gluetun: Help: Very slow download speeds compared to other containers
Is this urgent?
Yes
Host OS
Ubuntu 20.04
CPU arch
x86_64
VPN service provider
Private Internet Access
What are you using to run the container
docker-compose
What is the version of Gluetun
Running version latest built on 2021-12-14T18:21:24.225Z (commit ca82fcb)
What’s the problem 🤔
The download speeds are very slow via gluetun. I have made a comparison with ghcr.io/wfg/openvpn-client and the results are night and day.
Testing with PIA on gluetun:
Testing with PIA on openvpn-client:
The performed tests are with PIA_ENCRYPTION=normal on gluetun and the open vpn configuration for normal mode on openvpn-client.
I have also tested with port worwarding disabled. No change.
Share your logs
john@ubuntu-server:~/docker-containers/vpn-stack$ docker logs gluetun
========================================
========================================
=============== gluetun ================
========================================
=========== Made with ❤️ by ============
======= https://github.com/qdm12 =======
========================================
========================================
Running version latest built on 2021-12-14T18:21:24.225Z (commit ca82fcb)
🔧 Need help? https://github.com/qdm12/gluetun/discussions/new
🐛 Bug? https://github.com/qdm12/gluetun/issues/new
✨ New feature? https://github.com/qdm12/gluetun/issues/new
☕ Discussion? https://github.com/qdm12/gluetun/discussions/new
💻 Email? quentin.mcgaw@gmail.com
💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
2022/01/19 11:43:31 INFO storage: merging by most recent 11120 hardcoded servers and 11120 servers read from /gluetun/servers.json
2022/01/19 11:43:31 INFO Alpine version: 3.15.0
2022/01/19 11:43:31 INFO OpenVPN 2.4 version: 2.4.11
2022/01/19 11:43:31 INFO OpenVPN 2.5 version: 2.5.4
2022/01/19 11:43:31 INFO Unbound version: 1.13.2
2022/01/19 11:43:31 INFO IPtables version: v1.8.7
2022/01/19 11:43:31 INFO Settings summary below:
|--VPN:
|--Type: openvpn
|--OpenVPN:
|--Version: 2.5
|--Verbosity level: 1
|--Network interface: tun0
|--Run as root: enabled
|--Encryption preset: normal
|--Private Internet Access settings:
|--Regions: greece
|--OpenVPN selection:
|--Protocol: udp
|--PIA encryption preset: normal
|--Port forwarding:
|--File path: /gluetun/forwarded_port
|--DNS:
|--Plaintext address: 1.1.1.1
|--DNS over TLS:
|--Unbound:
|--DNS over TLS providers:
|--Cloudflare
|--Listening port: 53
|--Access control:
|--Allowed:
|--0.0.0.0/0
|--::/0
|--Caching: enabled
|--IPv4 resolution: enabled
|--IPv6 resolution: disabled
|--Verbosity level: 1/5
|--Verbosity details level: 0/4
|--Validation log level: 0/2
|--Username:
|--Blacklist:
|--Blocked categories: malicious
|--Additional IP networks blocked: 13
|--Update: every 24h0m0s
|--Firewall:
|--Outbound subnets: 192.168.1.0/24
|--Log:
|--Level: INFO
|--System:
|--Process user ID: 1000
|--Process group ID: 1000
|--Timezone: europe/athens
|--HTTP proxy:
|--Port: 8888
|--Health:
|--Server address: 127.0.0.1:9999
|--Address to ping: github.com
|--VPN:
|--Initial duration: 6s
|--Addition duration: 5s
|--HTTP control server:
|--Listening port: 8000
|--Logging: enabled
|--Public IP getter:
|--Fetch period: 12h0m0s
|--IP file: /tmp/gluetun/ip
|--Github version information: enabled
2022/01/19 11:43:31 INFO routing: default route found: interface eth0, gateway 172.29.0.1
2022/01/19 11:43:31 INFO routing: local ethernet link found: eth0
2022/01/19 11:43:31 INFO routing: local ipnet found: 172.29.0.0/16
2022/01/19 11:43:31 INFO routing: default route found: interface eth0, gateway 172.29.0.1
2022/01/19 11:43:31 INFO routing: adding route for 0.0.0.0/0
2022/01/19 11:43:31 INFO firewall: firewall disabled, only updating allowed subnets internal list
2022/01/19 11:43:31 INFO routing: default route found: interface eth0, gateway 172.29.0.1
2022/01/19 11:43:31 INFO routing: adding route for 192.168.1.0/24
2022/01/19 11:43:31 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
2022/01/19 11:43:31 INFO firewall: enabling...
2022/01/19 11:43:31 INFO firewall: enabled successfully
2022/01/19 11:43:31 INFO healthcheck: listening on 127.0.0.1:9999
2022/01/19 11:43:31 INFO firewall: setting VPN connection through firewall...
2022/01/19 11:43:31 INFO dns over tls: using plaintext DNS at address 1.1.1.1
2022/01/19 11:43:31 INFO http proxy: listening on :8888
2022/01/19 11:43:31 INFO http server: listening on :8000
2022/01/19 11:43:31 INFO openvpn: OpenVPN 2.5.4 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 15 2021
2022/01/19 11:43:31 INFO openvpn: library versions: OpenSSL 1.1.1l 24 Aug 2021, LZO 2.10
2022/01/19 11:43:31 INFO openvpn: CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
2022/01/19 11:43:31 INFO openvpn: MIICWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZaMCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG9w0BAQ0FAAOCAQEAQZo9X97ci8EcPYu/uK2HB152OZbeZCINmYyluLDOdcSvg6B5jI+ffKN3laDvczsG6CxmY3jNyc79XVpEYUnq4rT3FfveW1+Ralf+Vf38HdpwB8EWB4hZlQ205+21CALLvZvR8HcPxC9KEnev1mU46wkTiov0EKc+EdRxkj5yMgv0V2Reze7AP+NQ9ykvDScH4eYCsmufNpIjBLhpLE2cuZZXBLcPhuRzVoU3l7A9lvzG9mjA5YijHJGHNjlWFqyrn1CfYS6koa4TGEPngBoAziWRbDGdhEgJABHrpoaFYaL61zqyMR6jC0K2ps9qyZAN74LEBedEfK7tBOzWMwr58A==
2022/01/19 11:43:31 INFO openvpn: -----END X509 CRL-----
2022/01/19 11:43:31 INFO openvpn: TCP/UDP: Preserving recently used remote address: [AF_INET]154.57.3.97:1198
2022/01/19 11:43:31 INFO openvpn: UDP link local: (not bound)
2022/01/19 11:43:31 INFO openvpn: UDP link remote: [AF_INET]154.57.3.97:1198
2022/01/19 11:43:32 WARN openvpn: 'link-mtu' is used inconsistently, local='link-mtu 1557', remote='link-mtu 1542'
2022/01/19 11:43:32 WARN openvpn: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2022/01/19 11:43:32 INFO openvpn: [athens402] Peer Connection Initiated with [AF_INET]154.57.3.97:1198
2022/01/19 11:43:32 INFO openvpn: TUN/TAP device tun0 opened
2022/01/19 11:43:32 INFO openvpn: /sbin/ip link set dev tun0 up mtu 1500
2022/01/19 11:43:32 INFO openvpn: /sbin/ip link set dev tun0 up
2022/01/19 11:43:32 INFO openvpn: /sbin/ip addr add dev tun0 10.6.112.5/24
2022/01/19 11:43:32 INFO openvpn: Initialization Sequence Completed
2022/01/19 11:43:32 INFO dns over tls: downloading DNS over TLS cryptographic files
2022/01/19 11:43:32 INFO healthcheck: healthy!
2022/01/19 11:43:34 INFO dns over tls: downloading hostnames and IP block lists
2022/01/19 11:43:49 WARN dns over tls: context deadline exceeded (Client.Timeout or context cancellation while reading body)
2022/01/19 11:43:49 INFO dns over tls: init module 0: validator
2022/01/19 11:43:49 INFO dns over tls: init module 1: iterator
2022/01/19 11:43:49 INFO dns over tls: start of service (unbound 1.13.2).
2022/01/19 11:43:49 INFO dns over tls: generate keytag query _ta-4a5c-4f66. NULL IN
2022/01/19 11:43:49 INFO dns over tls: generate keytag query _ta-4a5c-4f66. NULL IN
2022/01/19 11:43:50 INFO dns over tls: ready
2022/01/19 11:43:51 INFO vpn: You are running 22 commits behind the most recent latest
2022/01/19 11:43:51 INFO vpn: VPN gateway IP address: 10.6.112.1
2022/01/19 11:43:51 INFO port forwarding: Found saved forwarded port data for port 58029
2022/01/19 11:43:51 INFO port forwarding: Forwarded port data expires in 50 days
2022/01/19 11:43:51 INFO port forwarding: Port forwarded data expires in 50 days
2022/01/19 11:43:51 INFO port forwarding: port forwarded is 58029
2022/01/19 11:43:51 INFO firewall: setting allowed input port 58029 through interface tun0...
2022/01/19 11:43:51 INFO port forwarding: writing port file /gluetun/forwarded_port
2022/01/19 11:43:52 INFO ip getter: Public IP address is 154.57.3.97 (Greece, Attica, Athens)
Share your configuration
version: "3"
services:
gluetun:
image: qmcgaw/gluetun:latest
container_name: gluetun
cap_add:
- NET_ADMIN
environment:
- VPNSP=private internet access
- OPENVPN_USER=*********
- OPENVPN_PASSWORD==*********
- REGION=Greece
- PIA_ENCRYPTION=normal
- PORT_FORWARDING=on
- HTTPPROXY=on
- TZ=Europe/Athens
- FIREWALL_OUTBOUND_SUBNETS=192.168.1.0/24
- PORT_FORWARDING_STATUS_FILE=/gluetun/forwarded_port
ports:
- 9091:9091 # Transmission
- 8020:8020 # pyLoad
- 6881:6881 # Transmission
- 8040:8000 # Gluetun HTTP Control Server
- 8888:8888 # HTTP Proxy
- 8766:80 # Speed Test VPN
volumes:
- ./gluetun-data:/gluetun
sysctls:
- net.ipv6.conf.all.disable_ipv6=1
restart: unless-stopped
torrent:
container_name: transmission
image: ghcr.io/linuxserver/transmission
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Athens
volumes:
- ../transmission/transmission-config:/config
- ../transmission/downloads:/downloads
- ../transmission/watch:/watch
network_mode: service:gluetun
restart: unless-stopped
downloader:
image: lscr.io/linuxserver/pyload
container_name: pyload
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Athens
volumes:
- ../pyload/pyload-config:/config
- ../pyload/downloads:/downloads
network_mode: service:gluetun
restart: unless-stopped
speedtest:
container_name: speedtest-vpn
image: henrywhitaker3/speedtest-tracker
volumes:
- ../speedtest-vpn/speedtest-config:/config
environment:
- TZ=Europe/Athens
- PGID=1000
- PUID=1000
- OOKLA_EULA_GDPR=true
logging:
driver: "json-file"
options:
max-file: "10"
max-size: "200k"
network_mode: service:gluetun
restart: unless-stopped
About this issue
- Original URL
- State: closed
- Created 2 years ago
- Comments: 19 (8 by maintainers)
It might be depending on VPN server load. I think they (PIA) have an API to fetch the load of a server if I’m not mistaken. Other than that, I can’t really help as it can be due to a bunch of external factors (memory available, speed test server load, vpn server load, connection bandwidth, connection reliability, cpu load on your machine, to name a few)
Update:
After that reboot I mentioned earlier, I had very poor speeds even with
docker-openvpn-client.I then tried to use the configuration files with gluetun in custom provider mode. Same results (and I have to change the host name on the conf file into an ip, hostname resolved in multiple ips, so I tried one by one with various results for each one, but generally slow speeds (1,5 - 6 mbps)
Then, I changed the protocol to tcp with the
- OPENVPN_PROTOCOL=tcpenvironment variable and scheduled a speedtest to occur every 15 minutes overnight. With the exception of two consecutive runs, I’ve been getting way better speeds, around 40-70mbps.