Hello, I'm facing problems starting this wireguard container, I'm running it in a

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

Slow networking inside container,about linuxserver/docker-wireguard

Comments (20)

embarrassedmilk commented on August 17, 2024 3

Have you tried lowering MTU in your wireguard config file by any chance? I had similar problem and on my RPis (both 3 and 4) value 1380 did the trick

from docker-wireguard.

aptalca commented on August 17, 2024

Post a full log on pastebin

from docker-wireguard.

labodj commented on August 17, 2024

@aptalca you can find the log HERE

As you can see from this line

Fetched 4,098 kB in 8min 48s (7,755 B/s)

The download speed fot that specific package is 8KB/s, it's very stange, if I try do download it with normal this is the output (sorry for the italian language):

sudo apt-get install raspberrypi-kernel-headers
Lettura elenco dei pacchetti... Fatto
Generazione albero delle dipendenze
Lettura informazioni sullo stato... Fatto
I seguenti pacchetti NUOVI saranno installati:
raspberrypi-kernel-headers
0 aggiornati, 1 installati, 0 da rimuovere e 2 non aggiornati.
È necessario scaricare 24,9 MB di archivi.
Dopo quest'operazione, verranno occupati 163 MB di spazio su disco.
Scaricamento di:1 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24,9 MB]
Recuperati 24,9 MB in 6s (4.388 kB/s)

6s vs 8m48s

from docker-wireguard.

aptalca commented on August 17, 2024

That archive address is a load balancer. It automatically redirects to a mirror that's supposedly closer to you. We have no control over it. You're using the same address on host, so it's probably just coincidence that one was fast and the other was slow.

For me also sometimes the raspbian repo is extremely slow. It's just a matter of which mirror you get redirected to. Nothing we can do.

from docker-wireguard.

labodj commented on August 17, 2024

Thanks for the fast reply.
I know that that repo is a load balancer, however if I try to download that package within normal system it is fast 99% of the time, with wireguard docker image is slow 99% of the time, it's a very strange behavior IMHO, it's very reproducible.
One possible solution can be to optionally map /usr/src:/usr/src volume, if raspbian is recognized and there are needed kernel headers inside the /usr/src folder then no kernel-headers download is needed, maybe this behavior can be set with an optional flag, what do you think about this?
Another suggestion, I see that every time the container is started the kernel modules are rebuilt, is there any way to store already built modules and to use them if the version is the same that we need?
It will speed deploying a lot!

from docker-wireguard.

aptalca commented on August 17, 2024

The issue is, the container is trying to set the modules up on the host system without knowing anything about the host system. That's the biggest hurdle. The only info we have about the host is whatever we can get from the kernel info (uname -a). We do a lot of guesswork based on that.

I'll give it some thought about skipping header install. But the way I see it is, it currently works. If it's a little slow in some cases, so be it.

Kernel modules should only be rebuilt if the container is recreated, not when restarted.

from docker-wireguard.

labodj commented on August 17, 2024

I know that there are problems in system guessing inside docker images, however I find extremely strange the repeatability of this issue, this morning I rebooted my router, my modem, got a new public IP, rebooted Rpi and then I started the same package download at the exact same time, this is the result.

First round: 3s vs 12m17s
Second round, after 60m: 3s vs 12m18s

I don't know if the load balacer recognizes normal shell and docker images as different sources...
There must be a problem here.

First round - shell:

sudo apt-get remove --purge raspberrypi-kernel-headers && sudo apt-get clean && sudo apt-get autoclean && sudo apt-get autoremove && sudo apt-get install raspberrypi-kernel-headers
Lettura elenco dei pacchetti... Fatto
Generazione albero delle dipendenze
Lettura informazioni sullo stato... Fatto
I seguenti pacchetti saranno RIMOSSI:
raspberrypi-kernel-headers*
0 aggiornati, 0 installati, 1 da rimuovere e 0 non aggiornati.
Dopo quest'operazione, verranno liberati 163 MB di spazio su disco.
Continuare? [S/n] s
(Lettura del database... 144468 file e directory attualmente installati.)
Rimozione di raspberrypi-kernel-headers (1.20200212-1)...
Lettura elenco dei pacchetti... Fatto
Generazione albero delle dipendenze
Lettura informazioni sullo stato... Fatto
Lettura elenco dei pacchetti... Fatto
Generazione albero delle dipendenze
Lettura informazioni sullo stato... Fatto
0 aggiornati, 0 installati, 0 da rimuovere e 0 non aggiornati.
Lettura elenco dei pacchetti... Fatto
Generazione albero delle dipendenze
Lettura informazioni sullo stato... Fatto
I seguenti pacchetti NUOVI saranno installati:
raspberrypi-kernel-headers
0 aggiornati, 1 installati, 0 da rimuovere e 0 non aggiornati.
È necessario scaricare 24,9 MB di archivi.
Dopo quest'operazione, verranno occupati 163 MB di spazio su disco.
Scaricamento di:1 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24,9 MB]
Recuperati 24,9 MB in 3s (9.074 kB/s)

First round - Wireguard docker:

The following additional packages will be installed:
wireguard-dkms wireguard-tools
The following NEW packages will be installed:
raspberrypi-kernel-headers wireguard wireguard-dkms wireguard-tools
0 upgraded, 4 newly installed, 0 to remove and 6 not upgraded.
Need to get 25.3 MB of archives.
After this operation, 165 MB of additional disk space will be used.
Get:1 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic/main armhf wireguard-dkms all 1.0.20200413-0ubuntu218.04 [254 kB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:3 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic/main armhf wireguard-tools armhf 1.0.20200319-0ppa118.04 [78.8 kB]
Get:4 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic/main armhf wireguard all 1.0.20200319-0ppa1~18.04 [7,980 B]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Fetched 747 kB in 12min 17s (1,012 B/s)

Second round - shell:

sudo apt-get remove --purge raspberrypi-kernel-headers && sudo apt-get clean && sudo apt-get autoclean && sudo apt-get autoremove && sudo apt-get install raspberrypi-kernel-headers
Lettura elenco dei pacchetti... Fatto
Generazione albero delle dipendenze
Lettura informazioni sullo stato... Fatto
I seguenti pacchetti saranno RIMOSSI:
raspberrypi-kernel-headers*
0 aggiornati, 0 installati, 1 da rimuovere e 0 non aggiornati.
Dopo quest'operazione, verranno liberati 163 MB di spazio su disco.
Continuare? [S/n] s
(Lettura del database... 144468 file e directory attualmente installati.)
Rimozione di raspberrypi-kernel-headers (1.20200212-1)...
Lettura elenco dei pacchetti... Fatto
Generazione albero delle dipendenze
Lettura informazioni sullo stato... Fatto
Lettura elenco dei pacchetti... Fatto
Generazione albero delle dipendenze
Lettura informazioni sullo stato... Fatto
0 aggiornati, 0 installati, 0 da rimuovere e 0 non aggiornati.
Lettura elenco dei pacchetti... Fatto
Generazione albero delle dipendenze
Lettura informazioni sullo stato... Fatto
I seguenti pacchetti NUOVI saranno installati:
raspberrypi-kernel-headers
0 aggiornati, 1 installati, 0 da rimuovere e 0 non aggiornati.
È necessario scaricare 24,9 MB di archivi.
Dopo quest'operazione, verranno occupati 163 MB di spazio su disco.
Scaricamento di:1 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24,9 MB]
Recuperati 24,9 MB in 3s (9.024 kB/s)

Second round - Wireguard docker:

The following additional packages will be installed:
wireguard-dkms wireguard-tools
The following NEW packages will be installed:
raspberrypi-kernel-headers wireguard wireguard-dkms wireguard-tools
0 upgraded, 4 newly installed, 0 to remove and 6 not upgraded.
Need to get 25.3 MB of archives.
After this operation, 165 MB of additional disk space will be used.
Get:1 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic/main armhf wireguard-dkms all 1.0.20200413-0ubuntu218.04 [254 kB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:3 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic/main armhf wireguard-tools armhf 1.0.20200319-0ppa118.04 [78.8 kB]
Get:4 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic/main armhf wireguard all 1.0.20200319-0ppa1~18.04 [7,980 B]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Fetched 1,708 kB in 12min 18s (2,315 B/s)

The problem is that I use this docker image as a always on service, launching it with docker-compose up -d.
If download fails (and it happens) or I need to reboot the pi, not knowning if docker has done it's config, when the system boots up it will load automatically a non functioning wireguard image.

from docker-wireguard.

labodj commented on August 17, 2024

I have found that if I run this image with

network_mode: 'host'

instead of

ports:
  - 51820:51820/udp

This is the output:

The following additional packages will be installed:
wireguard-dkms wireguard-tools
The following NEW packages will be installed:
raspberrypi-kernel-headers wireguard wireguard-dkms wireguard-tools
0 upgraded, 4 newly installed, 0 to remove and 6 not upgraded.
Need to get 25.3 MB of archives.
After this operation, 165 MB of additional disk space will be used.
Get:1 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic/main armhf wireguard-dkms all 1.0.20200413-0ubuntu218.04 [254 kB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Get:3 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic/main armhf wireguard-tools armhf 1.0.20200319-0ppa118.04 [78.8 kB]
Get:4 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic/main armhf wireguard all 1.0.20200319-0ppa1~18.04 [7,980 B]
Fetched 25.3 MB in 3s (8,155 kB/s)

Full speed! So there must be a releation between network mode and the achieved speed... or not?

But it keeps repeating this error, since I'm using port 53 on the same machine for PiHole

wireguard | Listen: listen tcp :53: bind: address already in use

from docker-wireguard.

aptalca commented on August 17, 2024

Not sure how their load balancer works, but it's interesting.

With regards to docker-compose, instead of doing up and down, just to docker stop/start. Because up/down recreates and destroys the container, forcing rebuild of the module, whereas docker stop/start will just do a reboot of the same container.

from docker-wireguard.

labodj commented on August 17, 2024

@aptalca I perform compose pull, down & up when there is an updated image on docker hub, so I can update it, or when I need a fresh image to test things like this one we are talking about.

Did you see my last comment?

from docker-wireguard.

aptalca commented on August 17, 2024

Yeah, that's because we have coredns running on port 53, which is colliding with pihole also on port 53 when in host networking. You can try mapping an empty folder into /etc/services.d/coredns and it should prevent it from starting up

from docker-wireguard.

labodj commented on August 17, 2024

Ok, I'm going to try this now, is there any side effect not using coredns?

from docker-wireguard.

aptalca commented on August 17, 2024

No, it's really only needed when using wireguard as a server and the clients can use the wireguard server address as the dns address so the requests get forwarded to the wireguard host's dns. But if you're using pihole on the same device, and wireguard in host mode, the requests will go to pihole.

from docker-wireguard.

labodj commented on August 17, 2024

After some testing I'm not able to use network_mode: 'host'
I can prevent coredns from starting mounting
- './wireguard/empty:/etc/services.d/coredns:ro'

The log print this every 10 seconds

wireguard | s6-supervise (child): fatal: unable to exec run: No such file or directory
wireguard | s6-supervise coredns: warning: unable to spawn ./run - waiting 10 seconds

But the great problem is that with the same config when i use network_mode: 'host' I get full download speed but I cannot reach any IP other than the one of the raspberry, this interface is created on the host machine:

wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1420
inet 10.9.0.1 netmask 255.255.255.255 destination 10.9.0.1
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 65 bytes 7332 (7.1 KiB)
RX errors 0 dropped 30 overruns 0 frame 0
TX packets 31 bytes 4940 (4.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

It seems that it's dropping all RX packets...

When I use

ports:
- 51820:51820/udp

I get poor download speed but I can reach any IP on my local lan subnet and this interface is created:

veth6958f74: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 169.254.156.92 netmask 255.255.0.0 broadcast 169.254.255.255
inet6 fe80::e12:2679:1131:354d prefixlen 64 scopeid 0x20
ether 66:8c:c1:8f:c7:2c txqueuelen 0 (Ethernet)
RX packets 13525 bytes 925504 (903.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 26328 bytes 43556116 (41.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

This is my network:

Router: 192.168.21.1
Subnet: 255.255.255.0
Raspberry: 192.168.21.20
Any request on port 53 is forwarded to 192.168.21.20 via firewall rule on the router, only 192.168.21.20 can perform DNS request without being firewalled.

These are my configs
wg0.conf:
[Interface]

Address = 10.9.0.1/24
ListenPort = 51820
DNS = 192.168.21.20
PrivateKey = SECRET
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

[Peer]
PublicKey = SECRET
AllowedIPs = 10.9.0.2/32

peer1.conf:

[Interface]
Address = 10.9.0.2/32
PrivateKey = SECRET
ListenPort = 51820
DNS = 192.168.21.20

[Peer]
PublicKey = SECRET
Endpoint = secret.ddns.net:51820
AllowedIPs = 192.168.21.0/24

docker-compose.yml:

version: '3.8'
services:
  wireguard:
    hostname: wireguard
    container_name: wireguard
    image: linuxserver/wireguard:latest
    restart: always
    #network_mode: 'host'
    ports:
      - 51820:51820/udp
    environment:
      - PUID=1000
      - PGIG=1000
      - TZ=Europe/Rome
      - SERVERURL=secret.ddns.net
      - SERVERPORT=51820
      - PEERS=2
      - PEERDNS=192.168.21.20
      - INTERNAL_SUBNET=10.9.0.0
    volumes:
      - './wireguard/config:/config'
      - './wireguard/empty:/etc/services.d/coredns:ro'
      - '/lib/modules:/lib/modules'
      - '/usr/src:/usr/src'
    #sysctls:
    #  - net.ipv4.conf.all.src_valid_mark=1
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    logging:
        options:
          max-size: '10m'
          max-file: '5'

So... with host mode it doesn't work, with ports it doesn't either, I've just relaunched it and it can't build, it is timing out on launchpad IP, that ip is reachable without problem outside the container...

The following NEW packages will be installed:
raspberrypi-kernel-headers wireguard wireguard-dkms wireguard-tools
0 upgraded, 4 newly installed, 0 to remove and 6 not upgraded.
Need to get 25.3 MB of archives.
After this operation, 165 MB of additional disk space will be used.
Get:1 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic/main armhf wireguard-dkms all 1.0.20200413-0ubuntu218.04 [254 kB]
Get:2 http://archive.raspberrypi.org/debian buster/main armhf raspberrypi-kernel-headers armhf 1.20200212-1 [24.9 MB]
Err:1 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic/main armhf wireguard-dkms all 1.0.20200413-0ubuntu218.04
Connection timed out [IP: 91.189.95.83 80]

from docker-wireguard.

labodj commented on August 17, 2024

I can add this test:
I run the command
curl http://speedtest.wdc01.softlayer.com/downloads/test500.zip --output /dev/null

Inside the docker container:

% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 500M 0 1434k 0 0 22574 0 6:27:05 0:01:05 6:26:00 0
curl: (56) Recv failure: Connection reset by peer

In the host machine:

% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 500M 100 500M 0 0 8991k 0 0:00:56 0:00:56 --:--:-- 9.8M

So there is a networking problem inside the docker container, I have to try the container in another machine to see if results change.

from docker-wireguard.

labodj commented on August 17, 2024

After some testing I'm experiencing slow networking only when the container is launched in Raspberry Pi with ports option, when I launch it in my laptop using Mint 19.3 the networking is good, so there must be a problem in docker or docker-compose in Buster environment.
In Rpi i'm using
docker version 19.03.8
docker-compose version 1.25.5

I solved the problem that when it's launched with network_mode: 'host' I can only connect to Rpi IP:
the line net.ipv4.ip_forward=1 must be uncommented in /etc/sysctl.conf then reboot the Pi

BTW since I "disabled" coredns the log is cluttered with

wireguard | s6-supervise coredns: warning: unable to spawn ./run - waiting 10 seconds
wireguard | s6-supervise (child): fatal: unable to exec run: No such file or directory

Can you please provide an environment flag to disable it cleanly?

from docker-wireguard.

chah90 commented on August 17, 2024

BTW since I "disabled" coredns the log is cluttered with

wireguard | s6-supervise coredns: warning: unable to spawn ./run - waiting 10 seconds
wireguard | s6-supervise (child): fatal: unable to exec run: No such file or directory

Can you please provide an environment flag to disable it cleanly?

I solved this issue by not including an empty folder. Instead, i mount a folder with a custom run script (named "run"). I just took the original one and commented out the coredns execution, but another/empty script should work as well:

#!/usr/bin/with-contenv bash

cd /config/coredns

#exec \
#    /app/coredns -dns.port=53

Remember to make the run script executable.

from docker-wireguard.

TimDowker commented on August 17, 2024

BTW since I "disabled" coredns the log is cluttered with

wireguard | s6-supervise coredns: warning: unable to spawn ./run - waiting 10 seconds
wireguard | s6-supervise (child): fatal: unable to exec run: No such file or directory

Can you please provide an environment flag to disable it cleanly?

I solved this issue by not including an empty folder. Instead, i mount a folder with a custom run script (named "run"). I just took the original one and commented out the coredns execution, but another/empty script should work as well:
#!/usr/bin/with-contenv bash

cd /config/coredns

#exec \
#    /app/coredns -dns.port=53
Remember to make the run script executable.

Can you expand on this?

So my docker-compose volume section looks like this

volumes:
- '/docker/wireguard/config:/config'
- '/lib/modules:/lib/modules'
- '/docker/wireguard/run.sh:/etc/services.d/coredns:ro'
- '/usr/src:/usr/src'

The /docker/wireguard/run.sh file contains

#!/usr/bin/with-contenv bash

cd /config/coredns

#exec \
#    /app/coredns -dns.port=53

Is this what you have?

from docker-wireguard.

fermulator commented on August 17, 2024

fwiw:

docker-compose.yml

      - /srv/wireguard/config:/config
      - /lib/modules:/lib/modules
      - /usr/src:/usr/src
      # https://github.com/linuxserver/docker-wireguard/issues/13, https://github.com/linuxserver/docker-wireguard/issues/62
      - '/srv/wireguard/coredns:/etc/services.d/coredns:ro'

:/srv/wireguard$ cat coredns/run 
#!/usr/bin/with-contenv bash

cd /config/coredns

# DO NOT RUN COREDNS I have my own DNS
# https://github.com/linuxserver/docker-wireguard/issues/62
#exec \
#    /app/coredns -dns.port=53

happy days, also see #62

from docker-wireguard.

chah90 commented on August 17, 2024

Can you expand on this?

So my docker-compose volume section looks like this

volumes:

'/docker/wireguard/config:/config'

'/lib/modules:/lib/modules'

'/docker/wireguard/run.sh:/etc/services.d/coredns:ro'

'/usr/src:/usr/src'

Sorry for the late reply. Your script is fine, but you simply have to name it run instead of run.sh. Make it executable with chmod +x /docker/wireguard/run.
In the mount section of your compose file, just declare the folder, not the file:

volumes:
- '/docker/wireguard/config:/config'
- '/lib/modules:/lib/modules'
- '/docker/wireguard:/etc/services.d/coredns:ro'
- '/usr/src:/usr/src'

from docker-wireguard.

Slow networking inside container about docker-wireguard HOT 20 CLOSED

Comments (20)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent