mirror of
https://github.com/qdm12/gluetun.git
synced 2026-05-06 20:10:11 +02:00
FAQ section
Quentin McGaw
@@ -0,0 +1,28 @@
|
||||
# Docker image
|
||||
|
||||
|
||||
|
||||
If you use the default `qmcgaw/private-internet-access` image, you are technically using the Docker image with the `:latest` tag.
|
||||
If it happens to be **broken**, this page is for you.
|
||||
|
||||
## Release tag
|
||||
|
||||
[Multiple releases](https://github.com/qdm12/private-internet-access-docker/releases) are made through time when the image is considered stable.
|
||||
|
||||
ℹ️ [List of image tags](https://hub.docker.com/r/qmcgaw/private-internet-access/tags?page=1&ordering=last_updated)
|
||||
|
||||
Each time a Github release is made, an associated Docker image tag is made, for example a `v3.1.0` release produces the image `qmcgaw/private-internet-access:v3.1.0`.
|
||||
|
||||
You can thus use one of these image tags if `:latest` doesn't work for you. Also, don't forget to create an issue for it 😉
|
||||
|
||||
## Build the image from a Git commit
|
||||
|
||||
1. Install [Git](https://git-scm.com/), test it's here with `git version`
|
||||
1. Find a [commit](https://github.com/qdm12/private-internet-access-docker/commits/master) you want to build for, in example `095623925a9cc0e5cf89d5b9b510714792267d9b`
|
||||
1. Build the image
|
||||
|
||||
```sh
|
||||
docker build -t qmcgaw/private-internet-access https://github.com/qdm12/private-internet-access-docker.git#095623925a9cc0e5cf89d5b9b510714792267d9b
|
||||
```
|
||||
|
||||
1. You can now use `qmcgaw/private-internet-access` which is the image you just built.
|
||||
+24
@@ -0,0 +1,24 @@
|
||||
# Mullvad
|
||||
|
||||
|
||||
|
||||
If you want to tunnel IPv6 with Mullvad, follow the following.
|
||||
|
||||
1. Ensure your Kernel has IPv6
|
||||
|
||||
```sh
|
||||
lsmod | grep ipv6
|
||||
```
|
||||
|
||||
Should show something.
|
||||
1. Set the environment variable `OPENVPN_IPV6` to `on`
|
||||
1. Enable IPv6 in Docker for this container:
|
||||
- For a Docker run command, add the flag `--sysctl net.ipv6.conf.all.disable_ipv6=0` (or `--sysctl net.ipv6.conf.all.disable=0` on some systems)
|
||||
- For docker-compose.yml files, add this to your `gluetun` config block:
|
||||
|
||||
```yml
|
||||
sysctls:
|
||||
- net.ipv6.conf.all.disable_ipv6=0
|
||||
```
|
||||
|
||||
1. Start the container
|
||||
@@ -0,0 +1,15 @@
|
||||
# OpenVPN killed
|
||||
|
||||
It may happen, quite rarely though, that Openvpn gets killed in a loop by the host system.
|
||||
|
||||
If you get regularly in your logs
|
||||
|
||||
```s
|
||||
openvpn: Sun May 10 19:23:37 2020 Initialization Sequence Completed
|
||||
openvpn: Sun May 10 19:23:45 2020 event_wait : Interrupted system call (code=4)
|
||||
openvpn: Sun May 10 19:23:45 2020 ERROR: Linux route delete command failed: external program exited with error status: 2
|
||||
openvpn: signal: killed
|
||||
```
|
||||
|
||||
It might be another app you have interfering with the `/dev/net/tun` device and thus killing openvpn.
|
||||
For QNAP users, it may be the **QCenter**. More information on [this issue](https://github.com/qdm12/private-internet-access-docker/issues/157) and many thanks for @AlexAlbright for finding the root cause through trial and error 🎈
|
||||
@@ -0,0 +1,17 @@
|
||||
# OpenVPN warnings
|
||||
|
||||
You might see some warnings similar to:
|
||||
|
||||
```s
|
||||
openvpn: Sat Feb 22 15:55:02 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
|
||||
openvpn: Sat Feb 22 15:55:02 2020 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1569', remote='link-mtu 1542'
|
||||
openvpn: Sat Feb 22 15:55:02 2020 WARNING: 'cipher' is used inconsistently, local='cipher AES-256-CBC', remote='cipher BF-CBC'
|
||||
openvpn: Sat Feb 22 15:55:02 2020 WARNING: 'auth' is used inconsistently, local='auth SHA256', remote='auth SHA1'
|
||||
openvpn: Sat Feb 22 15:55:02 2020 WARNING: 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
|
||||
openvpn: Sat Feb 22 15:55:02 2020 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
|
||||
openvpn: Sat Feb 22 15:55:02 2020 [a121ce520d670b71bfd3aa475485539b] Peer Connection Initiated with [AF_INET]xx.xx.xx.xx:1197
|
||||
```
|
||||
|
||||
It is mainly because the option [disable-occ](https://openvpn.net/community-resources/reference-manual-for-openvpn-2-4/) was removed for transparency with you.
|
||||
|
||||
Private Internet Access explains [here why](https://www.privateinternetaccess.com/helpdesk/kb/articles/why-do-i-get-cipher-auth-warnings-when-i-connect) the warnings show up.
|
||||
@@ -0,0 +1,26 @@
|
||||
# Ping timeout
|
||||
|
||||
If your Openvpn drops the connection because of a ping timeout, then this page is for you.
|
||||
|
||||
It happens, especially on some Private Internet Access servers, that the server side configuration changes or the server goes offline.
|
||||
|
||||
You will obtain an error similar to:
|
||||
|
||||
```s
|
||||
openvpn: Wed Mar 18 22:13:00 2020 [3a51ae90324bcb0719cb399b650c64d4] Inactivity timeout (--ping-restart), restarting,
|
||||
openvpn: Wed Mar 18 22:13:00 2020 SIGUSR1[soft,ping-restart] received, process restarting,
|
||||
...
|
||||
openvpn: Wed Mar 18 22:13:17 2020 Preserving previous TUN/TAP instance: tun0,
|
||||
openvpn: Wed Mar 18 22:13:17 2020 NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP device.,
|
||||
openvpn: Wed Mar 18 22:13:17 2020 ERROR: Linux route delete command failed: external program exited with error status: 2,
|
||||
openvpn: Wed Mar 18 22:13:17 2020 ERROR: Linux route delete command failed: external program exited with error status: 2,
|
||||
openvpn: Wed Mar 18 22:13:17 2020 ERROR: Linux route delete command failed: external program exited with error status: 2,
|
||||
openvpn: Wed Mar 18 22:13:17 2020 ERROR: Linux route delete command failed: external program exited with error status: 2,
|
||||
openvpn: Wed Mar 18 22:13:17 2020 /sbin/ip addr del dev tun0 local 10.6.11.6 peer 10.6.11.5,
|
||||
openvpn: Wed Mar 18 22:13:17 2020 Linux ip addr del failed: external program exited with error status: 2,
|
||||
openvpn: Wed Mar 18 22:13:18 2020 ERROR: Cannot ioctl TUNSETIFF tun: Operation not permitted (errno=1),
|
||||
openvpn: Wed Mar 18 22:13:18 2020 Exiting due to fatal error,
|
||||
exit status 1
|
||||
```
|
||||
|
||||
To fix it, you would have to run openvpn with root, by setting the environment variable `OPENVPN_ROOT=yes`.
|
||||
+10
@@ -0,0 +1,10 @@
|
||||
# Portainer
|
||||
|
||||
If you use Portainer to run the container and get the error:
|
||||
|
||||
```
|
||||
2020-05-03T09:04:11.283Z ERROR failed executing "-P INPUT ACCEPT": iptables v1.8.3 (legacy): can't initialize iptables table `filter': Permission denied (you must be root)
|
||||
Perhaps iptables or your kernel needs to be upgraded.: exit status 3```
|
||||
```
|
||||
|
||||
This might be because portainer does not set the `--cap_add=NET_ADMIN` successfully. You might need to run the container without Portainer in this case. More information on [this issue](https://github.com/qdm12/private-internet-access-docker/issues/139).
|
||||
+1
@@ -1,5 +1,6 @@
|
||||
# Home
|
||||
|
||||
1. [Setup](Setup)
|
||||
1. [FAQ](FAQ)
|
||||
1. [HTTP Control server](HTTP-Control-server)
|
||||
1. [Contributing](Contributing)
|
||||
|
||||
Reference in New Issue
Block a user