Transmission Jail looses connection (no buffer space available)

[Dotslash]

Configured the Plugin with this https://github.com/amussey/FreeNAS-Transmission-OpenVPN over UDP.

my openvpn log :

Code:

Tue Oct 27 17:57:51 2015 us=54220 Data Channel MTU parms [ L:1558 D:1300 EF:58 EB:143 ET:0 EL:3 AF:3/1 ]
Tue Oct 27 17:57:51 2015 us=54233 Fragmentation MTU parms [ L:1558 D:1300 EF:57 EB:143 ET:1 EL:3 AF:3/1 ]
Tue Oct 27 17:57:51 2015 us=54258 Local Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,cipher AES-256-CBC,auth MD5,keysize 256,key-method 2,tls-client'
Tue Oct 27 17:57:51 2015 us=54267 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1558,tun-mtu 1500,proto UDPv4,comp-lzo,mtu-dynamic,cipher AES-256-CBC,auth MD5,keysize 256,key-method 2,tls-server'
Tue Oct 27 17:57:51 2015 us=54286 Local Options hash (VER=V4): '8f40a5db'
Tue Oct 27 17:57:51 2015 us=54297 Expected Remote Options hash (VER=V4): '6ce7e20d'
Tue Oct 27 17:58:06 2015 us=56183 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 17:58:26 2015 us=59165 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 17:58:46 2015 us=62166 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 17:59:06 2015 us=65167 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 17:59:26 2015 us=68166 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 17:59:46 2015 us=71165 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:00:06 2015 us=74170 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:00:26 2015 us=77165 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:00:46 2015 us=80165 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:01:06 2015 us=83178 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:01:26 2015 us=86165 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:01:46 2015 us=89166 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:02:06 2015 us=92167 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:02:26 2015 us=95167 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:02:46 2015 us=98166 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:03:06 2015 us=101165 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:03:26 2015 us=104165 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:03:46 2015 us=107165 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:04:06 2015 us=110167 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:04:26 2015 us=113167 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:04:46 2015 us=116166 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:05:06 2015 us=119165 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:05:26 2015 us=122169 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:05:46 2015 us=125164 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:06:06 2015 us=128164 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:06:26 2015 us=131163 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:06:46 2015 us=143158 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:07:06 2015 us=146165 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:07:26 2015 us=149165 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:07:46 2015 us=152165 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:08:06 2015 us=155168 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:08:26 2015 us=158165 RESOLVE: Cannot resolve host address: 1-ro.cg-dialup.net: hostname nor servname provided, or not known
Tue Oct 27 18:08:31 2015 us=172569 UDPv4 link local: [undef]
Tue Oct 27 18:08:31 2015 us=172604 UDPv4 link remote: [AF_INET]5.254.97.83:443
Tue Oct 27 18:08:31 2015 us=218576 TLS: Initial packet from [AF_INET]5.254.97.83:443, sid=0ecf611f 2384bbcc
Tue Oct 27 18:08:31 2015 us=218623 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Oct 27 18:08:31 2015 us=470068 VERIFY OK: depth=1, C=DE, O=CyberGhost VPN, OU=CyberGhost, CN=CyberGhost
Tue Oct 27 18:08:31 2015 us=470226 Validating certificate key usage
Tue Oct 27 18:08:31 2015 us=470239 ++ Certificate has key usage  00a0, expects 00a0
Tue Oct 27 18:08:31 2015 us=470249 VERIFY KU OK
Tue Oct 27 18:08:31 2015 us=470259 Validating certificate extended key usage
Tue Oct 27 18:08:31 2015 us=470268 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Tue Oct 27 18:08:31 2015 us=470276 VERIFY EKU OK
Tue Oct 27 18:08:31 2015 us=470283 VERIFY OK: depth=0, C=RO, ST=RO, L=Bucharest, O=CyberGhost VPN, OU=CyberGhost, CN=CyberGhost, name=CyberGhost VPN, emailAddress=webmaster@cyberghostvpn.com
Tue Oct 27 18:08:32 2015 us=348673 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Tue Oct 27 18:08:32 2015 us=348709 Data Channel Encrypt: Using 128 bit message hash 'MD5' for HMAC authentication
Tue Oct 27 18:08:32 2015 us=348721 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Tue Oct 27 18:08:32 2015 us=348731 Data Channel Decrypt: Using 128 bit message hash 'MD5' for HMAC authentication
Tue Oct 27 18:08:32 2015 us=348756 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Tue Oct 27 18:08:32 2015 us=348797 [CyberGhost] Peer Connection Initiated with [AF_INET]5.254.97.83:443
Tue Oct 27 18:08:34 2015 us=642167 SENT CONTROL [CyberGhost]: 'PUSH_REQUEST' (status=1)
Tue Oct 27 18:08:34 2015 us=685788 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 95.169.183.219,dhcp-option DNS 89.41.60.38,dhcp-option DNS 37.221.175.198,comp-lzo yes,route 10.129.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.129.39.246 10.129.39.245'
Tue Oct 27 18:08:34 2015 us=685872 OPTIONS IMPORT: timers and/or timeouts modified
Tue Oct 27 18:08:34 2015 us=685883 OPTIONS IMPORT: LZO parms modified
Tue Oct 27 18:08:34 2015 us=685891 OPTIONS IMPORT: --ifconfig/up options modified
Tue Oct 27 18:08:34 2015 us=685899 OPTIONS IMPORT: route options modified
Tue Oct 27 18:08:34 2015 us=685906 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Tue Oct 27 18:08:34 2015 us=685949 ROUTE_GATEWAY 192.168.99.1
Tue Oct 27 18:08:34 2015 us=686046 TUN/TAP device /dev/tun0 opened
Tue Oct 27 18:08:34 2015 us=686063 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Oct 27 18:08:34 2015 us=686081 /sbin/ifconfig tun0 10.129.39.246 10.129.39.245 mtu 1500 netmask 255.255.255.255 up
Tue Oct 27 18:08:34 2015 us=687018 /FreeNAS-Transmission-OpenVPN/scripts/start_transmission.sh tun0 1500 1558 10.129.39.246 10.129.39.245 init

my var/log/messages:

Code:

Oct 27 09:12:55 transmission_1 transmission-daemon[65865]: UDP Failed to set receive buffer: No buffer space available (tr-udp.c:59)
Oct 27 09:12:55 transmission_1 transmission-daemon[65865]: UDP Failed to set receive buffer: requested 4194304, got 42080 (tr-udp.c:78)
Oct 27 09:13:05 transmission_1 transmission-daemon[70119]: UDP Failed to set receive buffer: No buffer space available (tr-udp.c:59)
Oct 27 09:13:05 transmission_1 transmission-daemon[70119]: UDP Failed to set receive buffer: requested 4194304, got 42080 (tr-udp.c:78)
Oct 27 09:43:39 transmission_1 transmission-daemon[70119]: DHT dht.transmissionbt.com:6881: hostname nor servname provided, or not known (tr-dht.c:126)
Oct 27 09:44:50 transmission_1 transmission-daemon[70119]: DHT dht.transmissionbt.com:6881: hostname nor servname provided, or not known (tr-dht.c:126)
Oct 27 09:45:42 transmission_1 transmission-daemon[70119]: DHT dht.transmissionbt.com:6881: hostname nor servname provided, or not known (tr-dht.c:126)
Oct 27 09:46:20 transmission_1 transmission-daemon[70119]: DHT dht.transmissionbt.com:6881: hostname nor servname provided, or not known (tr-dht.c:126)
Oct 27 09:47:09 transmission_1 transmission-daemon[70119]: DHT dht.transmissionbt.com:6881: hostname nor servname provided, or not known (tr-dht.c:126)
Oct 27 09:47:44 transmission_1 transmission-daemon[70119]: DHT dht.transmissionbt.com:6881: hostname nor servname provided, or not known (tr-dht.c:126)
Oct 27 18:08:36 transmission_1 transmission-daemon[45459]: UDP Failed to set receive buffer: No buffer space available (tr-udp.c:59)
Oct 27 18:08:36 transmission_1 transmission-daemon[45459]: UDP Failed to set receive buffer: requested 4194304, got 42080 (tr-udp.c:78)

i found a few threads about this issue and they told to change the sysctl.conf:
https://falkhusemann.de/blog/2012/07/transmission-utp-and-udp-buffer-optimizations/
here are other options to change:
https://forums.freenas.org/index.ph...iled-to-set-receive-buffer-please-help.15203/

Now the Jail stops working every hour and stay online one day when i am lucky.
So now i am asking: What is the correct way to change the value in the sysctl https://doc.freenas.org/9.3/freenas_system.html#tunables with the same values as above or is there a new way to do this?
I really don't want to break anything so i am asking you guys...

THANKS!

 

[Dotslash]

changed the values in the pbi:

kern.ipc.maxsockbuf=5242880
net.inet.udp.recvspace=4194304

now i get this error after the reboot:

Code:

Oct 27 21:56:33 transmission_1 syslogd: exiting on signal 15

Oct 27 21:56:38 transmission_1 syslogd: kernel boot file is /boot/kernel/kernel

Code:

FreeBSD transmission_1 9.3-RELEASE-p26 FreeBSD 9.3-RELEASE-p26 #0 r281084+93c5885: Mon Sep 28 13:25:20 PDT 2015     root@build3.ixsystems.com:/tank/home/stable-builds/FN/objs/os-base/amd64/tank/home/stable-builds/FN/FreeBSD/src/sys/FREENAS.amd64  amd64

 

[Dotslash]

in case you wonder if it comes from hardware limitations, my ram is chosen close but should make it.

 

[jgreco]

Please post a summary of your hardware platform, especially including your Ethernet hardware and whatever switch you're using. It is not normal to lose connectivity on a network interface, which seems like what is happening here. We request that users always post this information when describing problems because it is so often relevant to resolving their issues.

 

[Dotslash]

Mainboard is a Asrock E3C224D2I
Networking Hardware one of the onboard network cards
16 gb Ecc Ram
Cat6e wired to an R7000 Router with stock firmware
behind the R7000 is an cheapo Modem from my ISP (i hate this thing but here in Germany you are forced to take this crap when you want to have fast internet)

Things i've tried so far:

• reinstall the Transmission Jail
• reinstall the FreeNAS OS
• change the two values in the Sysctl --> See Exit code above
• checked randomized Port on launch
• unchecked uTP

The Network interface is tun0, i could set up a second jail and seed a lot of Unix dvds over the normal interface or install my traceroute to see any packet errors.
Sometimes the Connection here has timeouts i talk every 2 Weeks to the ISP but this house is from pre-war times and i am lucky to have a fast connection here.
If there is no other solution to get rid of this error, i could talk to my roommates about a fallback internet connection. Forgot to mention that.
And i have a spare switch here i could wire up to the modem, but the r7000 is not so slow and the most times my roommates access Plex via AC-Wifi.

Thank you for your advice this problem drives me crazy...

 

[Dotslash]

i try to setup the VPN with this guide https://forums.freenas.org/index.ph...g-up-transmission-with-openvpn-and-pia.24566/ tomorow

 

[jgreco]

Okay, so I should clarify this: it's the Transmission jail and not the NAS itself that's losing connectivity, right?

When the OpenVPN instance cannot connect to "1-ro.cg-dialup.net" ... can you resolve that name from the FreeNAS CLI? ("host 1-ro.cg-dialup.net")

Because what I'm thinking is that this is some sort of thing where OpenVPN gets stuck not being able to reinitialize when it loses a connection. That means that packet data intended to be sent would be piling up in the tunnel buffer, because the connection's down, until ultimately it fills and emits a completely reasonable error.

I make extensive use of jails and OpenVPN here, but not for this sort of thing, so I'm kind of trolling around for an answer.

Guessing that maybe you're pointing the jail's default route out the OpenVPN, in order to avoid packet inspection by your ISP? What's the routing table look like in the jail? "netstat -rn"?

 

[Dotslash]

yes, only the transmission jail looses connection

I am thinking that too, but i tried to change the buffer size so it could send the packet data when it has connection. Or is there a better way to to this? like ipfw?

Correct, i want to avoid packet inspection so the Jail has a default route through tun0

Code:

Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
0.0.0.0/1          10.129.38.81       UGS         0    13673   tun0 =>
default            192.168.99.1       UGS         0      338 epair6
5.254.97.69/32     192.168.99.1       UGS         0    16891 epair6
10.129.0.1/32      10.129.38.81       UGS         0        0   tun0
10.129.38.81       link#3             UH          0        0   tun0
10.129.38.82       link#3             UHS         0        0    lo0
127.0.0.1          link#1             UH          0       10    lo0
128.0.0.0/1        10.129.38.81       UGS         0     3626   tun0
192.168.99.0/24    link#2             U           0     1608 epair6
192.168.99.9       link#2             UHS         0        0    lo0

Internet6:
Destination                       Gateway                       Flags      Netif Expire
::/96                             ::1                           UGRS        lo0
::1                               link#1                        UH          lo0
::ffff:0.0.0.0/96                 ::1                           UGRS        lo0
fe80::/10                         ::1                           UGRS        lo0
fe80::%lo0/64                     link#1                        U           lo0
fe80::1%lo0                       link#1                        UHS         lo0
ff01::%lo0/32                     ::1                           U           lo0
ff02::/16                         ::1                           UGRS        lo0
ff02::%lo0/32 

 

[jgreco]

The buffer size has nothing to do with it. If you have a water pipe that's capped at one end, it doesn't matter how long or what the diameter of the pipe is, eventually if you put water into it, it'll fill and have nowhere to go.

What you need is to allow your OpenVPN to do the things it needs in order to establish a connection. You're breaking that by sending 0/1 and 128/1 down the VPN tunnel.

Type the following within the jail:

# /sbin/route add -net 5.254.97.0 -netmask 0xffffff00 192.168.99.1

This will at least allow the OpenVPN client to reach its servers. However, you probably also need to add a route for whatever nameserver you're using. If you're using Google, 8.8.8.8 for example, in /etc/resolv.conf, then do

# /sbin/route add 8.8.8.8 192.168.99.1

Lather/rinse/repeat until OpenVPN can work. Then modify your rc script in the jail accordingly. Then you're about 80% more likely to have this work for you.

 

[verinas]

The buffer size has nothing to do with it. If you have a water pipe that's capped at one end, it doesn't matter how long or what the diameter of the pipe is, eventually if you put water into it, it'll fill and have nowhere to go.

What you need is to allow your OpenVPN to do the things it needs in order to establish a connection. You're breaking that by sending 0/1 and 128/1 down the VPN tunnel.

Type the following within the jail:

# /sbin/route add -net 5.254.97.0 -netmask 0xffffff00 192.168.99.1

This will at least allow the OpenVPN client to reach its servers. However, you probably also need to add a route for whatever nameserver you're using. If you're using Google, 8.8.8.8 for example, in /etc/resolv.conf, then do

# /sbin/route add 8.8.8.8 192.168.99.1

Lather/rinse/repeat until OpenVPN can work. Then modify your rc script in the jail accordingly. Then you're about 80% more likely to have this work for you.

Where 5.254.97.0 is what exactly?