Bug: updating expressvpn servers warnings

[Froggy232]

Is this urgent?

No

Host OS

Fedora Silverblue 39

CPU arch

x86_64

VPN service provider

ExpressVPN

What are you using to run the container

docker-compose

What is the version of Gluetun

latest built on 2024-02-14T07:39:38.933Z (commit 423a5c3)

What's the problem 🤔

Hi,
I use gluetun a lot with podman, but when I try to include it in a docker-compose.yml file, it dosen't work, either with airvpn or expressvpn. Theses two vpns work with gluetun podman.
Does someone have an idea?
Thanks you

Share your logs (at least 10 lines)

Running version latest built on 2024-02-14T07:39:38.933Z (commit 423a5c3)

🔧 Need help? https://github.com/qdm12/gluetun/discussions/new
🐛 Bug? https://github.com/qdm12/gluetun/issues/new
✨ New feature? https://github.com/qdm12/gluetun/issues/new
☕ Discussion? https://github.com/qdm12/gluetun/discussions/new
💻 Email? quentin.mcgaw@gmail.com
💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
2024-02-21T01:40:42Z INFO [routing] default route found: interface eth0, gateway 172.31.0.1, assigned IP 172.31.0.2 and family v4
2024-02-21T01:40:42Z INFO [routing] local ethernet link found: eth0
2024-02-21T01:40:42Z INFO [routing] local ipnet found: 172.31.0.0/16
2024-02-21T01:40:42Z INFO [firewall] enabling...
2024-02-21T01:40:42Z INFO [firewall] enabled successfully
2024-02-21T01:40:42Z INFO [storage] creating /gluetun/servers.json with 17803 hardcoded servers
2024-02-21T01:40:42Z INFO Alpine version: 3.18.6
2024-02-21T01:40:42Z INFO OpenVPN 2.5 version: 2.5.8
2024-02-21T01:40:42Z INFO OpenVPN 2.6 version: 2.6.8
2024-02-21T01:40:42Z INFO Unbound version: 1.17.1
2024-02-21T01:40:42Z INFO IPtables version: v1.8.9
2024-02-21T01:40:42Z INFO Settings summary:
├── VPN settings:
|   ├── VPN provider settings:
|   |   ├── Name: expressvpn
|   |   └── Server selection settings:
|   |       ├── VPN type: openvpn
|   |       └── OpenVPN server selection settings:
|   |           └── Protocol: UDP
|   └── OpenVPN settings:
|       ├── OpenVPN version: 2.5
|       ├── User: [set]
|       ├── Password: [set]
|       ├── Network interface: tun0
|       ├── Run OpenVPN as: root
|       └── Verbosity level: 1
├── DNS settings:
|   ├── Keep existing nameserver(s): no
|   ├── DNS server address to use: 127.0.0.1
|   └── DNS over TLS settings:
|       ├── Enabled: yes
|       ├── Update period: every 24h0m0s
|       ├── Unbound settings:
|       |   ├── Authoritative servers:
|       |   |   └── cloudflare
|       |   ├── Caching: yes
|       |   ├── IPv6: no
|       |   ├── Verbosity level: 1
|       |   ├── Verbosity details level: 0
|       |   ├── Validation log level: 0
|       |   ├── System user: root
|       |   └── Allowed networks:
|       |       ├── 0.0.0.0/0
|       |       └── ::/0
|       └── DNS filtering settings:
|           ├── Block malicious: yes
|           ├── Block ads: no
|           ├── Block surveillance: no
|           └── Blocked IP networks:
|               ├── 127.0.0.1/8
|               ├── 10.0.0.0/8
|               ├── 172.16.0.0/12
|               ├── 192.168.0.0/16
|               ├── 169.254.0.0/16
|               ├── ::1/128
|               ├── fc00::/7
|               ├── fe80::/10
|               ├── ::ffff:127.0.0.1/104
|               ├── ::ffff:10.0.0.0/104
|               ├── ::ffff:169.254.0.0/112
|               ├── ::ffff:172.16.0.0/108
|               └── ::ffff:192.168.0.0/112
├── Firewall settings:
|   └── Enabled: yes
├── Log settings:
|   └── Log level: INFO
├── Health settings:
|   ├── Server listening address: 127.0.0.1:9999
|   ├── Target address: cloudflare.com:443
|   ├── Duration to wait after success: 5s
|   ├── Read header timeout: 100ms
|   ├── Read timeout: 500ms
|   └── VPN wait durations:
|       ├── Initial duration: 6s
|       └── Additional duration: 5s
├── Shadowsocks server settings:
|   └── Enabled: no
├── HTTP proxy settings:
|   └── Enabled: no
├── Control server settings:
|   ├── Listening address: :5463
|   └── Logging: yes
├── OS Alpine settings:
|   ├── Process UID: 1000
|   └── Process GID: 1000
├── Public IP settings:
|   ├── Fetching: every 12h0m0s
|   ├── IP file path: /tmp/gluetun/ip
|   └── Public IP data API: ipinfo
└── Version settings:
    └── Enabled: yes
2024-02-21T01:40:42Z INFO [routing] default route found: interface eth0, gateway 172.31.0.1, assigned IP 172.31.0.2 and family v4
2024-02-21T01:40:42Z INFO [routing] adding route for 0.0.0.0/0
2024-02-21T01:40:42Z INFO [firewall] setting allowed subnets...
2024-02-21T01:40:42Z INFO [routing] default route found: interface eth0, gateway 172.31.0.1, assigned IP 172.31.0.2 and family v4
2024-02-21T01:40:42Z INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
2024-02-21T01:40:42Z INFO [dns] using plaintext DNS at address 1.1.1.1
2024-02-21T01:40:42Z INFO [http server] http server listening on [::]:5463
2024-02-21T01:40:42Z INFO [healthcheck] listening on 127.0.0.1:9999
2024-02-21T01:40:42Z INFO [firewall] allowing VPN connection...
2024-02-21T01:40:42Z INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2024-02-21T01:40:42Z INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-02-21T01:40:42Z INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]94.46.167.214:1195
2024-02-21T01:40:42Z INFO [openvpn] UDP link local: (not bound)
2024-02-21T01:40:42Z INFO [openvpn] UDP link remote: [AF_INET]94.46.167.214:1195
2024-02-21T01:40:48Z INFO [healthcheck] program has been unhealthy for 6s: restarting VPN
2024-02-21T01:40:48Z INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-02-21T01:40:48Z INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-02-21T01:40:48Z INFO [vpn] stopping
2024-02-21T01:40:48Z INFO [vpn] starting
2024-02-21T01:40:48Z INFO [firewall] allowing VPN connection...
2024-02-21T01:40:48Z INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2024-02-21T01:40:48Z INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-02-21T01:40:48Z INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]5.157.128.24:1195
2024-02-21T01:40:48Z INFO [openvpn] UDP link local: (not bound)
2024-02-21T01:40:48Z INFO [openvpn] UDP link remote: [AF_INET]5.157.128.24:1195
2024-02-21T01:40:59Z INFO [healthcheck] program has been unhealthy for 11s: restarting VPN
2024-02-21T01:40:59Z INFO [healthcheck] 👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md
2024-02-21T01:40:59Z INFO [healthcheck] DO NOT OPEN AN ISSUE UNLESS YOU READ AND TRIED EACH POSSIBLE SOLUTION
2024-02-21T01:40:59Z INFO [vpn] stopping
2024-02-21T01:40:59Z INFO [vpn] starting
2024-02-21T01:40:59Z INFO [firewall] allowing VPN connection...
2024-02-21T01:40:59Z INFO [openvpn] OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov  2 2022
2024-02-21T01:40:59Z INFO [openvpn] library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-02-21T01:40:59Z INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]45.85.91.41:1195
2024-02-21T01:40:59Z INFO [openvpn] UDP link local: (not bound)
2024-02-21T01:40:59Z INFO [openvpn] UDP link remote: [AF_INET]45.85.91.41:1195

Share your configuration

version: '3.5'

services:
  tubearchivist-gluetun:
    container_name: tubearchivist-gluetun
    image: qmcgaw/gluetun
    cap_add:
      - NET_ADMIN
    ports:
      - 10.36.18.3:8756:8000/tcp
    environment:
      - VPN_SERVICE_PROVIDER=expressvpn
      - VPN_TYPE=openvpn 
      - OPENVPN_USER=REDACTED
      - OPENVPN_PASSWORD=REDACTED
      - HTTP_CONTROL_SERVER_ADDRESS=:5463
     # - SERVER_COUNTRIES=Netherlands

[qdm12]

Probably just a bad vpn server (picked at random if without a specific hostname filter), read https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md

Note I don't monitor closed issues

[Froggy232]

Hi,
Thanks for your answer, I tried to add "command: update -enduser -providers expressvpn" to my docker-compose file, but the logs tell me that :

2024-02-21T17:35:05Z INFO creating /gluetun/servers.json with 17803 hardcoded servers
2024-02-21T17:35:05Z INFO updating Expressvpn servers...
2024-02-21T17:35:06Z WARN reached the maximum number of consecutive failures: 2 failed attempts resolving slovenia-ca-version-2.expressnetw.com: lookup slovenia-ca-version-2.expressnetw.com: i/o timeout
2024-02-21T17:35:06Z WARN reached the maximum number of consecutive failures: 2 failed attempts resolving southkorea2-ca-version-2.expressnetw.com: lookup southkorea2-ca-version-2.expressnetw.com: i/o timeout
2024-02-21T17:35:06Z WARN reached the maximum number of consecutive failures: 2 failed attempts resolving cambodia-ca-version-2.expressnetw.com: lookup cambodia-ca-version-2.expressnetw.com: i/o timeout
2024-02-21T17:35:06Z WARN reached the maximum number of consecutive failures: 2 failed attempts resolving usa-atlanta-ca-version-2.expressnetw.com: lookup usa-atlanta-ca-version-2.expressnetw.com: i/o timeout
2024-02-21T17:35:06Z WARN reached the maximum number of consecutive failures: 2 failed attempts resolving ecuador-ca-version-2.expressnetw.com: lookup ecuador-ca-version-2.expressnetw.com: i/o timeout
2024-02-21T17:35:06Z WARN reached the maximum number of consecutive failures: 2 failed attempts resolving kenya-ca-version-2.expressnetw.com: lookup kenya-ca-version-2.expressnetw.com: i/o timeout
2024-02-21T17:35:06Z WARN reached the maximum number of consecutive failures: 2 failed attempts resolving czechrepublic-ca-version-2.expressnetw.com: lookup czechrepublic-ca-version-2.expressnetw.com: i/o timeout
2024-02-21T17:35:06Z WARN reached the maximum number of consecutive failures: 2 failed attempts resolving singapore-jurong-ca-version-2.expressnetw.com: lookup singapore-jurong-ca-version-2.expressnetw.com: i/o timeout
2024-02-21T17:35:06Z WARN reached the maximum number of consecutive failures: 2 failed attempts resolving denmark-ca-version-2.expressnetw.com: lookup denmark-ca-version-2.expressnetw.com: i/o timeout
2024-02-21T17:35:06Z WARN reached the maximum number of consecutive failures: 2 failed attempts resolving indonesia-ca-version-2.expressnetw.com: lookup indonesia-ca-version-2.expressnetw.com: i/o timeout
2024-02-21T17:35:06Z WARN reached the maximum number of consecutive failures: 2 failed attempts resolving usa-saltlakecity-ca-version-2.expressnetw.com: lookup usa-saltlakecity-ca-version-2.expressnetw.com: i/o timeout
2024-02-21T17:35:06Z WARN reached the maximum number of consecutive failures: 2 failed attempts resolving netherlands-thehague-ca-version-2.expressnetw.com: lookup netherlands-thehague-ca-version-2.expressnetw.com: i/o timeout
2024-02-21T17:35:06Z WARN reached the maximum number of consecutive failures: 2 failed attempts resolving usa-sanfrancisco-ca-version-2.expressnetw.com: lookup usa-sanfrancisco-ca-version-2.expressnetw.com: i/o timeout
2024-02-21T17:35:06Z WARN reached the maximum number of consecutive failures: 2 failed attempts resolving brunei-ca-version-2.expressnetw.com: lookup brunei-ca-version-2.expressnetw.com: i/o timeout
2024-02-21T17:35:06Z WARN note: if running the update manually, you can use the flag -minratio to allow the update to succeed with less servers found
2024-02-21T17:35:06Z ERROR updating server information: getting servers: not enough servers found: 0 and expected at least 106
2024-02-21T17:35:06Z INFO Shutdown successful

I really don't understand, does someone have an idea?
I will post my docker-compose file in another message.
Thanks you

[qdm12]

In my case, I get some errors (such as 2024-02-21T17:42:22Z WARN reached the maximum number of consecutive failures: 2 failed attempts resolving us-new-york-2-ca-version-2.expressnetw.com: lookup us-new-york-2-ca-version-2.expressnetw.com on 192.168.65.7:53: no such host) but it does succeed in the end, updating the file.

Let's re-open this, I also noticed this warnings are not totally fine, some domain names should succeed. It's heavily parallel DNS resolution, and perhaps the dns server just rate limits us, so I need to fix this to be more spread over time at the very least.

[Froggy232]

Thanks, it seems that I have a more global problem with docker though, my other containers are unable to access internet too and I have made some modifications on the network config recently.
I will continue to investigate and post another message soon, but I don't think the problem come from gluetun, sorry for the disturbance.
Thanks for your support!