 -j ACCEPT
2024-03-12T20:40:43+01:00 DEBUG [firewall] iptables --append OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:40:43+01:00 DEBUG [firewall] ip6tables-nft --append OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:40:43+01:00 INFO [openvpn] OpenVPN 2.5.8 aarch64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2024-03-12T20:40:43+01:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-03-12T20:40:43+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]43.250.205.50:53
2024-03-12T20:40:43+01:00 INFO [openvpn] UDP link local: (not bound)
2024-03-12T20:40:43+01:00 INFO [openvpn] UDP link remote: [AF_INET]43.250.205.50:53
2024-03-12T20:40:54+01:00 INFO [healthcheck] program has been unhealthy for 11s: restarting VPN
2024-03-12T20:40:54+01:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-03-12T20:40:54+01:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-03-12T20:40:54+01:00 INFO [vpn] stopping
2024-03-12T20:40:54+01:00 INFO [vpn] starting
2024-03-12T20:40:54+01:00 INFO [firewall] allowing VPN connection...
2024-03-12T20:40:54+01:00 DEBUG [firewall] iptables --delete OUTPUT -d 43.250.205.50 -o eth0 -p udp -m udp --dport 53 -j ACCEPT
2024-03-12T20:40:54+01:00 DEBUG [firewall] iptables --delete OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:40:54+01:00 DEBUG [firewall] ip6tables-nft --delete OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:40:54+01:00 DEBUG [firewall] iptables --append OUTPUT -d 138.199.35.38 -o eth0 -p udp -m udp --dport 53 -j ACCEPT
2024-03-12T20:40:54+01:00 DEBUG [firewall] iptables --append OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:40:54+01:00 DEBUG [firewall] ip6tables-nft --append OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:40:55+01:00 INFO [openvpn] OpenVPN 2.5.8 aarch64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2024-03-12T20:40:55+01:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-03-12T20:40:55+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]138.199.35.38:53
2024-03-12T20:40:55+01:00 INFO [openvpn] UDP link local: (not bound)
2024-03-12T20:40:55+01:00 INFO [openvpn] UDP link remote: [AF_INET]138.199.35.38:53
2024-03-12T20:41:11+01:00 INFO [healthcheck] program has been unhealthy for 16s: restarting VPN
2024-03-12T20:41:11+01:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-03-12T20:41:11+01:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-03-12T20:41:11+01:00 INFO [vpn] stopping
2024-03-12T20:41:11+01:00 INFO [vpn] starting
2024-03-12T20:41:11+01:00 INFO [firewall] allowing VPN connection...
2024-03-12T20:41:11+01:00 DEBUG [firewall] iptables --delete OUTPUT -d 138.199.35.38 -o eth0 -p udp -m udp --dport 53 -j ACCEPT
2024-03-12T20:41:12+01:00 DEBUG [firewall] iptables --delete OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:41:12+01:00 DEBUG [firewall] ip6tables-nft --delete OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:41:12+01:00 DEBUG [firewall] iptables --append OUTPUT -d 67.213.219.186 -o eth0 -p udp -m udp --dport 53 -j ACCEPT
2024-03-12T20:41:12+01:00 DEBUG [firewall] iptables --append OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:41:12+01:00 DEBUG [firewall] ip6tables-nft --append OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:41:12+01:00 INFO [openvpn] OpenVPN 2.5.8 aarch64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2024-03-12T20:41:12+01:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-03-12T20:41:12+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]67.213.219.186:53
2024-03-12T20:41:12+01:00 INFO [openvpn] UDP link local: (not bound)
2024-03-12T20:41:12+01:00 INFO [openvpn] UDP link remote: [AF_INET]67.213.219.186:53
2024-03-12T20:41:33+01:00 INFO [healthcheck] program has been unhealthy for 21s: restarting VPN
2024-03-12T20:41:33+01:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-03-12T20:41:33+01:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-03-12T20:41:33+01:00 INFO [vpn] stopping
2024-03-12T20:41:33+01:00 INFO [vpn] starting
2024-03-12T20:41:33+01:00 INFO [firewall] allowing VPN connection...
2024-03-12T20:41:33+01:00 DEBUG [firewall] iptables --delete OUTPUT -d 67.213.219.186 -o eth0 -p udp -m udp --dport 53 -j ACCEPT
2024-03-12T20:41:33+01:00 DEBUG [firewall] iptables --delete OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:41:33+01:00 DEBUG [firewall] ip6tables-nft --delete OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:41:33+01:00 DEBUG [firewall] iptables --append OUTPUT -d 172.111.229.6 -o eth0 -p udp -m udp --dport 53 -j ACCEPT
2024-03-12T20:41:33+01:00 DEBUG [firewall] iptables --append OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:41:33+01:00 DEBUG [firewall] ip6tables-nft --append OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:41:33+01:00 INFO [openvpn] OpenVPN 2.5.8 aarch64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2024-03-12T20:41:33+01:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-03-12T20:41:33+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]172.111.229.6:53
2024-03-12T20:41:33+01:00 INFO [openvpn] UDP link local: (not bound)
2024-03-12T20:41:33+01:00 INFO [openvpn] UDP link remote: [AF_INET]172.111.229.6:53
2024-03-12T20:41:59+01:00 INFO [healthcheck] program has been unhealthy for 26s: restarting VPN
2024-03-12T20:41:59+01:00 INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-03-12T20:41:59+01:00 INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-03-12T20:41:59+01:00 INFO [vpn] stopping
2024-03-12T20:41:59+01:00 INFO [vpn] starting
2024-03-12T20:41:59+01:00 INFO [firewall] allowing VPN connection...
2024-03-12T20:41:59+01:00 DEBUG [firewall] iptables --delete OUTPUT -d 172.111.229.6 -o eth0 -p udp -m udp --dport 53 -j ACCEPT
2024-03-12T20:41:59+01:00 DEBUG [firewall] iptables --delete OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:41:59+01:00 DEBUG [firewall] ip6tables-nft --delete OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:41:59+01:00 DEBUG [firewall] iptables --append OUTPUT -d 104.250.183.4 -o eth0 -p udp -m udp --dport 53 -j ACCEPT
2024-03-12T20:41:59+01:00 DEBUG [firewall] iptables --append OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:41:59+01:00 DEBUG [firewall] ip6tables-nft --append OUTPUT -o tun0 -j ACCEPT
2024-03-12T20:41:59+01:00 INFO [openvpn] OpenVPN 2.5.8 aarch64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2024-03-12T20:41:59+01:00 INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-03-12T20:41:59+01:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]104.250.183.4:53
2024-03-12T20:41:59+01:00 INFO [openvpn] UDP link local: (not bound)
2024-03-12T20:41:59+01:00 INFO [openvpn] UDP link remote: [AF_INET]104.250.183.4:53

Share your configuration

version: "3"
services:
  gluetun:
    image: qmcgaw/gluetun
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    ports:
      #- 8888:8888/tcp # HTTP proxy
      #- 8388:8388/tcp # Shadowsocks
      #- 8388:8388/udp # Shadowsocks

      #- 8080:8080 # qbittorrent
      #- 9091:9091 # transmission
      - 9696:9696 # prowlarr
      - 8191:8191 # flaresolverr
    #volumes:
    #  - ./NL-ovpn-tcp.conf:/gluetun/custom.conf:ro
    environment:
      - LOG_LEVEL=debug
      - VPN_SERVICE_PROVIDER=purevpn
      - VPN_TYPE=openvpn
      #- OPENVPN_CUSTOM_CONFIG=/gluetun/custom.conf
      - OPENVPN_USER=****
      - OPENVPN_PASSWORD=****
      - COUNTRIES=Netherlands
      - TZ=Europe/Amsterdam
      #- HTTPPROXY=on
      #- SHADOWSOCKS=on
      - FIREWALL_OUTBOUND_SUBNETS=192.168.178.0/24
    restart: unless-stopped

[k-matti]

have the same problem, did you find the solution?

[r3ps4J]

No I can't figure it out. My system is just down till there is a fix

[vogtrj]

I'm having the same problem as well, also with openvpn through proton. Had previously worked without issue for at least the past year and stopped working some time around the last week or so. I tried rolling my openvpn credentials to see if I could revive gluetun, but no luck. I'm using a mix of openvpn and wireguard tunnels through proton in other applications and haven't had any problems so I think this is something unique to gluetun.

[misku]

I'd like to report a similar thing.

Host OS
Debian 11.5

CPU arch
x86_64

VPN service provider
Private Internet Access (OpenVPN)

What are you using to run the container
docker-compose

What is the version of Gluetun
qmcgaw/gluetun v3.37.0 07e55b3ee9ba

What's the problem 🤔
The gluetun container alternately succeeds and fails ipinfo health checks:

2024-03-17T22:52:09Z INFO [healthcheck] healthy!
2024-03-17T22:52:20Z ERROR [ip getter] Get "https://ipinfo.io/": dial tcp: lookup ipinfo.io on 127.0.0.1:53: read udp 127.0.0.1:49894->127.0.0.1:53: read: connection refused - retrying in 5s
2024-03-17T22:52:20Z INFO [healthcheck] program has been unhealthy for 6s: restarting VPN
2024-03-17T22:52:20Z INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-03-17T22:52:20Z INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION

VPN is restarted a couple of times and docker image eventually quits with code 137

I've also experienced multiple times:

2024-03-17T22:48:14Z INFO [healthcheck] unhealthy: dialing: dial tcp4: lookup cloudflare.com on 127.0.0.1:53: read udp 127.0.0.1:50308->127.0.0.1:53: read: connection refused

I looked into the healthchecks page which didin't help. I also tried to disable/override the HEALTHCHECK without success. It looks like pings to ipinfo.io are working when the container is running. It would be great if there was a way to disable healthcheck all together (at least for debugging).

Share your logs (at least 10 lines)

========================================
========================================
=============== gluetun ================
========================================
=========== Made with ❤️ by ============
======= https://github.com/qdm12 =======
========================================
========================================

Running version latest built on 2024-03-07T12:32:25.391Z (commit 3254fc8)

🔧 Need help? https://github.com/qdm12/gluetun/discussions/new
🐛 Bug? https://github.com/qdm12/gluetun/issues/new
✨ New feature? https://github.com/qdm12/gluetun/issues/new
☕ Discussion? https://github.com/qdm12/gluetun/discussions/new
💻 Email? quentin.mcgaw@gmail.com
💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
2024-03-17T22:52:08Z INFO [routing] default route found: interface eth0, gateway 172.24.0.1, assigned IP 172.24.0.2 and family v4
2024-03-17T22:52:08Z INFO [routing] local ethernet link found: eth0
2024-03-17T22:52:08Z INFO [routing] local ipnet found: 172.24.0.0/16
2024-03-17T22:52:08Z INFO [firewall] enabling...
2024-03-17T22:52:08Z INFO [firewall] enabled successfully
2024-03-17T22:52:08Z INFO [storage] merging by most recent 17820 hardcoded servers and 17800 servers read from /gluetun/servers.json
2024-03-17T22:52:08Z INFO [storage] Using private internet access servers from file which are 24 days more recent
2024-03-17T22:52:08Z INFO Alpine version: 3.18.6
2024-03-17T22:52:08Z INFO OpenVPN 2.5 version: 2.5.8
2024-03-17T22:52:08Z INFO OpenVPN 2.6 version: 2.6.8
2024-03-17T22:52:08Z INFO Unbound version: 1.19.1
2024-03-17T22:52:08Z INFO IPtables version: v1.8.9
2024-03-17T22:52:08Z INFO Settings summary:
├── VPN settings:
|   ├── VPN provider settings:
|   |   ├── Name: private internet access
|   |   └── Server selection settings:
|   |       ├── VPN type: openvpn
|   |       ├── Regions: netherlands
|   |       └── OpenVPN server selection settings:
|   |           ├── Protocol: UDP
|   |           └── Private Internet Access encryption preset: strong
|   └── OpenVPN settings:
|       ├── OpenVPN version: 2.5
|       ├── User: [set]
|       ├── Password: [set]
|       ├── Private Internet Access encryption preset: strong
|       ├── Network interface: tun0
|       ├── Run OpenVPN as: root
|       └── Verbosity level: 1
├── DNS settings:
|   ├── Keep existing nameserver(s): no
|   ├── DNS server address to use: 127.0.0.1
|   └── DNS over TLS settings:
|       ├── Enabled: yes
|       ├── Update period: every 24h0m0s
|       ├── Unbound settings:
|       |   ├── Authoritative servers:
|       |   |   └── cloudflare
|       |   ├── Caching: yes
|       |   ├── IPv6: no
|       |   ├── Verbosity level: 1
|       |   ├── Verbosity details level: 0
|       |   ├── Validation log level: 0
|       |   ├── System user: root
|       |   └── Allowed networks:
|       |       ├── 0.0.0.0/0
|       |       └── ::/0
|       └── DNS filtering settings:
|           ├── Block malicious: yes
|           ├── Block ads: no
|           ├── Block surveillance: no
|           └── Blocked IP networks:
|               ├── 127.0.0.1/8
|               ├── 10.0.0.0/8
|               ├── 172.16.0.0/12
|               ├── 192.168.0.0/16
|               ├── 169.254.0.0/16
|               ├── ::1/128
|               ├── fc00::/7
|               ├── fe80::/10
|               ├── ::ffff:127.0.0.1/104
|               ├── ::ffff:10.0.0.0/104
|               ├── ::ffff:169.254.0.0/112
|               ├── ::ffff:172.16.0.0/108
|               └── ::ffff:192.168.0.0/112
├── Firewall settings:
|   └── Enabled: yes
├── Log settings:
|   └── Log level: INFO
├── Health settings:
|   ├── Server listening address: 127.0.0.1:9999
|   ├── Target address: cloudflare.com:443
|   ├── Duration to wait after success: 5s
|   ├── Read header timeout: 100ms
|   ├── Read timeout: 500ms
|   └── VPN wait durations:
|       ├── Initial duration: 6s
|       └── Additional duration: 5s
├── Shadowsocks server settings:
|   └── Enabled: no
├── HTTP proxy settings:
|   └── Enabled: no
├── Control server settings:
|   ├── Listening address: :8000
|   └── Logging: yes
├── OS Alpine settings:
|   ├── Process UID: 1000
|   └── Process GID: 1000
├── Public IP settings:
|   ├── Fetching: every 12h0m0s
|   ├── IP file path: /tmp/gluetun/ip
|   └── Public IP data API: ipinfo
└── Version settings:
    └── Enabled: yes
2024-03-17T22:52:08Z INFO [routing] default route found: interface eth0, gateway 172.24.0.1, assigned IP 172.24.0.2 and family v4
2024-03-17T22:52:08Z INFO [routing] adding route for 0.0.0.0/0
2024-03-17T22:52:08Z INFO [firewall] setting allowed subnets...
2024-03-17T22:52:08Z INFO [routing] default route found: interface eth0, gateway 172.24.0.1, assigned IP 172.24.0.2 and family v4
2024-03-17T22:52:08Z INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
2024-03-17T22:52:08Z INFO [dns] using plaintext DNS at address 1.1.1.1
2024-03-17T22:52:08Z INFO [http server] http server listening on [::]:8000
2024-03-17T22:52:08Z INFO [healthcheck] listening on 127.0.0.1:9999
2024-03-17T22:52:08Z INFO [firewall] allowing VPN connection...
2024-03-17T22:52:08Z INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2024-03-17T22:52:08Z INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-03-17T22:52:08Z INFO [openvpn] CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
...
2024-03-17T22:52:08Z INFO [openvpn] -----END X509 CRL-----
2024-03-17T22:52:08Z INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.247.116.33:1197
2024-03-17T22:52:08Z INFO [openvpn] UDP link local: (not bound)
2024-03-17T22:52:08Z INFO [openvpn] UDP link remote: [AF_INET]84.247.116.33:1197
2024-03-17T22:52:08Z WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1569', remote='link-mtu 1554'
2024-03-17T22:52:08Z WARN [openvpn] 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
2024-03-17T22:52:08Z WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2024-03-17T22:52:08Z INFO [openvpn] [amsterdam402] Peer Connection Initiated with [AF_INET]84.247.116.33:1197
2024-03-17T22:52:08Z INFO [openvpn] TUN/TAP device tun0 opened
2024-03-17T22:52:08Z INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-03-17T22:52:08Z INFO [openvpn] /sbin/ip link set dev tun0 up
2024-03-17T22:52:08Z INFO [openvpn] /sbin/ip addr add dev tun0 10.94.110.6/24
2024-03-17T22:52:08Z INFO [openvpn] UID set to nonrootuser
2024-03-17T22:52:08Z INFO [openvpn] Initialization Sequence Completed
2024-03-17T22:52:08Z INFO [dns] downloading DNS over TLS cryptographic files
2024-03-17T22:52:09Z INFO [healthcheck] healthy!
2024-03-17T22:52:09Z INFO [dns] downloading hostnames and IP block lists
2024-03-17T22:52:20Z INFO [healthcheck] program has been unhealthy for 6s: restarting VPN
2024-03-17T22:52:20Z INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-03-17T22:52:20Z INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-03-17T22:52:20Z INFO [vpn] stopping
2024-03-17T22:52:20Z ERROR [vpn] cannot get version information: Get "https://api.github.com/repos/qdm12/gluetun/commits": context canceled
2024-03-17T22:52:20Z ERROR [ip getter] Get "https://ipinfo.io/": dial tcp: lookup ipinfo.io on 127.0.0.1:53: read udp 127.0.0.1:49894->127.0.0.1:53: read: connection refused - retrying in 5s
2024-03-17T22:52:20Z INFO [vpn] starting
2024-03-17T22:52:20Z INFO [firewall] allowing VPN connection...
2024-03-17T22:52:20Z INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2024-03-17T22:52:20Z INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-03-17T22:52:20Z INFO [openvpn] CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
...
2024-03-17T22:52:20Z INFO [openvpn] -----END X509 CRL-----
2024-03-17T22:52:20Z INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.247.116.36:1197
2024-03-17T22:52:20Z INFO [openvpn] UDP link local: (not bound)
2024-03-17T22:52:20Z INFO [openvpn] UDP link remote: [AF_INET]84.247.116.36:1197
2024-03-17T22:52:20Z INFO [dns] falling back on plaintext DNS at address 1.1.1.1
2024-03-17T22:52:20Z WARN [dns] DNS is not working: after 10 tries: lookup github.com on 127.0.0.1:53: read udp 127.0.0.1:37935->127.0.0.1:53: read: connection refused
2024-03-17T22:52:20Z INFO [dns] attempting restart in 10s
2024-03-17T22:52:20Z WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1569', remote='link-mtu 1554'
2024-03-17T22:52:20Z WARN [openvpn] 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
2024-03-17T22:52:20Z WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2024-03-17T22:52:20Z INFO [openvpn] [amsterdam402] Peer Connection Initiated with [AF_INET]84.247.116.36:1197
2024-03-17T22:52:20Z INFO [openvpn] TUN/TAP device tun0 opened
2024-03-17T22:52:20Z INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-03-17T22:52:20Z INFO [openvpn] /sbin/ip link set dev tun0 up
2024-03-17T22:52:20Z INFO [openvpn] /sbin/ip addr add dev tun0 10.97.110.4/24
2024-03-17T22:52:20Z INFO [openvpn] UID set to nonrootuser
2024-03-17T22:52:20Z INFO [openvpn] Initialization Sequence Completed
2024-03-17T22:52:24Z INFO [healthcheck] healthy!
2024-03-17T22:52:25Z INFO [ip getter] Public IP address is 84.247.116.36 (Netherlands, North Holland, Amsterdam)
2024-03-17T22:52:26Z INFO [ip getter] Public IP address is 84.247.116.36 (Netherlands, North Holland, Amsterdam)
2024-03-17T22:52:30Z INFO [dns] downloading DNS over TLS cryptographic files
2024-03-17T22:52:31Z INFO [dns] downloading hostnames and IP block lists
2024-03-17T22:52:40Z INFO [healthcheck] program has been unhealthy for 6s: restarting VPN
2024-03-17T22:52:40Z INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-03-17T22:52:40Z INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-03-17T22:52:40Z INFO [vpn] stopping
2024-03-17T22:52:40Z INFO [vpn] starting
2024-03-17T22:52:40Z INFO [firewall] allowing VPN connection...
2024-03-17T22:52:40Z INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2024-03-17T22:52:40Z INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-03-17T22:52:40Z INFO [openvpn] CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
...
2024-03-17T22:52:40Z INFO [openvpn] -----END X509 CRL-----
2024-03-17T22:52:40Z INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.247.116.27:1197
2024-03-17T22:52:40Z INFO [openvpn] UDP link local: (not bound)
2024-03-17T22:52:40Z INFO [openvpn] UDP link remote: [AF_INET]84.247.116.27:1197
2024-03-17T22:52:41Z WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1569', remote='link-mtu 1554'
2024-03-17T22:52:41Z WARN [openvpn] 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
2024-03-17T22:52:41Z WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2024-03-17T22:52:41Z INFO [openvpn] [amsterdam402] Peer Connection Initiated with [AF_INET]84.247.116.27:1197
2024-03-17T22:52:41Z INFO [openvpn] TUN/TAP device tun0 opened
2024-03-17T22:52:41Z INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-03-17T22:52:41Z INFO [openvpn] /sbin/ip link set dev tun0 up
2024-03-17T22:52:41Z INFO [openvpn] /sbin/ip addr add dev tun0 10.88.110.6/24
2024-03-17T22:52:41Z INFO [openvpn] UID set to nonrootuser
2024-03-17T22:52:41Z INFO [openvpn] Initialization Sequence Completed
2024-03-17T22:52:41Z ERROR [ip getter] Get "https://ipinfo.io/": dial tcp: lookup ipinfo.io on 127.0.0.1:53: read udp 127.0.0.1:34406->127.0.0.1:53: read: connection refused - retrying in 5s
2024-03-17T22:52:42Z INFO [dns] falling back on plaintext DNS at address 1.1.1.1
2024-03-17T22:52:42Z WARN [dns] DNS is not working: after 10 tries: lookup github.com on 127.0.0.1:53: read udp 127.0.0.1:42421->127.0.0.1:53: read: connection refused
2024-03-17T22:52:42Z INFO [dns] attempting restart in 20s
2024-03-17T22:52:45Z INFO [healthcheck] healthy!
2024-03-17T22:52:46Z INFO [ip getter] Public IP address is 84.247.116.27 (Netherlands, North Holland, Amsterdam)
2024-03-17T22:53:02Z INFO [dns] downloading DNS over TLS cryptographic files
2024-03-17T22:53:03Z INFO [dns] downloading hostnames and IP block lists
2024-03-17T22:53:14Z INFO [healthcheck] program has been unhealthy for 6s: restarting VPN
2024-03-17T22:53:14Z INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-03-17T22:53:14Z INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-03-17T22:53:14Z INFO [vpn] stopping
2024-03-17T22:53:14Z INFO [vpn] starting
2024-03-17T22:53:14Z INFO [firewall] allowing VPN connection...
2024-03-17T22:53:14Z INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2024-03-17T22:53:14Z INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-03-17T22:53:14Z INFO [openvpn] CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
...
2024-03-17T22:53:14Z INFO [openvpn] -----END X509 CRL-----
2024-03-17T22:53:14Z INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]84.247.116.33:1197
2024-03-17T22:53:14Z INFO [openvpn] UDP link local: (not bound)
2024-03-17T22:53:14Z INFO [openvpn] UDP link remote: [AF_INET]84.247.116.33:1197
2024-03-17T22:53:14Z WARN [openvpn] 'link-mtu' is used inconsistently, local='link-mtu 1569', remote='link-mtu 1554'
2024-03-17T22:53:14Z WARN [openvpn] 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
2024-03-17T22:53:14Z WARN [openvpn] 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2024-03-17T22:53:14Z INFO [openvpn] [amsterdam402] Peer Connection Initiated with [AF_INET]84.247.116.33:1197
2024-03-17T22:53:14Z INFO [openvpn] TUN/TAP device tun0 opened
2024-03-17T22:53:14Z INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-03-17T22:53:14Z INFO [openvpn] /sbin/ip link set dev tun0 up
2024-03-17T22:53:14Z INFO [openvpn] /sbin/ip addr add dev tun0 10.94.110.6/24
2024-03-17T22:53:14Z ERROR [openvpn] OpenVPN tried to add an IP route which already exists (RTNETLINK answers: File exists)
2024-03-17T22:53:14Z WARN [openvpn] Previous error details: Linux route add command failed: external program exited with error status: 2
2024-03-17T22:53:14Z INFO [openvpn] UID set to nonrootuser
2024-03-17T22:53:14Z INFO [openvpn] Initialization Sequence Completed
2024-03-17T22:53:14Z ERROR [ip getter] Get "https://ipinfo.io/": dial tcp: lookup ipinfo.io on 127.0.0.1:53: read udp 127.0.0.1:59462->127.0.0.1:53: read: connection refused - retrying in 5s
2024-03-17T22:53:14Z INFO [dns] falling back on plaintext DNS at address 1.1.1.1
2024-03-17T22:53:14Z WARN [dns] DNS is not working: after 10 tries: lookup github.com on 127.0.0.1:53: read udp 127.0.0.1:60717->127.0.0.1:53: read: connection refused
2024-03-17T22:53:14Z INFO [dns] attempting restart in 40s
2024-03-17T22:53:15Z INFO [healthcheck] healthy!
2024-03-17T22:53:19Z INFO [ip getter] Public IP address is 84.247.116.33 (Netherlands, North Holland, Amsterdam)
2024-03-17T22:53:54Z INFO [dns] downloading DNS over TLS cryptographic files
2024-03-17T22:53:55Z INFO [dns] downloading hostnames and IP block lists

systemd

...
Mar 17 23:53:54 jdown docker-compose[156491]: gluetun_1  | 2024-03-17T22:53:54Z INFO [dns] downloading DNS over TLS cryptographic files
Mar 17 23:53:55 jdown docker-compose[156491]: gluetun_1  | 2024-03-17T22:53:55Z INFO [dns] downloading hostnames and IP block lists
Mar 17 23:53:58 jdown docker-compose[156491]: pia-nl_gluetun_1 exited with code 137
Mar 17 23:53:58 jdown docker-compose[156491]:
Mar 17 23:53:59 jdown docker-compose[158970]: Removing pia-nl_gluetun_1 ...
Mar 17 23:53:59 jdown docker-compose[158970]: [79B blob data]

Share your configuration

version: "3"
services:
  gluetun:
    image: qmcgaw/gluetun
    cap_add:
      - NET_ADMIN
    volumes:
      - /media/gluetun:/gluetun
    environment:
      - VPN_SERVICE_PROVIDER=private internet access
      - OPENVPN_USER=<user>
      - OPENVPN_PASSWORD=<pass>
      - SERVER_REGIONS=Netherlands

The issue #2027 seems to be related.

[misku]

environment:
  - DOT=off

worked for me. VPN in the container doesn't restart any more and the container itself doesn't exit on its own.

[nomisunrider]

Same problem for me here. I've tried multiple versions and they all result in:

INFO [healthcheck] program has been unhealthy for 26s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)

Has something external used in these healthchecks changed?

[miltykiss]

Confirming that the latest version with this fix fixes this issue for me.

[NebulaBC]

Confirming that the latest version with this fix fixes this issue for me.

I tried this fix (both the :test docker tag and :latest) but it changed absolutely nothing for me. My container is still spam restarting with these exact same errors. Nothing external changed for me, I didn’t even update anything. My whole docker network just came crumbling down one day when my gluetun container started flipping out. I don’t get any network connection at all from my containers, and I’ve verified that it’s not a DOT problem, and I’ve also tried a new VPN config.

Edit: I’ve just switched to linuxserver.io’s wireguard container. I’d recommend the same to anyone else who’s having this problem if they’re willing to read the docs. It works just as well as gluetun. I hate to shill another project in the issues, but for some reason it doesn’t seem to be a priority fixing this.

[r3ps4J]

I tried it on latest as well, problem still occurs.

[rickykresslein]

I downgraded to :v3 and it's working again for me. Obviously not ideal, but it works.
Edit: Never mind, the problem continues.

[vogtrj]

Confirming that the latest version with this fix fixes this issue for me.

I tried this fix (both the :test docker tag and :latest) but it changed absolutely nothing for me. My container is still spam restarting with these exact same errors. Nothing external changed for me, I didn’t even update anything. My whole docker network just came crumbling down one day when my gluetun container started flipping out. I don’t get any network connection at all from my containers, and I’ve verified that it’s not a DOT problem, and I’ve also tried a new VPN config.

Edit: I’ve just switched to linuxserver.io’s wireguard container. I’d recommend the same to anyone else who’s having this problem if they’re willing to read the docs. It works just as well as gluetun. I hate to shill another project in the issues, but for some reason it doesn’t seem to be a priority fixing this.

FWIW, I'm still using gluetun but switched my protocol from OpenVPN to Wireguard and it's been stable ever since. That may be more preferable to most, compared to changing to a totally different container. I'd prefer to use OpenVPN over Wireguard for this application, since I have to specify one specific server to establish the Wireguard tunnel, which may be down or heavily loaded. With OpenVPN I can just specify the VPN server city and get auto-assigned to an available VPN server. For now I'm biding my time on Wireguard and plan to switchback to OpenVPN when this bug is hopefully fixed soon.

[rickykresslein]

@vogtrj I'm using Wireguard and still have the issue. Glad it's working for you though.

[qdm12]

Message for everyone:

I've spent one hour writing an answer to each of your comments, your username is tagged below, please read it. And in general, applicable to all of you:

1. UPDATE YOUR SERVERS DATA. It looks like not many of you (any of you?) did NOT run the command to update it.
2. Please do not jump commenting on the issue unless you have the exact same problem with the same provider at the very least. If it's another provider, open another issue.
3. I do not prioritize similar "unhealthy" issues, see the comment addressed to @NebulaBC below why. This is also now mentioned in the wiki.

---

@r3ps4J

The VPN server IP address you are trying to connect to is no longer valid 🔌 Update your server information

And

[storage] creating /gluetun/servers.json with 17820 hardcoded servers

shows you did not update your servers. This is likely the only problem, update your servers. It's a single command to run, please run it.

---

@vogtrj your provider is different, please create another issue. Also make sure you've updated your servers, as well.

switchback to OpenVPN when this bug is hopefully fixed soon.

Not really a bug, so it won't be fixed. It's a VPN server issue or your servers data is outdated and you can update it.

---

@misku fails ipinfo health checks see the updated healthcheck page. The relevant sentence for this would be All of the above are NOT causes, but **consequences** of the VPN not working..

It would be great if there was a way to disable healthcheck all together (at least for debugging).

No, there would be no point. If network doesn't work for 6 seconds, failing each request sent every second, then it likely won't recover, and it's better to just restart the VPN internally. This was complex and implemented to resolve many problems (years ago) of VPN connection being 'up' but not working. For debugging (although I'm not sure what you can debug, since the VPN connection is dead anyway), you can change the VPN auto healing parameters, again, read the healthcheck page mentioned above.

Your issue might be different (on top of being PIA instead of PureVPN). Please create a separate issue if you want to continue discussing your problem. But from a quick look, it may be related to the DNS over TLS setup downloading files

2024-03-17T22:52:45Z INFO [healthcheck] healthy!
2024-03-17T22:52:46Z INFO [ip getter] Public IP address is 84.247.116.27 (Netherlands, North Holland, Amsterdam)
2024-03-17T22:53:02Z INFO [dns] downloading DNS over TLS cryptographic files
2024-03-17T22:53:03Z INFO [dns] downloading hostnames and IP block lists
2024-03-17T22:53:14Z INFO [healthcheck] program has been unhealthy for 6s: restarting VPN

It seems to go unhealthy after or while downloading files downloading hostnames and IP block lists which are a few megabytes, and the download of block files doesn't seem to complete (or unbound would be launched). It looks like the VPN connection works until you try to download a few megabytes and then it fails, that's probably a VPN server limitation, not something to do with Gluetun. Anyway, it looks like DOT=off solved it for you (at your own risk 😄), I'm marking your comments as off-topic.

---

@nomisunrider

Has something external used in these healthchecks changed?

No. Update your servers data.

---

@NebulaBC

for some reason it doesn’t seem to be a priority fixing this.

The reasons are:

• this kind of issue is 90% of the cases due to outdated VPN server IP addresses or the VPN server misbehaving. In both cases, I cannot do anything about it.
• this kind of issue is opened by someone every week at least, and it's getting very repetitive. I've even added a log stating DO NOT OPEN AN ISSUE in the program logs to reduce this.
• I need to focus on more important fixes/features/maintenance I can do something about. I really cannot do much for this kind of issue. I'm the sole maintainer, not really getting paid, working on it in my free time, so I can't allocated much resource for this kind of issue.

Don't use the :test image. It's often garbage-ish code I'm trying on my machines for development 😄 I guess I should host my own registry...

[r3ps4J]

@qdm12 thanks for your detailed reponse. As I mentioned in my initial post, I've tried this with a manual configuration downloaded from PureVPN directly as well which resulted in the same problem. Nevertheless, I'll try to update the servers again and let you know.