Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature request: traffic based healthcheck #1856

Open
dfadev opened this issue Sep 10, 2023 · 3 comments
Open

Feature request: traffic based healthcheck #1856

dfadev opened this issue Sep 10, 2023 · 3 comments
Labels
Category: Firewall ⛓️ Category: Good idea 🎯 This is a good idea, judged by the maintainers Category: Healthcheck 🩺 Complexity: ☣️ Hard to do

Comments

@dfadev
Copy link

dfadev commented Sep 10, 2023

What's the feature 🧐

Make the healthcheck optionally monitor packet counts to determine if a connection is still healthy.

Extra information and references

On a saturated connection, the healthcheck can fail but the interface is still passing packets.

gluetun8  | 2023-09-10T06:46:16-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T07:22:16-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T08:47:20-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T10:14:43-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T10:42:06-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T10:48:13-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T11:01:26-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T11:08:39-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T11:16:27-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T11:30:09-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T11:39:52-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T11:49:42-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T12:00:05-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T12:05:05-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T12:12:26-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T12:18:27-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T12:25:06-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T12:30:48-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T12:42:29-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T12:43:34-04:00 INFO [healthcheck] program has been unhealthy for 1m5s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T13:03:42-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T13:09:09-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T13:50:17-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T14:02:53-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T14:12:44-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T14:17:49-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T14:22:30-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T14:35:59-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T14:47:51-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T14:57:49-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T15:09:35-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T15:17:11-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T15:21:27-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T15:32:24-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T15:37:58-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T15:47:26-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T15:53:46-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T15:59:42-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T16:08:55-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T16:13:47-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T16:21:47-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T16:22:52-04:00 INFO [healthcheck] program has been unhealthy for 1m5s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T16:38:54-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T16:47:37-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T16:48:42-04:00 INFO [healthcheck] program has been unhealthy for 1m5s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T17:02:17-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T17:07:03-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T17:12:52-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T17:14:41-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T17:18:59-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T17:20:05-04:00 INFO [healthcheck] program has been unhealthy for 1m5s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T17:21:25-04:00 INFO [healthcheck] program has been unhealthy for 1m10s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T17:26:14-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T17:32:32-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T17:39:38-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T17:47:43-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T17:55:35-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T18:01:37-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T18:07:03-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T18:08:08-04:00 INFO [healthcheck] program has been unhealthy for 1m5s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T18:14:04-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T18:21:03-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T18:26:13-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T18:27:18-04:00 INFO [healthcheck] program has been unhealthy for 1m5s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T18:39:10-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T18:48:48-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T18:59:13-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
gluetun8  | 2023-09-10T19:05:01-04:00 INFO [healthcheck] program has been unhealthy for 1m0s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
@qdm12
Copy link
Owner

qdm12 commented Sep 12, 2023

It's not because packets get sent through the interface that the connection is working right? Or are you talking about receiving packets? What's your use case to monitor packets versus the current tcp dialing to 1.1.1.1:443?

@dfadev
Copy link
Author

dfadev commented Sep 14, 2023
edited
Loading

It's for torrenting over links with high latency and lots of bandwidth management, like cellular. When there are a high number of peers the healthcheck begins to fail even though traffic is still being exchanged.

For a quick POC, I added this patch:

diff --git a/internal/healthcheck/health.go b/internal/healthcheck/health.go
index 2cd61426..8aa1b3ac 100644
--- a/internal/healthcheck/health.go
+++ b/internal/healthcheck/health.go
@@ -5,6 +5,7 @@ import (
        "errors"
        "fmt"
        "net"
+       "os"
        "time"
 )
 
@@ -63,6 +64,10 @@ func (s *Server) runHealthcheckLoop(ctx context.Context, done chan<- struct{}) {
 }
 
 func (s *Server) healthCheck(ctx context.Context) (err error) {
+       if os.Getenv("DISABLE_HEALTH_TCP") == "true" {
+               return nil
+       }
+
        // TODO use mullvad API if current provider is Mullvad
 
        address, err := makeAddressToDial(s.config.TargetAddress)

And use this for the healthcheck in docker-compose:

  test: ["CMD-SHELL", "packet_count=$$(cat /sys/class/net/tun0/statistics/rx_packets); sleep 2; new_packet_count=$$(cat /sys/class/net/tun0/statistics/rx_packets); if [ ! -z $$new_packet_count ] && [ $$new_packet_count -le $$packet_count ]; then exit 1; fi"]

With DISABLE_HEALTH_TCP set to true, and the custom healthcheck command set, I can push the connection to about 7500 peers without the VPN restarting at all. Without, the TCP check starts to recycle the VPN when the peer count reaches about 2500.

Restarting the VPN is not ideal because it takes time to handshake that many connections and unnecessary because some peer connections are still able to exchange traffic.

@qdm12
Copy link
Owner

qdm12 commented Aug 17, 2024

This will eventually be added thanks to #2411 which parses iptables results, and gets packets/bytes sent for each chain rule. We can use that to monitor traffic.

qdm12 added a commit that referenced this issue Aug 17, 2024
@qdm12
fix(firewall): delete chain rules by line number (#2411)
bc55c25 
- Fix #2334 
- Parsing of iptables chains, contributing to progress for #1856
jfroy pushed a commit to jfroy/gluetun that referenced this issue Aug 18, 2024
@qdm12 @jfroy
fix(firewall): delete chain rules by line number (qdm12#2411)
ed8da55 
- Fix qdm12#2334 
- Parsing of iptables chains, contributing to progress for qdm12#1856
qdm12 added a commit that referenced this issue Sep 29, 2024
@qdm12
fix(firewall): delete chain rules by line number (#2411)
c33158c 
- Fix #2334
- Parsing of iptables chains, contributing to progress for #1856
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Category: Firewall ⛓️ Category: Good idea 🎯 This is a good idea, judged by the maintainers Category: Healthcheck 🩺 Complexity: ☣️ Hard to do
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@qdm12 @dfadev and others