시놀로지 나스에서 도커를 활용해 transmission-openvpn를 사용하던 와중 어느날 갑자기 정상적인 실행이 되지 않았습니다. 로그를 확인해보니 컨테이너를 시작하자마자 'initial DNS resolution test failed' 라는 문구를 출력하고 있었습니다.
실행 후 로그에 기록된 전체 에러 메시지는 다음과 같습니다.
2022-12-20T04:01:28.434730942Z stdout 2022-12-20 04:01:28 SIGTERM[soft,init_instance] received, process exiting
2022-12-20T04:01:28.434631143Z stdout 2022-12-20 04:01:28 Could not determine IPv4/IPv6 protocol
2022-12-20T04:01:28.433930035Z stdout 2022-12-20 04:01:28 RESOLVE: Cannot resolve host address: XXXX:1195 (Temporary failure in name resolution)
2022-12-20T04:01:13.414024313Z stdout 2022-12-20 04:01:13 RESOLVE: Cannot resolve host address: XXXX:1195 (Temporary failure in name resolution)
2022-12-20T04:00:58.405949608Z stdout 2022-12-20 04:00:58 RESOLVE: Cannot resolve host address: XXXX:1195 (Temporary failure in name resolution)
2022-12-20T04:00:48.394840549Z stdout 2022-12-20 04:00:48 RESOLVE: Cannot resolve host address: XXXX:1195 (Temporary failure in name resolution)
2022-12-20T04:00:38.388340438Z stdout 2022-12-20 04:00:38 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2022-12-20T04:00:38.388120755Z stdout 2022-12-20 04:00:38 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2022-12-20T04:00:38.382605396Z stdout 2022-12-20 04:00:38 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2022-12-20T04:00:38.382403253Z stdout 2022-12-20 04:00:38 WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
2022-12-20T04:00:38.382036231Z stdout 2022-12-20 04:00:38 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
2022-12-20T04:00:38.381956359Z stdout 2022-12-20 04:00:38 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 14 2022
2022-12-20T04:00:38.381647980Z stdout 2022-12-20 04:00:38 WARNING: --keysize is DEPRECATED and will be removed in OpenVPN 2.6
2022-12-20T04:00:38.378650504Z stdout 2022-12-20 04:00:38 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2022-12-20T04:00:38.371178856Z stdout adding route to local network 192.168.219.0/24 via 172.17.0.1 dev eth0
2022-12-20T04:00:38.302544093Z stdout Setting OpenVPN credentials...
2022-12-20T04:00:38.293049446Z stdout Modification: Updating status for config failure detection
2022-12-20T04:00:38.288337170Z stdout Modification: Remap SIGUSR1 signal to SIGTERM, avoid OpenVPN restart loop
2022-12-20T04:00:38.283659035Z stdout Modification: Set output verbosity to 3
2022-12-20T04:00:38.280020925Z stdout Modification: Change tls-crypt keyfile path
2022-12-20T04:00:38.275433539Z stdout Modification: Update/set resolv-retry to 15 seconds
2022-12-20T04:00:38.266161881Z stdout Modification: Change ping options
2022-12-20T04:00:38.262546809Z stdout Modification: Change ca certificate path
2022-12-20T04:00:38.262295209Z stdout Modification: Point auth-user-pass option to the username/password file
2022-12-20T04:00:38.262117609Z stdout Modifying /etc/openvpn/custom/default.ovpn for best behaviour in this container
2022-12-20T04:00:38.257849493Z stdout Using OpenVPN provider: CUSTOM
2022-12-20T04:00:38.252507596Z stdout Creating TUN device /dev/net/tun
2022-12-20T04:00:38.251909635Z stdout WARNING: initial DNS resolution test failed
2022-12-20T04:00:23.218699188Z stdout Starting container with revision: XXXX
제 경우에는 내부 아이피와 한국 IP만 접속할 수 있게 설정해둔 시놀로지 방화벽 설정 때문에 생긴 오류였습니다. 시놀로지 방화벽을 꺼주었더니 정상 작동했습니다.
이 상태에서 다시 컨테이너를 시작하면 'initial DNS resolution test failed' 문구를 띄우지않고 정상적으로 실행됩니다.
'NAS' 카테고리의 다른 글
시놀로지 NAS 자체 라이브 스트리밍 서버 구축 (0) | 2023.12.16 |
---|---|
시놀로지 나스에서 도커를 활용해 transmission-openvpn 설치하기 (0) | 2023.01.06 |
시놀로지 역방향 프록시 HSTS 오작동 해결 (0) | 2023.01.06 |
시놀로지 나스 도커 transmission-ovpn 웹서버 https 접속하기 (0) | 2022.12.24 |