Comments (10)
i think i experienced something similar, after the container has being running for a while.. it loose connection and reconnect to a diff sever, seems to use a random server and is very slow, so i'm gonna take a look at this.
from nordvpn.
Another easier option is mount the volume for /vpn/ovpn and manually clean the folder when need it, I don't see the point to over-complicate the script.
from nordvpn.
Why didn't I think of that solution. Thanks, just added the following to my docker-compose file:
tmpfs:
- /vpn/ovpn
Problem solved !!
I would still love an exit_on_fail option in any way. Seeing the container just select 'random' profile on a fail is not what I prefer. But that's more of a change request, I think this 'bug' is resolved/explained.
from nordvpn.
Have you checked if the file se321.nordvpn.com.udp.ovpn or se321.nordvpn.com.tcp.ovpn exist in the container?
by default if the file can't be found it will select a random file
from nordvpn.
you can try recreate the container without the ovpn files to force it to download them again
from nordvpn.
The following solved the problem:
#Manually ran the commands from NordVPN script
ovpn_dir="/vpn/ovpn"
mkdir -p ${ovpn_dir}
curl -s ${nordvpn_ovpn} -o /tmp/ovpn.zip
mkdir -p /tmp/ovpn/
unzip -q /tmp/ovpn.zip -d /tmp/ovpn
mv /tmp/ovpn//.ovpn ${ovpn_dir}
rm -rf /tmp/*
#Restart of Docker container show that the problem has been resolved.
Whitelisting api.nordvpn.com...
Selecting the best server...
Searching for country : Sweden (208)
Searching for group: legacy_p2p
Searching for technology: openvpn_udp
Best server : se245.nordvpn.com
Using config file /vpn/ovpn/se245.nordvpn.com.udp.ovpn...
Connecting ...
I'll keep an eye on things and get back if this happens again.
Thank you!
from nordvpn.
I have exactly the same problem. After running for a longer time the connection went down and it tried to reconnect to se303.nordvpn.com.udp.ovpn. Afterwards the connection was not as usual. Cannot tell exactly what is the problem. I could download things from the internet inside the container. But peer to peer software that has been connected through the vpn since before the downtime appeared to have troublesome behavior (highly decreased amount of connections).
Openvpn Logs
vpn_1 | Tue Jul 2 08:21:48 2019 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
vpn_1 | Tue Jul 2 09:15:45 2019 [ch85.nordvpn.com] Inactivity timeout (--ping-exit), exiting
vpn_1 | Tue Jul 2 09:15:45 2019 SIGTERM received, sending exit notification to peer
vpn_1 | Tue Jul 2 09:15:46 2019 /sbin/ip route del 185.236.201.148/32
vpn_1 | Tue Jul 2 09:15:46 2019 /sbin/ip route del 0.0.0.0/1
vpn_1 | Tue Jul 2 09:15:46 2019 /sbin/ip route del 128.0.0.0/1
vpn_1 | Tue Jul 2 09:15:46 2019 Closing TUN/TAP interface
vpn_1 | Tue Jul 2 09:15:46 2019 /sbin/ip addr del dev tun0 10.8.8.15/24
vpn_1 | Tue Jul 2 09:15:46 2019 /etc/openvpn/down.sh tun0 1500 1585 10.8.8.15 255.255.255.0 init
vpn_1 | Tue Jul 2 09:15:47 2019 SIGTERM[soft,exit-with-notification] received, process exiting
vpn_1 | + set +x
vpn_1 | Whitelisting api.nordvpn.com...
vpn_1 | iptables v1.6.2: host/network api.nordvpn.com' not found vpn_1 | Try
iptables -h' or 'iptables --help' for more information.
vpn_1 | Selecting the best server...
vpn_1 | Searching for technology: openvpn_udp
vpn_1 | Unable to find a server with the specified parameters, using any recommended server
vpn_1 | Best server :
vpn_1 | Using config file /vpn/ovpn/se303.nordvpn.com.udp.ovpn...
vpn_1 | Connecting ...
vpn_1 | + sg vpn -c 'openvpn --config /vpn/ovpn/se303.nordvpn.com.udp.ovpn --auth-user-pass /vpn/auth --auth-nocache --script-security 2 --up /etc/openvpn/up.sh --down /etc/openvpn/down.sh --pull-filter ignore "ping-restart" --ping-exit 180'
vpn_1 | Tue Jul 2 09:16:19 2019 OpenVPN 2.4.6 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 26 2018
vpn_1 | Tue Jul 2 09:16:19 2019 library versions: OpenSSL 1.1.1b 26 Feb 2019, LZO 2.10
vpn_1 | Tue Jul 2 09:16:19 2019 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
vpn_1 | Tue Jul 2 09:16:19 2019 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
vpn_1 | Tue Jul 2 09:16:19 2019 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
vpn_1 | Tue Jul 2 09:16:19 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]185.236.42.110:1194
vpn_1 | Tue Jul 2 09:16:19 2019 Socket Buffers: R=[212992->212992] S=[212992->212992]
vpn_1 | Tue Jul 2 09:16:19 2019 UDP link local: (not bound)
from nordvpn.
I had to do a 'docker rm nordvpn' and recreate it. Before that the /vpn/ovpn/ directory in the container was missing a lot of new nordvpn server configs, including the one the API was giving me as the best option. Seems like updating the image with only a 'docker pull' is not updating the new configs correctly.
from nordvpn.
The problem is that the new config *.ovpn files are only downloaded at first creation. If you look at line 64 of nordVpn.sh you see that if files are already present in the ${ovpn_dir} no new zip is downloaded and extracted. I get that downloading 25+ Mb at every restart is not a desired behaviour for everyone but on my side restarts are 'rare' and having a 500 Mb internet pipe makes it trivial.
I would propose an ENV (something like: ALWAYS_REFRESH_PROFILES) variable which will be checked as an OR in line 64. Which, if set to true, always downloads and extracts the newest profiles.
Secondly I would prefer having an ENV (something like: EXIT_ON_FAIL) variable which makes the container just exit if any of the requirements are not met. For example: wrong country code, profile not found etc. It happened to me multiple times now that my container just connected any profile in the list. I have a good reason to connect to a specific country.
I would love to be able to make these changes myself but am not good enough in bash/sh to feel comfortable to make a pull request.
If there are any questions, please let me know.
from nordvpn.
gonna close the issue, latest changes will fix this (or move the problem to nordvpn side)
from nordvpn.
Related Issues (20)
- Probably insignificant but Icon is missing HOT 1
- NordVPN not establishing outside connection HOT 8
- Nordvpn dropped --username, --password and --legacy flags HOT 1
- Whoops! Cannot reach System Daemon. Invalid token. ¯\_(ツ)_/¯ HOT 18
- Error pulling latest tag HOT 1
- Update NordVPN HOT 6
- NordVPN Connects but no containers have internet access HOT 13
- Container does not connect when MFA is enabled HOT 1
- Container is failing on nord_login after upgrading tot he latest version HOT 3
- Qbittorrent not working through container HOT 1
- I only want to use Meshnet HOT 4
- Unable to pull latest NordVPN image? HOT 11
- Can it be used as proxy server?
- Invalid Token error even with fresh token - Synology NAS HOT 20
- iptables error on synology 1621 when trying to connect HOT 1
- how will it have to work to watch netflix ? HOT 1
- Problem with connection HOT 2
- How to block all traffic, as soon as VPN tunnel is down HOT 1
- Nord Keeps connecting to ' HOT 2
- Unable to ping or use network HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nordvpn.