docker-transmission-openvpn icon indicating copy to clipboard operation
docker-transmission-openvpn copied to clipboard

Published 20 hours ago verified publisher icon haugene

Container routing issues after update

Open jmdarr opened this issue 10 months ago • 5 comments

Is there a pinned issue for this?

  • [X] I have read the pinned issues and could not find my issue

Is there an existing or similar issue/discussion for this?

  • [X] I have searched the existing issues
  • [X] I have searched the existing discussions

Is there any comment in the documentation for this?

  • [X] I have read the documentation, especially the FAQ and Troubleshooting parts

Is this related to a provider?

  • [X] I have checked the provider repo for issues
  • [X] My issue is NOT related to a provider

Are you using the latest release?

  • [X] I am using the latest release

Have you tried using the dev branch latest?

  • [X] I have tried using dev branch

Docker run config used

services:
  transmission-openvpn:
    container_name: transmission-openvpn
    image: haugene/transmission-openvpn:latest
    stdin_open: true
    tty: true
    networks:
      contoso.local:
        ipv4_address: 192.168.0.37
    environment:
      - OPENVPN_PROVIDER=custom
      - LOCAL_NETWORK=192.168.0.0/24
      - PUID=8675309
      - PGUID=8675309
    cap_add:
      - NET_ADMIN
    logging:
      driver: json-file
      options:
        max-size: 10m
    ports:
      - 9091:9091
    volumes:
      - /nas/virtualization/containers/transmission-openvpn/openvpn:/etc/openvpn/custom
      - /nas/virtualization/containers/transmission-openvpn/.creds:/config/openvpn-credentials.txt
      - /nas/downloads:/data
      - /nas/virtualization/containers/transmission-openvpn/transmission:/config/transmission-home
    #restart: unless-stopped

networks:
    contoso.local:
        external: true

Current Behavior

When moving from old version (4.1) to a newer version (latest) the container attempts to come up and fails to stay up due to failing the network ping test.

Expected Behavior

The web interface is available on the expected IP (192.168.0.37) and is stable.

How have you tried to solve the problem?

  1. Tried release tag 5.2 per https://github.com/haugene/docker-transmission-openvpn/issues/2790.
  2. Tried dev release.
  3. Tried setting DNS specifically to 8.8.8.8 via docker-compose file.
  4. Ensured .ovpn file is good by running with older container.
  5. Ensured valid settings.json file by running with older container.
  6. Attempted to use the provided TORGUARD OVPN_PROVIDER option, as well as the appropriate OVPN_CONFIG line. Additionally, ran with just the OVPN_PROVIDER and no OVPN_CONFIG line, as mentioned as being a fix in the above linked issue.
  7. Removed the networking portion of my config and let the service run with forwarded ports on the host. This allowed the service to be accessible and download files. It appears the network config is the specific issue with the newer image.

Log output

Newer (latest), failing:

[jdarr@docker transmission-openvpn]$ docker-compose -f ./transmission-openvpn.docker-compose up
Creating transmission-openvpn ... done
Attaching to transmission-openvpn
transmission-openvpn    | Starting container with revision: 07f5a2b9aea5028c9bb75438c1552708e91dde71
transmission-openvpn    | TRANSMISSION_HOME is currently set to: /config/transmission-home
transmission-openvpn    | WARNING: Deprecated. Found old default transmission-home folder at /data/transmission-home, setting this as TRANSMISSION_HOME. This might break in future versions.
transmission-openvpn    | We will fallback to this directory as long as the folder exists. Please consider moving it to /config/transmission-home
transmission-openvpn    | Creating TUN device /dev/net/tun
transmission-openvpn    | Using OpenVPN provider: CUSTOM
transmission-openvpn    | Modifying /etc/openvpn/custom/default.ovpn for best behaviour in this container
transmission-openvpn    | Modification: Point auth-user-pass option to the username/password file
transmission-openvpn    | Modification: Change ca certificate path
transmission-openvpn    | Modification: Change ping options
transmission-openvpn    | Modification: Update/set resolv-retry to 15 seconds
transmission-openvpn    | Modification: Change tls-crypt keyfile path
transmission-openvpn    | Modification: Set output verbosity to 3
transmission-openvpn    | Modification: Remap SIGUSR1 signal to SIGTERM, avoid OpenVPN restart loop
transmission-openvpn    | Modification: Updating status for config failure detection
transmission-openvpn    | Found existing OPENVPN credentials at /config/openvpn-credentials.txt
transmission-openvpn    | adding route to local network 192.168.0.0/24 via 192.168.0.1 dev eth0
transmission-openvpn    | 2024-12-30 00:01:59 DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-128-CBC' to --data-ciphers or change --cipher 'AES-128-CBC' to --data-ciphers-fallback 'AES-128-CBC' to silence this warning.
transmission-openvpn    | 2024-12-30 00:01:59 WARNING: file '/config/openvpn-credentials.txt' is group or others accessible
transmission-openvpn    | 2024-12-30 00:01:59 OpenVPN 2.5.9 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 29 2023
transmission-openvpn    | 2024-12-30 00:01:59 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
transmission-openvpn    | 2024-12-30 00:01:59 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
transmission-openvpn    | 2024-12-30 00:01:59 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
transmission-openvpn    | 2024-12-30 00:01:59 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
transmission-openvpn    | 2024-12-30 00:01:59 TCP/UDP: Preserving recently used remote address: [AF_INET]107.181.189.37:1215
transmission-openvpn    | 2024-12-30 00:01:59 Socket Buffers: R=[212992->212992] S=[212992->212992]
transmission-openvpn    | 2024-12-30 00:01:59 UDP link local: (not bound)
transmission-openvpn    | 2024-12-30 00:01:59 UDP link remote: [AF_INET]107.181.189.37:1215
transmission-openvpn    | 2024-12-30 00:01:59 TLS: Initial packet from [AF_INET]107.181.189.37:1215, sid=39a507fd ecdf53c2
transmission-openvpn    | 2024-12-30 00:01:59 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
transmission-openvpn    | 2024-12-30 00:01:59 VERIFY OK: depth=1, CN=TG-VPN-CA
transmission-openvpn    | 2024-12-30 00:01:59 VERIFY KU OK
transmission-openvpn    | 2024-12-30 00:01:59 Validating certificate extended key usage
transmission-openvpn    | 2024-12-30 00:01:59 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
transmission-openvpn    | 2024-12-30 00:01:59 VERIFY EKU OK
transmission-openvpn    | 2024-12-30 00:01:59 VERIFY OK: depth=0, CN=server
transmission-openvpn    | 2024-12-30 00:01:59 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1601'
transmission-openvpn    | 2024-12-30 00:01:59 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
transmission-openvpn    | 2024-12-30 00:01:59 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
transmission-openvpn    | 2024-12-30 00:01:59 [server] Peer Connection Initiated with [AF_INET]107.181.189.37:1215
transmission-openvpn    | 2024-12-30 00:02:00 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
transmission-openvpn    | 2024-12-30 00:02:00 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.9.0.1,dhcp-option DNS 10.8.0.1,sndbuf 524288,rcvbuf 524288,route 10.37.0.1,topology net30,ping 5,ping-restart 30,compress,ifconfig 10.37.0.6 10.37.0.5,peer-id 0,cipher AES-256-GCM'
transmission-openvpn    | 2024-12-30 00:02:00 OPTIONS IMPORT: timers and/or timeouts modified
transmission-openvpn    | 2024-12-30 00:02:00 OPTIONS IMPORT: compression parms modified
transmission-openvpn    | 2024-12-30 00:02:00 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
transmission-openvpn    | 2024-12-30 00:02:00 Socket Buffers: R=[212992->425984] S=[212992->425984]
transmission-openvpn    | 2024-12-30 00:02:00 OPTIONS IMPORT: --ifconfig/up options modified
transmission-openvpn    | 2024-12-30 00:02:00 OPTIONS IMPORT: route options modified
transmission-openvpn    | 2024-12-30 00:02:00 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
transmission-openvpn    | 2024-12-30 00:02:00 OPTIONS IMPORT: peer-id set
transmission-openvpn    | 2024-12-30 00:02:00 OPTIONS IMPORT: adjusting link_mtu to 1656
transmission-openvpn    | 2024-12-30 00:02:00 OPTIONS IMPORT: data channel crypto options modified
transmission-openvpn    | 2024-12-30 00:02:00 Data Channel: using negotiated cipher 'AES-256-GCM'
transmission-openvpn    | 2024-12-30 00:02:00 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
transmission-openvpn    | 2024-12-30 00:02:00 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
transmission-openvpn    | 2024-12-30 00:02:00 net_route_v4_best_gw query: dst 0.0.0.0
transmission-openvpn    | 2024-12-30 00:02:00 net_route_v4_best_gw result: via 192.168.0.1 dev eth0
transmission-openvpn    | 2024-12-30 00:02:00 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 IFACE=eth0 HWADDR=e6:77:68:74:d3:0d
transmission-openvpn    | 2024-12-30 00:02:00 TUN/TAP device tun0 opened
transmission-openvpn    | 2024-12-30 00:02:00 net_iface_mtu_set: mtu 1500 for tun0
transmission-openvpn    | 2024-12-30 00:02:00 net_iface_up: set tun0 up
transmission-openvpn    | 2024-12-30 00:02:00 net_addr_ptp_v4_add: 10.37.0.6 peer 10.37.0.5 dev tun0
transmission-openvpn    | 2024-12-30 00:02:00 net_route_v4_add: 107.181.189.37/32 via 192.168.0.1 dev [NULL] table 0 metric -1
transmission-openvpn    | 2024-12-30 00:02:00 sitnl_send: rtnl: generic error (-101): Network is unreachable
transmission-openvpn    | 2024-12-30 00:02:00 ERROR: Linux route add command failed
transmission-openvpn    | 2024-12-30 00:02:00 net_route_v4_add: 0.0.0.0/1 via 10.37.0.5 dev [NULL] table 0 metric -1
transmission-openvpn    | 2024-12-30 00:02:00 net_route_v4_add: 128.0.0.0/1 via 10.37.0.5 dev [NULL] table 0 metric -1
transmission-openvpn    | 2024-12-30 00:02:00 net_route_v4_add: 10.37.0.1/32 via 10.37.0.5 dev [NULL] table 0 metric -1
transmission-openvpn    | Up script executed with device=tun0 ifconfig_local=10.37.0.6
transmission-openvpn    | Updating TRANSMISSION_BIND_ADDRESS_IPV4 to the ip of tun0 : 10.37.0.6
transmission-openvpn    | Enforcing ownership on transmission directories
transmission-openvpn    | Applying permissions to transmission directories
transmission-openvpn    | Setting owner for transmission paths to 8675309:
transmission-openvpn    | Setting permissions for download and incomplete directories
transmission-openvpn    | umask: 0
transmission-openvpn    | Directories: 777
transmission-openvpn    | Files: 666
transmission-openvpn    | Setting permission for watch directory (775) and its files (664)
transmission-openvpn    |
transmission-openvpn    | -------------------------------------
transmission-openvpn    | Transmission will run as
transmission-openvpn    | -------------------------------------
transmission-openvpn    | User name:   abc
transmission-openvpn    | User uid:    8675309
transmission-openvpn    | User gid:    1001
transmission-openvpn    | -------------------------------------
transmission-openvpn    |
transmission-openvpn    | Updating Transmission settings.json with values from env variables
transmission-openvpn    | Attempting to use existing settings.json for Transmission
transmission-openvpn    | Successfully used existing settings.json /data/transmission-home/settings.json
transmission-openvpn    | Overriding bind-address-ipv4 because TRANSMISSION_BIND_ADDRESS_IPV4 is set to 10.37.0.6
transmission-openvpn    | Overriding download-dir because TRANSMISSION_DOWNLOAD_DIR is set to /data/completed
transmission-openvpn    | Overriding incomplete-dir because TRANSMISSION_INCOMPLETE_DIR is set to /data/incomplete
transmission-openvpn    | Overriding rpc-password because TRANSMISSION_RPC_PASSWORD is set to [REDACTED]
transmission-openvpn    | Overriding rpc-port because TRANSMISSION_RPC_PORT is set to 9091
transmission-openvpn    | Overriding rpc-username because TRANSMISSION_RPC_USERNAME is set to
transmission-openvpn    | Overriding watch-dir because TRANSMISSION_WATCH_DIR is set to /data/watch
transmission-openvpn    | sed'ing True to true
transmission-openvpn    | STARTING TRANSMISSION
transmission-openvpn    | Transmission startup script complete.
transmission-openvpn    | 2024-12-30 00:02:01 Initialization Sequence Completed
transmission-openvpn    | 2024-12-30 00:03:25 [server] Inactivity timeout (--ping-restart), restarting
transmission-openvpn    | 2024-12-30 00:03:25 /etc/openvpn/tunnelDown.sh tun0 1500 1584 10.37.0.6 10.37.0.5 init
transmission-openvpn    | resolv.conf was restored
transmission-openvpn    | Sending kill signal to transmission-daemon
transmission-openvpn    | Successfuly closed transmission-daemon
transmission-openvpn    | 2024-12-30 00:03:26 net_route_v4_del: 10.37.0.1/32 via 10.37.0.5 dev [NULL] table 0 metric -1
transmission-openvpn    | 2024-12-30 00:03:26 net_route_v4_del: 107.181.189.37/32 via 192.168.0.1 dev [NULL] table 0 metric -1
transmission-openvpn    | 2024-12-30 00:03:26 sitnl_send: rtnl: generic error (-3): No such process
transmission-openvpn    | 2024-12-30 00:03:26 ERROR: Linux route delete command failed
transmission-openvpn    | 2024-12-30 00:03:26 net_route_v4_del: 0.0.0.0/1 via 10.37.0.5 dev [NULL] table 0 metric -1
transmission-openvpn    | 2024-12-30 00:03:26 net_route_v4_del: 128.0.0.0/1 via 10.37.0.5 dev [NULL] table 0 metric -1
transmission-openvpn    | 2024-12-30 00:03:26 Closing TUN/TAP interface
transmission-openvpn    | 2024-12-30 00:03:26 net_addr_ptp_v4_del: 10.37.0.6 dev tun0
transmission-openvpn    | 2024-12-30 00:03:26 SIGTERM[soft,ping-restart] received, process exiting
transmission-openvpn exited with code 0

Older (4.2), working:

[jdarr@docker transmission-openvpn]$ docker-compose -f ./transmission-openvpn.docker-compose up
Creating transmission-openvpn ... done
Attaching to transmission-openvpn
transmission-openvpn    | Starting container with revision: 84941a9ea4663d8b2e1af3db1d50fe4f7fa8736e
transmission-openvpn    | Creating TUN device /dev/net/tun
transmission-openvpn    | Using OpenVPN provider: CUSTOM
transmission-openvpn    | Running with VPN_CONFIG_SOURCE auto
transmission-openvpn    | No bundled config script found for CUSTOM. Defaulting to external config
transmission-openvpn    | Downloading configs from https://github.com/haugene/vpn-configs-contrib/archive/main.zip into /tmp/tmp.eIBXwngoz7
transmission-openvpn    | Extracting configs to /tmp/tmp.58hpUuOCdr
transmission-openvpn    | ERROR: Could not find any configs for provider CUSTOM in downloaded configs
transmission-openvpn    | Cleanup: deleting /tmp/tmp.eIBXwngoz7 and /tmp/tmp.58hpUuOCdr
transmission-openvpn    | No VPN configuration provided. Using default.
transmission-openvpn    | Modifying /etc/openvpn/custom/default.ovpn for best behaviour in this container
transmission-openvpn    | Modification: Point auth-user-pass option to the username/password file
transmission-openvpn    | Modification: Change ca certificate path
transmission-openvpn    | Modification: Change ping options
transmission-openvpn    | Modification: Update/set resolv-retry to 15 seconds
transmission-openvpn    | Modification: Change tls-crypt keyfile path
transmission-openvpn    | Modification: Set output verbosity to 3
transmission-openvpn    | Modification: Remap SIGUSR1 signal to SIGTERM, avoid OpenVPN restart loop
transmission-openvpn    | Found existing OPENVPN credentials at /config/openvpn-credentials.txt
transmission-openvpn    | adding route to local network 192.168.0.0/24 via 192.168.0.1 dev eth0
transmission-openvpn    | RTNETLINK answers: File exists
transmission-openvpn    | Sun Dec 29 23:59:23 2024 WARNING: file '/config/openvpn-credentials.txt' is group or others accessible
transmission-openvpn    | Sun Dec 29 23:59:23 2024 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar 22 2022
transmission-openvpn    | Sun Dec 29 23:59:23 2024 library versions: OpenSSL 1.1.1f  31 Mar 2020, LZO 2.10
transmission-openvpn    | Sun Dec 29 23:59:23 2024 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
transmission-openvpn    | Sun Dec 29 23:59:23 2024 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
transmission-openvpn    | Sun Dec 29 23:59:23 2024 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
transmission-openvpn    | Sun Dec 29 23:59:23 2024 TCP/UDP: Preserving recently used remote address: [AF_INET]107.181.189.41:1215
transmission-openvpn    | Sun Dec 29 23:59:23 2024 Socket Buffers: R=[212992->212992] S=[212992->212992]
transmission-openvpn    | Sun Dec 29 23:59:23 2024 UDP link local: (not bound)
transmission-openvpn    | Sun Dec 29 23:59:23 2024 UDP link remote: [AF_INET]107.181.189.41:1215
transmission-openvpn    | Sun Dec 29 23:59:23 2024 TLS: Initial packet from [AF_INET]107.181.189.41:1215, sid=640c3a60 5fdc6cf3
transmission-openvpn    | Sun Dec 29 23:59:23 2024 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
transmission-openvpn    | Sun Dec 29 23:59:23 2024 VERIFY OK: depth=1, CN=TG-VPN-CA
transmission-openvpn    | Sun Dec 29 23:59:23 2024 VERIFY KU OK
transmission-openvpn    | Sun Dec 29 23:59:23 2024 Validating certificate extended key usage
transmission-openvpn    | Sun Dec 29 23:59:23 2024 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
transmission-openvpn    | Sun Dec 29 23:59:23 2024 VERIFY EKU OK
transmission-openvpn    | Sun Dec 29 23:59:23 2024 VERIFY OK: depth=0, CN=server
transmission-openvpn    | Sun Dec 29 23:59:23 2024 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1601'
transmission-openvpn    | Sun Dec 29 23:59:23 2024 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
transmission-openvpn    | Sun Dec 29 23:59:23 2024 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
transmission-openvpn    | Sun Dec 29 23:59:23 2024 [server] Peer Connection Initiated with [AF_INET]107.181.189.41:1215
transmission-openvpn    | Sun Dec 29 23:59:25 2024 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
transmission-openvpn    | Sun Dec 29 23:59:25 2024 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.9.0.1,dhcp-option DNS 10.8.0.1,sndbuf 524288,rcvbuf 524288,route 10.37.0.1,topology net30,ping 5,ping-restart 30,compress,ifconfig 10.37.0.6 10.37.0.5,peer-id 1,cipher AES-256-GCM'
transmission-openvpn    | Sun Dec 29 23:59:25 2024 OPTIONS IMPORT: timers and/or timeouts modified
transmission-openvpn    | Sun Dec 29 23:59:25 2024 OPTIONS IMPORT: compression parms modified
transmission-openvpn    | Sun Dec 29 23:59:25 2024 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
transmission-openvpn    | Sun Dec 29 23:59:25 2024 Socket Buffers: R=[212992->425984] S=[212992->425984]
transmission-openvpn    | Sun Dec 29 23:59:25 2024 OPTIONS IMPORT: --ifconfig/up options modified
transmission-openvpn    | Sun Dec 29 23:59:25 2024 OPTIONS IMPORT: route options modified
transmission-openvpn    | Sun Dec 29 23:59:25 2024 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
transmission-openvpn    | Sun Dec 29 23:59:25 2024 OPTIONS IMPORT: peer-id set
transmission-openvpn    | Sun Dec 29 23:59:25 2024 OPTIONS IMPORT: adjusting link_mtu to 1656
transmission-openvpn    | Sun Dec 29 23:59:25 2024 OPTIONS IMPORT: data channel crypto options modified
transmission-openvpn    | Sun Dec 29 23:59:25 2024 Data Channel: using negotiated cipher 'AES-256-GCM'
transmission-openvpn    | Sun Dec 29 23:59:25 2024 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
transmission-openvpn    | Sun Dec 29 23:59:25 2024 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
transmission-openvpn    | Sun Dec 29 23:59:25 2024 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 IFACE=eth0 HWADDR=e6:77:68:74:d3:0d
transmission-openvpn    | Sun Dec 29 23:59:25 2024 TUN/TAP device tun0 opened
transmission-openvpn    | Sun Dec 29 23:59:25 2024 TUN/TAP TX queue length set to 100
transmission-openvpn    | Sun Dec 29 23:59:25 2024 /sbin/ip link set dev tun0 up mtu 1500
transmission-openvpn    | Sun Dec 29 23:59:25 2024 /sbin/ip addr add dev tun0 local 10.37.0.6 peer 10.37.0.5
transmission-openvpn    | Sun Dec 29 23:59:25 2024 /etc/openvpn/tunnelUp.sh tun0 1500 1584 10.37.0.6 10.37.0.5 init
transmission-openvpn    | Up script executed with tun0 1500 1584 10.37.0.6 10.37.0.5 init
transmission-openvpn    | Updating TRANSMISSION_BIND_ADDRESS_IPV4 to the ip of tun0 : 10.37.0.6
transmission-openvpn    | Updating Transmission settings.json with values from env variables
transmission-openvpn    | Using existing settings.json for Transmission /data/transmission-home/settings.json
transmission-openvpn    | Overriding bind-address-ipv4 because TRANSMISSION_BIND_ADDRESS_IPV4 is set to 10.37.0.6
transmission-openvpn    | Overriding download-dir because TRANSMISSION_DOWNLOAD_DIR is set to /data/completed
transmission-openvpn    | Overriding incomplete-dir because TRANSMISSION_INCOMPLETE_DIR is set to /data/incomplete
transmission-openvpn    | Overriding rpc-port because TRANSMISSION_RPC_PORT is set to 9091
transmission-openvpn    | Overriding watch-dir because TRANSMISSION_WATCH_DIR is set to /data/watch
transmission-openvpn    | sed'ing True to true
transmission-openvpn    | Enforcing ownership on transmission config directories
transmission-openvpn    | Applying permissions to transmission config directories
transmission-openvpn    | Setting owner for transmission paths to 8675309:
transmission-openvpn    | Setting permissions for download and incomplete directories
transmission-openvpn    | Mask: 060
transmission-openvpn    | Directories: 717
transmission-openvpn    | Files: 606
transmission-openvpn    | Setting permission for watch directory (775) and its files (664)
transmission-openvpn    |
transmission-openvpn    | -------------------------------------
transmission-openvpn    | Transmission will run as
transmission-openvpn    | -------------------------------------
transmission-openvpn    | User name:   abc
transmission-openvpn    | User uid:    8675309
transmission-openvpn    | User gid:    1001
transmission-openvpn    | -------------------------------------
transmission-openvpn    |
transmission-openvpn    | STARTING TRANSMISSION
transmission-openvpn    | Transmission startup script complete.
transmission-openvpn    | Sun Dec 29 23:59:25 2024 /sbin/ip route add 107.181.189.41/32 via 192.168.0.1
transmission-openvpn    | Sun Dec 29 23:59:25 2024 /sbin/ip route add 0.0.0.0/1 via 10.37.0.5
transmission-openvpn    | Sun Dec 29 23:59:25 2024 /sbin/ip route add 128.0.0.0/1 via 10.37.0.5
transmission-openvpn    | Sun Dec 29 23:59:25 2024 /sbin/ip route add 10.37.0.1/32 via 10.37.0.5
transmission-openvpn    | Sun Dec 29 23:59:25 2024 Initialization Sequence Completed

HW/SW Environment

- OS: AlmaLinux 8.10 (Cerulean Leopard)
- Docker: docker-ce-26.1.3-1.el8.x86_64

Anything else?

It seems to me that something changed with the network routing application between the versions in this issue (4.1, latest). Specifically, we can see the routes being added in the older container version logs:

transmission-openvpn    | Sun Dec 29 23:59:25 2024 /sbin/ip route add 107.181.189.41/32 via 192.168.0.1
transmission-openvpn    | Sun Dec 29 23:59:25 2024 /sbin/ip route add 0.0.0.0/1 via 10.37.0.5
transmission-openvpn    | Sun Dec 29 23:59:25 2024 /sbin/ip route add 128.0.0.0/1 via 10.37.0.5
transmission-openvpn    | Sun Dec 29 23:59:25 2024 /sbin/ip route add 10.37.0.1/32 via 10.37.0.5

However, in the newer (latest) version, we can see this failing:

transmission-openvpn    | 2024-12-30 00:02:00 TUN/TAP device tun0 opened
transmission-openvpn    | 2024-12-30 00:02:00 net_iface_mtu_set: mtu 1500 for tun0
transmission-openvpn    | 2024-12-30 00:02:00 net_iface_up: set tun0 up
transmission-openvpn    | 2024-12-30 00:02:00 net_addr_ptp_v4_add: 10.37.0.6 peer 10.37.0.5 dev tun0
transmission-openvpn    | 2024-12-30 00:02:00 net_route_v4_add: 107.181.189.37/32 via 192.168.0.1 dev [NULL] table 0 metric -1
transmission-openvpn    | 2024-12-30 00:02:00 sitnl_send: rtnl: generic error (-101): Network is unreachable
transmission-openvpn    | 2024-12-30 00:02:00 ERROR: Linux route add command failed
transmission-openvpn    | 2024-12-30 00:02:00 net_route_v4_add: 0.0.0.0/1 via 10.37.0.5 dev [NULL] table 0 metric -1
transmission-openvpn    | 2024-12-30 00:02:00 net_route_v4_add: 128.0.0.0/1 via 10.37.0.5 dev [NULL] table 0 metric -1
transmission-openvpn    | 2024-12-30 00:02:00 net_route_v4_add: 10.37.0.1/32 via 10.37.0.5 dev [NULL] table 0 metric -1

It looks like the deep dive portion of the networking info in the support pages are being worked on, so I don't have a huge insight into how this is different or should be working.

jmdarr avatar Dec 30 '24 00:12 jmdarr