starred/docker-ipsec-vpn-server

Fork 0

mirror of https://github.com/hwdsl2/docker-ipsec-vpn-server.git synced 2026-04-26 01:55:53 +03:00

[GH-ISSUE #19] FATAL ERROR using docker image #16

New issue

Closed

opened 2026-03-02 07:11:05 +03:00 by kerem · 7 comments

kerem commented

2026-03-02 07:11:05 +03:00

Owner

Originally created by @joanbono on GitHub (Jan 13, 2017).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/19

Some messages:

pluto[2619]: FATAL ERROR: Failed to bind bcast socket in init_netlink() - Perhaps kernel was not compiled with CONFIG_XFRM. Errno 1: Operation not permitted

pluto[3576]: FATAL ERROR: Failed to bind bcast socket in init_netlink() - Perhaps kernel was not compiled with CONFIG_XFRM. Errno 1: Operation not permitted

pluto[3895]: FATAL ERROR: Failed to bind bcast socket in init_netlink() - Perhaps kernel was not compiled with CONFIG_XFRM. Errno 1: Operation not permitted

pluto[5171]: FATAL ERROR: Failed to bind bcast socket in init_netlink() - Perhaps kernel was not compiled with CONFIG_XFRM. Errno 1: Operation not permitted

Docker versio:

$ docker -v
Docker version 1.12.5, build 7392c3b

Originally created by @joanbono on GitHub (Jan 13, 2017). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/19 Some messages: ~~~~ pluto[2619]: FATAL ERROR: Failed to bind bcast socket in init_netlink() - Perhaps kernel was not compiled with CONFIG_XFRM. Errno 1: Operation not permitted pluto[3576]: FATAL ERROR: Failed to bind bcast socket in init_netlink() - Perhaps kernel was not compiled with CONFIG_XFRM. Errno 1: Operation not permitted pluto[3895]: FATAL ERROR: Failed to bind bcast socket in init_netlink() - Perhaps kernel was not compiled with CONFIG_XFRM. Errno 1: Operation not permitted pluto[5171]: FATAL ERROR: Failed to bind bcast socket in init_netlink() - Perhaps kernel was not compiled with CONFIG_XFRM. Errno 1: Operation not permitted ~~~~ Docker versio: ~~~~ $ docker -v Docker version 1.12.5, build 7392c3b ~~~~

kerem closed this issue

2026-03-02 07:11:05 +03:00

kerem commented

2026-03-02 07:11:06 +03:00

Author

Owner

@hwdsl2 commented on GitHub (Jan 13, 2017):

@joanbono Hello! What is your host OS version (e.g. Ubuntu 14.04) and kernel version (uname -a)? What command did you use to start the docker container? It looks like your server's kernel is missing some support for IPsec XFRM (see: [1] [2]).

[1] https://lists.openswan.org/pipermail/users/2009-February/016168.html
[2] https://lists.openswan.org/pipermail/users/2007-November/013480.html

@hwdsl2 commented on GitHub (Jan 13, 2017): @joanbono Hello! What is your host OS version (e.g. Ubuntu 14.04) and kernel version (`uname -a`)? What command did you use to start the docker container? It looks like your server's kernel is missing some support for IPsec XFRM (see: [1] [2]). [1] https://lists.openswan.org/pipermail/users/2009-February/016168.html [2] https://lists.openswan.org/pipermail/users/2007-November/013480.html

kerem commented

2026-03-02 07:11:06 +03:00

Author

Owner

@joanbono commented on GitHub (Jan 13, 2017):

Maybe that's the problem... I'm using a Mac OS X 10.11.6 x86_64.

The program works fine (the script), running on a Debian 8.6, by the way.

If you're not going to solve that, no problem, will use docker for Debian inside a VM.

@joanbono commented on GitHub (Jan 13, 2017): Maybe that's the problem... I'm using a Mac OS X 10.11.6 x86_64. The program works fine (the script), running on a Debian 8.6, by the way. If you're not going to solve that, no problem, will use docker for Debian inside a VM.

kerem commented

2026-03-02 07:11:06 +03:00

Author

Owner

@hwdsl2 commented on GitHub (Jan 13, 2017):

@joanbono Thanks for the update. The VPN container was only designed for use with Linux as the Docker host. Therefore please use the alternative approach you mentioned (docker for Debian inside a VM).

@hwdsl2 commented on GitHub (Jan 13, 2017): @joanbono Thanks for the update. The VPN container was only designed for use with Linux as the Docker host. Therefore please use the alternative approach you mentioned (docker for Debian inside a VM).

kerem commented

2026-03-02 07:11:06 +03:00

Author

Owner

@wahackr commented on GitHub (Feb 11, 2018):

having the same issue when trying to run the installation script inside a container in resin/rpi-raspbian in Pi3

@wahackr commented on GitHub (Feb 11, 2018): having the same issue when trying to run the installation script inside a container in resin/rpi-raspbian in Pi3

kerem commented

2026-03-02 07:11:06 +03:00

Author

Owner

@hwdsl2 commented on GitHub (Feb 11, 2018):

@wahbigbig Hello there! The VPN setup scripts are not designed to be used in your scenario (inside a container in resin/rpi-raspbian in Pi3). It could work outside the container by installing on the RPi directly.

@hwdsl2 commented on GitHub (Feb 11, 2018): @wahbigbig Hello there! The VPN setup scripts are not designed to be used in your scenario (inside a container in resin/rpi-raspbian in Pi3). It could work outside the container by installing on the RPi directly.

kerem commented

2026-03-02 07:11:06 +03:00

Author

Owner

@wahackr commented on GitHub (Feb 11, 2018):

@hwdsl2 yes, i know, just wondering any solution to fix it so i can run it on my Pi container

@wahackr commented on GitHub (Feb 11, 2018): @hwdsl2 yes, i know, just wondering any solution to fix it so i can run it on my Pi container

kerem commented

2026-03-02 07:11:06 +03:00

Author

Owner

@adam-nielsen commented on GitHub (Aug 7, 2020):

If anyone else is here from Google, I had to run the Docker container with the --privileged flag to fix this problem.

@adam-nielsen commented on GitHub (Aug 7, 2020): If anyone else is here from Google, I had to run the Docker container with the `--privileged` flag to fix this problem.

kerem referenced this issue

2026-03-02 08:01:23 +03:00

[GH-ISSUE #351] 更新镜像导致无法链接？deleting state (STATE_V2_PARENT_R0) aged 0.000293s and NOT sending notification #326