Bug: Using qBittorrent with GlueTun v3.38.0 results in very low upload speeds and low ratio ( mostly 0 )
schweppes-0x opened this issue Β· comments
Is this urgent?
None
Host OS
DSM 7.2.1
CPU arch
x86_64
VPN service provider
NordVPN
What are you using to run the container
Portainer
What is the version of Gluetun
Running version v3.38.0 built on 2023-03-25 (commit b3ceece)
What's the problem π€
I have tried setting up qBittorrent to use gluetun + wireguard + nordvpn. Seems like gluetun succesfully connects to the VPN and is working well. However whenever I download something with qBittorrent, the uploading speed seems way too slow. It reaches 50Kb/s and goes down to 0 again. The ration stays mostly around 0 (max i have seen it get was 0.17). The download speeds also have declined form 1Gb/s to around 40Mb/s (not MB). There has to be an issue with how the port is forwarded on gluetun. I hope you can help me figure it out. The port i use in qbit for incoming connections is 6881
Share your logs (at least 10 lines)
| βββ Unbound settings:
| | βββ Authoritative servers:
| | | βββ cloudflare
| | βββ Caching: yes
| | βββ IPv6: no
| | βββ Verbosity level: 1
| | βββ Verbosity details level: 0
| | βββ Validation log level: 0
| | βββ System user: root
| | βββ Allowed networks:
| | βββ 0.0.0.0/0
| | βββ ::/0
| βββ DNS filtering settings:
| βββ Block malicious: yes
| βββ Block ads: no
| βββ Block surveillance: no
| βββ Blocked IP networks:
| βββ 127.0.0.1/8
| βββ 10.0.0.0/8
| βββ 172.16.0.0/12
| βββ 192.168.0.0/16
| βββ 169.254.0.0/16
| βββ ::1/128
| βββ fc00::/7
| βββ fe80::/10
| βββ ::ffff:127.0.0.1/104
| βββ ::ffff:10.0.0.0/104
| βββ ::ffff:169.254.0.0/112
| βββ ::ffff:172.16.0.0/108
| βββ ::ffff:192.168.0.0/112
βββ Firewall settings:
| βββ Enabled: yes
| βββ VPN input ports:
| | βββ 1194
| | βββ 443
| βββ Outbound subnets:
| βββ 172.20.0.0/16
| βββ 192.168.0.0/24
βββ Log settings:
| βββ Log level: info
βββ Health settings:
| βββ Server listening address: 127.0.0.1:9999
| βββ Target address: cloudflare.com:443
| βββ Duration to wait after success: 5s
| βββ Read header timeout: 100ms
| βββ Read timeout: 500ms
| βββ VPN wait durations:
| βββ Initial duration: 6s
| βββ Additional duration: 5s
βββ Shadowsocks server settings:
| βββ Enabled: no
βββ HTTP proxy settings:
| βββ Enabled: no
βββ Control server settings:
| βββ Listening address: :8000
| βββ Logging: yes
βββ OS Alpine settings:
| βββ Process UID: 1026
| βββ Process GID: 65536
| βββ Timezone: Europe/Amsterdam
βββ Public IP settings:
| βββ Fetching: every 12h0m0s
| βββ IP file path: /tmp/gluetun/ip
| βββ Public IP data API: ipinfo
βββ Server data updater settings:
| βββ Update period: 24h0m0s
| βββ DNS address: 1.1.1.1:53
| βββ Minimum ratio: 0.8
| βββ Providers to update: nordvpn
βββ Version settings:
βββ Enabled: yes
2024-06-12T17:50:03+02:00 INFO [routing] default route found: interface eth0, gateway 172.20.0.1, assigned IP 172.20.0.2 and family v4
2024-06-12T17:50:03+02:00 INFO [routing] adding route for 0.0.0.0/0
2024-06-12T17:50:03+02:00 INFO [firewall] setting allowed subnets...
2024-06-12T17:50:03+02:00 INFO [routing] default route found: interface eth0, gateway 172.20.0.1, assigned IP 172.20.0.2 and family v4
2024-06-12T17:50:03+02:00 INFO [routing] adding route for 172.20.0.0/16
2024-06-12T17:50:03+02:00 INFO [routing] adding route for 192.168.0.0/24
2024-06-12T17:50:03+02:00 INFO [dns] using plaintext DNS at address 1.1.1.1
2024-06-12T17:50:03+02:00 INFO [http server] http server listening on [::]:8000
2024-06-12T17:50:03+02:00 INFO [healthcheck] listening on 127.0.0.1:9999
2024-06-12T17:50:03+02:00 INFO [firewall] allowing VPN connection...
2024-06-12T17:50:03+02:00 INFO [wireguard] Using available kernelspace implementation
2024-06-12T17:50:03+02:00 INFO [wireguard] Connecting to [REDACTED_IP]:51820
2024-06-12T17:50:03+02:00 INFO [wireguard] Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working.
2024-06-12T17:50:03+02:00 INFO [healthcheck] healthy!
2024-06-12T17:50:03+02:00 INFO [firewall] setting allowed input port 1194 through interface tun0...
2024-06-12T17:50:03+02:00 INFO [firewall] setting allowed input port 443 through interface tun0...
2024-06-12T17:50:03+02:00 INFO [dns] downloading DNS over TLS cryptographic files
2024-06-12T17:50:04+02:00 INFO [dns] downloading hostnames and IP block lists
2024-06-12T17:50:14+02:00 INFO [dns] init module 0: validator
2024-06-12T17:50:14+02:00 INFO [dns] init module 1: iterator
2024-06-12T17:50:14+02:00 INFO [dns] start of service (unbound 1.20.0).
2024-06-12T17:50:14+02:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2024-06-12T17:50:14+02:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2024-06-12T17:50:14+02:00 INFO [dns] ready
2024-06-12T17:50:15+02:00 INFO [healthcheck] healthy!
2024-06-12T17:50:15+02:00 INFO [ip getter] Public IP address is [REDACTED_IP] (Netherlands, North Holland, Amsterdam)
2024-06-12T17:50:15+02:00 INFO [vpn] You are running on the bleeding edge of latest!
2024-06-12T18:57:16+02:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
2024-06-12T19:59:23+02:00 INFO [dns] generate keytag query _ta-4a5c-4f66. NULL IN
Share your configuration
version: '3.9'
services:
gluetun:
image: qmcgaw/gluetun:latest
container_name: gluetun
network_mode: synobridge
hostname: gluetun
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
ports:
- 8888:8888/tcp # HTTP proxy
- 8388:8388/tcp # Shadowsocks
- 8388:8388/udp # Shadowsocks
- 8080:8080 # qbittorrent
- 6881:6881 # qbittorrent
- 6881:6881/udp # qbittorrent
volumes:
- ${configPath}/gluetun:/gluetun
environment:
- PUID=${UID}
- PGID=${GID}
- TZ=${TZ}
- VPN_SERVICE_PROVIDER=nordvpn
- VPN_TYPE=wireguard
- WIREGUARD_PRIVATE_KEY=${wireguardPrivateKey}
- SERVER_COUNTRIES=${VPN_COUNTRIES}
- FIREWALL_OUTBOUND_SUBNETS=172.20.0.0/16,192.168.0.0/24
- FIREWALL_VPN_INPUT_PORTS=1194,443
- UPDATER_PERIOD=24h
labels:
- com.centurylinklabs.watchtower.enable=false
security_opt:
- no-new-privileges:true
restart: always
qbittorrent:
image: lscr.io/linuxserver/qbittorrent
container_name: qbittorrent
network_mode: service:gluetun
environment:
- PUID=${UID}
- PGID=${GID}
- TZ=${TZ}
- VERSION=latest
- WEBUI_PORT=8080
volumes:
- ${configPath}/qbit:/config
- ${mediaPath}:/media
depends_on:
- gluetun
restart: always
@qdm12 is more or less the only maintainer of this project and works on it in his free time.
Please:
- do not ask for updates, be patient
- π the issue to show your support instead of commenting
@qdm12 usually checks issues at least once a week, if this is a new urgent bug,
revert to an older tagged container image
I have tried setting up qBittorrent to use gluetun + wireguard + nordvpn.
There has to be an issue with how the port is forwarded on gluetun. I hope you can help me figure it out. The port i use in qbit for incoming connections is 6881
Looks like NordVPN does not support port forwarding:
https://nordvpn.com/blog/port-forwarding/
While NordVPN does not support port forwarding, itβs worth learning what it is and why itβs sometimes used.
I also do not see anything in your log about a port being forwarded
I would add 6881 to FIREWALL_VPN_INPUT_PORTS
, not sure it would make a difference.
As @raph521 said (thanks ποΈ) you cannot use port forwarding, so disable it in qbittorrent, and no point setting FIREWALL_VPN_INPUT_PORTS
(except opening a security hole for no reason).
The download speeds also have declined form 1Gb/s to around 40Mb/s (not MB).
What are you comparing it with? What's downloading at 1Gb/s?