Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUG] ERROR plugin/errors 127.0.0.1:34667->127.0.0.11:53: i/o timeout #363

Open
1 task done
alvarosaavedrau opened this issue Nov 11, 2024 · 8 comments
Open
1 task done

Comments

@alvarosaavedrau
Copy link

Is there an existing issue for this?

  • I have searched the existing issues

Current Behavior

When i start the docker container I get the following errors:

wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:34667->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:54278->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:35046->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:44201->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:60032->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:33721->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:46056->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:48920->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:40361->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:57673->127.0.0.11:53: i/o timeout

I configure the connection and it's not working.
Inside the container the nameserver is 127.0.0.11, how can this be changed?

Expected Behavior

No response

Steps To Reproduce

This is the docker compose:

services:
  wireguard:
    image: lscr.io/linuxserver/wireguard:latest
    container_name: wireguard
    cap_add:
      - NET_ADMIN
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Etc/UTC
      - SERVERURL=mydomain.duckdns.org #optional
      - SERVERPORT=51820 #optional
      - PEERS=1 #optional
      - PEERDNS=8.8.8.8 #optional
      - INTERNAL_SUBNET=10.13.13.0 #optional
      - ALLOWEDIPS=0.0.0.0/0 #optional
      - PERSISTENTKEEPALIVE_PEERS= #optional
      - LOG_CONFS=true #optional
    volumes:
      - ./config:/config
      - /lib/modules:/lib/modules #optional
    ports:
      - 51820:51820/udp
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    restart: unless-stopped

Environment

- OS: Debian GNU/Linux 12 (bookworm)
- How docker service was installed: apt repository
- Docker version: Docker version 27.3.1, build ce12230
- Kernel OS version: 6.1.0-27-amd64

CPU architecture

x86-64

Docker creation

docker compose up -d

Container logs

[+] Running 2/2
 ✔ Network wireguard_default  Created                                                                                                                                                  0.2s
 ✔ Container wireguard        Started                                                                                                                                                  0.6s
wireguard  | [migrations] started
wireguard  | [migrations] no migrations found
wireguard  | ───────────────────────────────────────
wireguard  |   _____ __ __ _____ _____ _____ _____
wireguard  |  |     |  |  |   __|_   _|     |     |
wireguard  |  |   --|  |  |__   | | | |  |  | | | |
wireguard  |  |_____|_____|_____| |_| |_____|_|_|_|
wireguard  |        _____ __ __ _ __    ____
wireguard  |       | __  |  |  | |  |  |    \
wireguard  |       | __ -|  |  | |  |__|  |  |
wireguard  |       |_____|_____|_|_____|____/
wireguard  |
wireguard  |   Based on images from linuxserver.io
wireguard  | ───────────────────────────────────────
wireguard  |
wireguard  | To support the app dev(s) visit:
wireguard  | WireGuard: https://www.wireguard.com/donations/
wireguard  |
wireguard  | To support LSIO projects visit:
wireguard  | https://www.linuxserver.io/donate/
wireguard  |
wireguard  | ───────────────────────────────────────
wireguard  | GID/UID
wireguard  | ───────────────────────────────────────
wireguard  |
wireguard  | User UID:    1000
wireguard  | User GID:    1000
wireguard  | ───────────────────────────────────────
wireguard  | Linuxserver.io version:
wireguard  | Build-date:
wireguard  | ───────────────────────────────────────
wireguard  |
wireguard  | Uname info: Linux 0451f56fb8ca 6.1.0-27-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.115-1 (2024-11-01) x86_64 GNU/Linux
wireguard  | **** It seems the wireguard module is already active. Skipping kernel header install and module compilation. ****
wireguard  | **** Server mode is selected ****
wireguard  | **** External server address is set to mydomain.duckdns.org ****
wireguard  | **** External server port is set to 51820. Make sure that port is properly forwarded to port 51820 inside this container ****
wireguard  | **** Internal subnet is set to 10.13.13.0 ****
wireguard  | **** AllowedIPs for peers 0.0.0.0/0 ****
wireguard  | **** Peer DNS servers will be set to 8.8.8.8 ****
wireguard  | **** No wg0.conf found (maybe an initial install), generating 1 server and 1 peer/client confs ****
wireguard  | PEER 1 QR code (conf file is saved under /config/peer1):
wireguard  | ███████████                                    █████████████████████
wireguard  | ███████████                                    █████████████████████
wireguard  | ████ ▄▄▄▄▄                                     ▄▀▀█ ██  █ ▄▄▄▄▄ ████
wireguard  | ████ █   █                                     ▄ ▄▄▄▀ ▄ █ █   █ ████
wireguard  | ████ █▄▄▄█                                     ▄ ▀▄ ▀ ▄██ █▄▄▄█ ████
wireguard  | ████▄▄▄▄▄▄▄                                     █ ▀▄█▄█▄█▄▄▄▄▄▄▄████
wireguard  | ████ ▄██▄▄▄                                    ▀ ▄  █ ▀█▀▀ █▄▄▄ ████
wireguard  | ████▄ ▄██▀▄                                    ▀▄▄▄▀█ █ ▄ ▄█▀ █▀████
wireguard  | █████▀██ ▀▄                                     ▀█ ▄█ ▀▄▄ ▄  ▄▀▀████
wireguard  | ████▀█▄▀▄▄▄                                    ▀██▀  ▄▄▄▀  ▄█▀▀█████
wireguard  | ██████ ▄▄▄▄                                    ▄▄█▀▄▀ ▀██▀▀ ██▀█████
wireguard  | ████▄▄█▀▄▀▄                                    ▀▄▀ ▀▄  █▀ ▄██▀▀▀████
wireguard  | ████▄█▀ ██▄                                     ██▄ █ ▀▄▀▀█▄█ ██████
wireguard  | █████▄▄▀▀▀▄                                    ▀▄█ ▀▀▄   █▄▀█ ▀▀████
wireguard  | █████  █▄ ▄                                     ▀█ ▄▄ ▀█  ▀▄█   ████
wireguard  | █████▄ ▀█▄▄                                    ▀▄▀▀▀█▄█  ▄▀▀  ██████
wireguard  | ████▄ ▀▄ ▄▄                                    ▄▀▄▄ █▀█ ▄▄▄  ▄▄▄████
wireguard  | ████▀█▄▄ █▄                                    ▀ ▀▄▀ ▄▀ █▄█ █ ▀█████
wireguard  | █████▀██▄▄▄                                     ██ ▄▀ ▀▄    ▀███████
wireguard  | ████ █▀ ▀▄▄                                    ▀▀  ▀  ▀ ▀▀███ ██████
wireguard  | ████▄█ █▄█▄                                     ██▀ ▄▀█ ▄ █▀▀  ▄████
wireguard  | ████▄▄▀▄█▀▄                                    █▀██▄ ▄██▀█ ▀▄▀▄▀████
wireguard  | █████ ▄ █▀▄                                     ▄█▄ ▄ █▀  █ ▄▄  ████
wireguard  | ████  ▄█▄ ▄                                    ▀▀▀█▄ ▄ ▄▀▀██▄▀ █████
wireguard  | ████▀▀▀▀▄ ▄                                    ▄ █▄▄▄ ▀ ▀▄█▀▀▀▀▄████
wireguard  | ████  ▀▄ ▄▄                                    ▄█▀█ █▄▀ ▀▀ ██ ▀█████
wireguard  | █████▀▄▀▄▀▄                                     ▄   █▀█  ▄▀▀▀ █ ████
wireguard  | ████▀▀ ▄ ▄▄                                     █▄█▀ ▄▀█▄▀█▄▄▀██████
wireguard  | ████▄▄▄▄██▄                                     ▄██   ▀ ▄▄▄ ▀███████
wireguard  | ████ ▄▄▄▄▄                                     █▄▀ ██▄▄ █▄█ ▄ █▀████
wireguard  | ████ █   █                                       █ ▄▄▀█  ▄ ▄▀▄▄▀████
wireguard  | ████ █▄▄▄█                                     ▀   ▀▀▄▀▄ ▄ █▄  █████
wireguard  | ████▄▄▄▄▄▄▄                                    ▄█▄▄▄█▄▄▄███▄▄█▄▄████
wireguard  | ███████████                                    █████████████████████
wireguard  | ███████████                                    █████████████████████
wireguard  | [custom-init] No custom files found, skipping...
wireguard  | .:53
wireguard  | CoreDNS-1.11.1
wireguard  | linux/amd64, go1.22.5,
wireguard  | **** Found WG conf /config/wg_confs/wg0.conf, adding to list ****
wireguard  | **** Activating tunnel /config/wg_confs/wg0.conf ****
wireguard  | [#] ip link add wg0 type wireguard
wireguard  | [#] wg setconf wg0 /dev/fd/63
wireguard  | [#] ip -4 address add 10.13.13.1 dev wg0
wireguard  | [#] ip link set mtu 1420 up dev wg0
wireguard  | [#] ip -4 route add 10.13.13.2/32 dev wg0
wireguard  | [#] iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth+ -j MASQUERADE
wireguard  | **** All tunnels are now active ****
wireguard  | [ls.io-init] done.
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:34667->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:54278->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:35046->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:44201->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:60032->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:33721->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:46056->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:48920->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:40361->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6780460100946070619.6865542407581703521. HINFO: read udp 127.0.0.1:57673->127.0.0.11:53: i/o timeout
Copy link

Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.

@aptalca
Copy link
Member

aptalca commented Nov 11, 2024

You're using a custom build, which we don't provide support for. The issue is likely related to whatever was added to or modified in the image

@alvarosaavedrau
Copy link
Author

alvarosaavedrau commented Nov 11, 2024

What do you mean custom build? I am using lscr.io/linuxserver/wireguard:latest docker image, same that appears in README.md
The config directory is autogenerated with the container start, also the configuration.

@aptalca
Copy link
Member

aptalca commented Nov 11, 2024

Your log is showing CUSTOM BUILD instead of LSIO and the build version and date are missing.

Here's the start of my log for reference:

[migrations] started
[migrations] no migrations found
───────────────────────────────────────

      ██╗     ███████╗██╗ ██████╗
      ██║     ██╔════╝██║██╔═══██╗
      ██║     ███████╗██║██║   ██║
      ██║     ╚════██║██║██║   ██║
      ███████╗███████║██║╚██████╔╝
      ╚══════╝╚══════╝╚═╝ ╚═════╝

   Brought to you by linuxserver.io
───────────────────────────────────────

To support the app dev(s) visit:
WireGuard: https://www.wireguard.com/donations/

To support LSIO projects visit:
https://www.linuxserver.io/donate/

───────────────────────────────────────
GID/UID
───────────────────────────────────────

User UID:    1000
User GID:    1000
───────────────────────────────────────
Linuxserver.io version: 1.0.20210914-r4-ls55
Build-date: 2024-10-10T11:23:38+00:00
───────────────────────────────────────

You can delete whatever custom image you have and pull our official image again.

@alvarosaavedrau
Copy link
Author

I have deleted the image I had download and start a new docker compose up -d:

➜  wireguard git:(main) ✗ docker compose up -d && docker compose logs -f
[+] Running 9/9
 ✔ wireguard Pulled                                                                                                                                                                                                                   3.2s 
   ✔ 68c4ea3779b6 Already exists                                                                                                                                                                                                      0.0s 
   ✔ df25a931801a Already exists                                                                                                                                                                                                      0.0s 
   ✔ ab0ddebe54a6 Already exists                                                                                                                                                                                                      0.0s 
   ✔ 19f39f464468 Already exists                                                                                                                                                                                                      0.0s 
   ✔ 7560e3e46aa2 Already exists                                                                                                                                                                                                      0.0s 
   ✔ 339ecd878087 Already exists                                                                                                                                                                                                      0.0s 
   ✔ 9ea7304f0e93 Pull complete                                                                                                                                                                                                       1.3s 
   ✔ 10f057cc120c Pull complete                                                                                                                                                                                                       1.3s 
[+] Running 2/2
 ✔ Network wireguard_default  Created                                                                                                                                                                                                 0.2s 
 ✔ Container wireguard        Started                                                                                                                                                                                                 0.6s 
wireguard  | [migrations] started
wireguard  | [migrations] no migrations found
wireguard  | ───────────────────────────────────────
wireguard  | 
wireguard  |       ██╗     ███████╗██╗ ██████╗
wireguard  |       ██║     ██╔════╝██║██╔═══██╗
wireguard  |       ██║     ███████╗██║██║   ██║
wireguard  |       ██║     ╚════██║██║██║   ██║
wireguard  |       ███████╗███████║██║╚██████╔╝
wireguard  |       ╚══════╝╚══════╝╚═╝ ╚═════╝
wireguard  | 
wireguard  |    Brought to you by linuxserver.io
wireguard  | ───────────────────────────────────────
wireguard  | 
wireguard  | To support the app dev(s) visit:
wireguard  | WireGuard: https://www.wireguard.com/donations/
wireguard  | 
wireguard  | To support LSIO projects visit:
wireguard  | https://www.linuxserver.io/donate/
wireguard  | 
wireguard  | ───────────────────────────────────────
wireguard  | GID/UID
wireguard  | ───────────────────────────────────────
wireguard  | 
wireguard  | User UID:    1000
wireguard  | User GID:    1000
wireguard  | ───────────────────────────────────────
wireguard  | Linuxserver.io version: 1.0.20210914-r4-ls55
wireguard  | Build-date: 2024-10-10T11:23:38+00:00
wireguard  | ───────────────────────────────────────
wireguard  |     
wireguard  | Uname info: Linux c9e5eb9fcb47 6.1.0-27-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.115-1 (2024-11-01) x86_64 GNU/Linux
wireguard  | **** It seems the wireguard module is already active. Skipping kernel header install and module compilation. ****
wireguard  | **** Server mode is selected ****
wireguard  | **** External server address is set to mydomain.duckdns.org ****
wireguard  | **** External server port is set to 51820. Make sure that port is properly forwarded to port 51820 inside this container ****
wireguard  | **** Internal subnet is set to 10.13.13.0 ****
wireguard  | **** AllowedIPs for peers 0.0.0.0/0 ****
wireguard  | **** PEERDNS var is either not set or is set to "auto", setting peer DNS to 10.13.13.1 to use wireguard docker host's DNS. ****
wireguard  | **** No wg0.conf found (maybe an initial install), generating 1 server and 1 peer/client confs ****
wireguard  | PEER 1 QR code (conf file is saved under /config/peer1):
wireguard  | ████████████████████████████████               ██████████████████
wireguard  | ████████████████████████████████               ██████████████████
wireguard  | ████ ▄▄▄▄▄ █  ▀██ ▀▄▄▀▄ ▄▀▀▄▄█▄                ▄▄██▄▀█ ▄▄▄▄▄ ████
wireguard  | ████ █   █ █ █  ██▄  ▄ ▀█▄█▀▀▀ █               ▄ ▄ ▀▄█ █   █ ████
wireguard  | ████ █▄▄▄█ █▀█▀ ▀ ▀ ██ █ █▀▀▄▄▄                ▀▄▄▀█▄█ █▄▄▄█ ████
wireguard  | ████▄▄▄▄▄▄▄█▄▀ ▀ ▀ ▀▄█▄█ ▀▄█▄█ ▀               █ █▄▀▄█▄▄▄▄▄▄▄████
wireguard  | ████ ▄▀▀  ▄█▀▄▄ █▄█▀▄  ▄  █ ▀▄▄▀               ▄▀▄ ▀▀▀█▄█▄ ▄ ████
wireguard  | ████  █ ▄█▄▄▀▀▀█▀▄█ █▀▀ █  ▀ █▄                ▀██▄ ▄  ▀▀▀ ▀ ████
wireguard  | ████▄▄▀ █▀▄▄▄ ▄▀█▄██▄▄▀▀ ██▄ ▀ ▄               ▀█▄▀   █▀▀█▀▄▄████
wireguard  | ████ ▀ ▀ ▀▄  ▄▄▀▀▀█ ▀▀▀▄██▄▀█▀▀▀               █▀ ▄ █▄█▀▀▀▄█▄████
wireguard  | ████▀█▀ ▀▀▄█▀████▄ ██▀ █▄██▀█▄▀▄               ▀▀▀█▀▀ ▄▄ ▀▄█ ████
wireguard  | ████ █▄▄▀ ▄█ ▄▀▄█  ██▄█▄▄▄ ▄▄▀██               ▄ ▄▄███▀ ▀ ██▄████
wireguard  | ████▀▄█▀▄▀▄█ █▄▀▀▄▀▄█▀   ▀█ ▀▄ ▄               ▄▀▀ ▄▀▀ ▄▄ █ ▀████
wireguard  | ████▄█▄▀▀ ▄▀▀ ▀  ▀▄▀ ▄▄███ ▀█ ▀▄               ▀ ▀▄▄█▄▀▀▀ █▀ ████
wireguard  | ████ █▄█ ▄▄█▀▀▀█ █▀▄▄▄ █ ▄█▀ █▄                ▄█▄ ▄█ ▄▄█▀▀▄█████
wireguard  | ████▀▄██▀ ▄▀ ▀▄▄▄█ █▀▀█▀▄▀▀▀██▄█               █▄█▄▀▄▀  █▄▄▀▄████
wireguard  | ████▄ ██▄ ▄▀▀▄▄  █▀▀▀▄▄▄▄██▀▄▄▄▀               ██▀▀ █ ▄ ▄▄▀▀▄████
wireguard  | ████ █▄  ▄▄▄ █▄▀   ▄█▀▀▀ ▀▄▄  ▀▄               ▄ ███ ▄▄▄ ▀▄█ ████
wireguard  | ████ ▄▄▀ █▄█ ▄▀▀▄▀   ▄▀      ▄▀▄                ▀▀█  █▄█ ▄▄ █████
wireguard  | ████ ▀█ ▄ ▄ ▄█▀█▄▄█▄▀▀ █▄▀█▄█▄ █                ▄▀▄▀▄ ▄ ▄▀▄ ▄████
wireguard  | █████▀▀▀▀▀▄█▀ ▀██▀ ▄▄▄▀▄ ▄▄  ▀▀▀               ▀▀▀▀ ██▀  ▀▀▄▀████
wireguard  | ████ ▀▀▀  ▄█ ▀▀█▄  ▄ ▀ ▄ ▀▄ ▀▀█▄               ▀   ▄▀█▄▄  ▄▄▄████
wireguard  | ████ ▀▄▀▀ ▄ ▄▄ █ ▄ ▀█▄ ▄▀▄▀▀  ▄▄               ▄▀█ ▄ ▄▀▀▀█▀▄█████
wireguard  | ████ █▀▄▀█▄█▄ ▀▄ ██ ▄▀█▄ ▄ ▄▄█▀                 ██▄▄▀ ▀ ▄▀▀▄ ████
wireguard  | █████  ▀█▄▄▀█▄▀███▀▄█▀▄▀ █▄▄ ▄▄▄               ▀▀▄▀▄▄▄▀  ▄▀ ▄████
wireguard  | ████▄ ▄▀ ▄▄  ▄▄▀█▄█▀ █▀▄█▀▄▀█▄▀▀                ▄█▄█ ▄▄█▄▄▄  ████
wireguard  | ████▄▄ ▄█▀▄██▀ ▄ █▀█▄▄▄▄ ▀▄████▄               ▀ ▄▀█▀ █▄ ▄▀▀█████
wireguard  | █████▄   █▄█  ▄▄▄ ██▀▄█ ▄▄  █▀█▄               ▄ ▄▄▀▄█ ▄▄▀█ ▄████
wireguard  | ████▀▄█  ▀▄█▀▄█ █▀ ██▀   ▀█▀ ▄ ▄               █▀    ▄█▀▀▄▀▄▀████
wireguard  | ████▀█▄ █▄▄█▄▄▀█ ▄ ▀▀▄▄ █▀▀██                  ▀ ▀▄██ ▄██▀█▄ ████
wireguard  | █████▄▄█▄█▄▄▀▄▄███▄ █ ▄▄▀▄▀▄▀▀▄▀               ███▀▄ ▄▄▄ ▄▀ ▀████
wireguard  | ████ ▄▄▄▄▄ █▀▀ █ ▀█▄ ▀▀▄▀▄█▄▀██                ▄▄█▄▀ █▄█  █▄ ████
wireguard  | ████ █   █ █▄  ██ ▄▀▀▄█▄▄▄█▀▄▄▄▀                ▀███▄ ▄ ▄▄ ▄▄████
wireguard  | ████ █▄▄▄█ █▀  ▀██▄▄█▀▀▀ ▀▄▄ ▀▀▄               ▄▄▄██ ▄▀███▄  ████
wireguard  | ████▄▄▄▄▄▄▄█▄███▄██▄██▄▄█▄▄▄▄███               ▄████▄▄▄▄▄█▄▄█████
wireguard  | ████████████████████████████████               ██████████████████
wireguard  | ████████████████████████████████               ██████████████████
wireguard  | [custom-init] No custom files found, skipping...
wireguard  | .:53
wireguard  | CoreDNS-1.11.1
wireguard  | linux/amd64, go1.22.5, 
wireguard  | **** Found WG conf /config/wg_confs/wg0.conf, adding to list ****
wireguard  | **** Activating tunnel /config/wg_confs/wg0.conf ****
wireguard  | [#] ip link add wg0 type wireguard
wireguard  | [#] wg setconf wg0 /dev/fd/63
wireguard  | [#] ip -4 address add 10.13.13.1 dev wg0
wireguard  | [#] ip link set mtu 1420 up dev wg0
wireguard  | [#] ip -4 route add 10.13.13.2/32 dev wg0
wireguard  | [#] iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth+ -j MASQUERADE
wireguard  | **** All tunnels are now active ****
wireguard  | [ls.io-init] done.
wireguard  | [ERROR] plugin/errors: 2 6816366887243386286.5252008697047402673. HINFO: read udp 127.0.0.1:42176->127.0.0.11:53: i/o timeout
wireguard  | [ERROR] plugin/errors: 2 6816366887243386286.5252008697047402673. HINFO: read udp 127.0.0.1:51140->127.0.0.11:53: i/o timeout

Same error occurs, with the official image.

@aptalca
Copy link
Member

aptalca commented Nov 11, 2024

looks like a coredns error. 127.0.0.11 is the docker dns resolver address

Did you modify coredns settings at all?

Did you install docker from the official docker repo? https://docs.docker.com/engine/install/debian/#install-using-the-repository

@alvarosaavedrau
Copy link
Author

Yes, I installed docker with the apt repository in official mode, I have test tu fully uninstall docker https://docs.docker.com/engine/install/debian/#uninstall-docker-engine and installed from zero https://docs.docker.com/engine/install/debian/#install-using-the-repository and geting same error.

I have read this https://stackoverflow.com/questions/62968807/dns-resolution-in-docker-containers and create that file they mention but same error in wireguard logs...:

➜  wireguard git:(main) ✗ cat /etc/docker/daemon.json
{
    "dns": ["8.8.8.8"]
}

Looking inside de wireguard container in /etc/resolv.conf the nameserver is 127.0.0.11 true. Dont know why.

➜  wireguard git:(main) ✗ docker exec -it wireguard cat /etc/resolv.conf
# Generated by Docker Engine.
# This file can be edited; Docker Engine will not make further changes once it
# has been modified.

nameserver 127.0.0.11
search station
options ndots:0

# Based on host file: '/etc/resolv.conf' (internal resolver)
# ExtServers: [8.8.8.8]
# Overrides: [nameservers]
# Option ndots from: internal

@alvarosaavedrau
Copy link
Author

If I configure the dns options in the docker compose, no modification occurs:

dns:
  - 8.8.8.8

➜  wireguard git:(main) ✗ docker exec -it wireguard cat /etc/resolv.conf
# Generated by Docker Engine.
# This file can be edited; Docker Engine will not make further changes once it
# has been modified.

nameserver 127.0.0.11
search station
options ndots:0

# Based on host file: '/etc/resolv.conf' (internal resolver)
# ExtServers: [8.8.8.8]
# Overrides: [nameservers]
# Option ndots from: internal

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: Issues
Development

No branches or pull requests

2 participants