You are not logged in.

#1 2023-04-13 17:33:53

arizonajoe
Member
Registered: 2022-02-22
Posts: 18

Nordvpn utilizing Nordlynx (Wireguard) not connecting...again.

I have been troubleshooting errors in NordLynx connecting properly and successfully identifying wireguard.  I have been using NordLynx technology for well over a year without issue, so this might be due to a recent upgrade.

Upon attempts to activate Nordlynx, I get this:

[user@archlinux ~]$ nordvpn c
Connecting to United States #9546 (us9546.nordvpn.com)
Whoops! Connection failed. Please try again. If the problem persists, contact our customer support.


I've been in touch with Nord support as well.  After flushing IP tables and flushing memory, running this:

$ sudo journalctl -u nordvpnd >  /home/"user"/Desktop/daemonlog.txt, the daemonlog.txt file reveals:

daemonlog.txt
(edited out repeated statements)

Apr 13 08:47:14 archlinux nordvpnd[897]: 2023/04/13 08:47:14 [Debug] picking servers for NORDLYNX technology
Apr 13 08:47:14 archlinux nordvpnd[897]: 2023/04/13 08:47:14 [Info] starting vpn
Apr 13 08:47:14 archlinux nordvpnd[897]: 2023/04/13 08:47:14 [Error] TELIO: telio_start_named: Err(AlreadyStarted)

Then a few of these:

Apr 13 08:47:14 archlinux nordvpnd[897]: 2023/04/13 08:47:14 [Warning] executing 'ip -4 rule del from all lookup main suppress_prefixlength 0' command: exit status 2: RTNETLINK answers: No such file or directory

Then:
Apr 13 08:47:14 archlinux nordvpnd[897]: 2023/04/13 08:47:14 [Warning] executing 'ip -4 rule del not from all fwmark 57841' command: exit status 2: RTNETLINK answers: No such file or directory

Then twenty of these:
Apr 13 08:47:14 archlinux nordvpnd[897]: 2023/04/13 08:47:14 [Error] opening the tunnel: starting libtelio on retry with boring-tun: 6
Apr 13 08:47:14 archlinux nordvpnd[897]: 2023/04/13 08:47:14 [Error] TELIO: libtelio-build/libtelio/crates/telio-wg/src/adapter/linux_native_wg.rs:102 LinuxNativeWg: [GET01] Unable to get interface from WireGuard. Make sure it exists and you have permissions to access it.

I have nameservers in an unwritable (chattr +i) resolv.conf set to Cloudflare unfiltered DNS (1.1.1.1,1.0.0.1)  as recommened by Nord so NetworkManager cannot re-write it.
I also had set any errant interaction between NetworkManager and Wireguard prevented by creating "unmanaged.conf"  within /etc/NetworkManager/conf.d:

 /etc/NetworkManager/conf.d/unmanaged.conf

[keyfile]
unmanaged-devices=type:wireguard

That didn't seem to help.

I'm using Plasma/KDE (no Wayland). I have nordvpn-bin 3.16.1-1 installed from snapshot (no Aur helper).  I did uninstall both nordvpn-bin and wireguard-tools, rebooted, and reinstalled both.  Problem with Nordlynx persists.

If anyone has constructive criticisms, kindly reply.  If posting in Networking is not appropriate, let me know and I will repost under Aur and delete here.

Thanks!



UPDATE: Upon bootup this morning, issue seems to have disappeared.  I have no explanation.  This might have been an ISP-related issue. Checked my ISPs modem logs and see some suspicious data errors that were not in that log yesterday.

Last edited by arizonajoe (2023-04-20 17:49:16)

Offline

#2 2023-04-15 06:15:45

DMaevsky
Member
Registered: 2023-04-15
Posts: 1

Re: Nordvpn utilizing Nordlynx (Wireguard) not connecting...again.

I have exactly the same symptoms, and it does not work. It is not an ISP problem since it works for me in Ubuntu, so there must be smth in your Arch config that helped. Would you be able to recall all steps that you tried?

UPDATE: After `nordvpn set technology openvpn` and `nordvpn set protocol tcp` it connected alright, and after switching back to `nordvpn set technology nordlynx` it still continued to work. I have no idea why it did not in the first place, but I guess this solves it.

Last edited by DMaevsky (2023-04-15 07:06:14)

Offline

#3 2023-04-19 19:34:35

Stagger Lee
Member
Registered: 2020-10-16
Posts: 6

Re: Nordvpn utilizing Nordlynx (Wireguard) not connecting...again.

The same problem for weeks now. First one laptop, other laptop and PC server were OK. Than slowly other laptop with same problem and finally PC server (Arch all). I tried everything and can use only OPENVPN technology.
And the same error preventing NORDLYNX use:

2023/04/19 21:24:49 [Error] TELIO: [repeated 100 times!] libtelio-build/libtelio/crates/telio-wg/src/adapter/linux_native_wg.rs:102 LinuxNativeWg: [GET01] Unable to get interface from WireGuard. Make sure it exists and you have permissions to access it.

Last edited by Stagger Lee (2023-04-19 19:35:28)

Offline

#4 2023-04-20 17:48:47

arizonajoe
Member
Registered: 2022-02-22
Posts: 18

Re: Nordvpn utilizing Nordlynx (Wireguard) not connecting...again.

I "UNSOLVED" this above. Things are broken for Nordlynx again today.  Tech support, reaching the end of their patience with me, said this:

"Hello, Joseph,

Thank you for your reply.

Unfortunately it appears that we will not be able to assist you any further in regards to troubleshooting your application.

The issue seems to be caused by the different implementation of this app as it was created by the Arch Linux community and not us.

In order to resolve this issue, we would recommend you contact the Arch Linux community that created this app via the Arch Linux Forums:
https://bbs.archlinux.org/

Let us know if you have any additional questions or inquiries. "

So there you go.

Last edited by arizonajoe (2023-04-20 17:50:59)

Offline

#5 2023-04-20 18:36:02

Stagger Lee
Member
Registered: 2020-10-16
Posts: 6

Re: Nordvpn utilizing Nordlynx (Wireguard) not connecting...again.

For me it is not ISP blocking NORDLYNX technology. Otherways the other laptop would not be able to use it for weeks.

Offline

#6 2023-04-20 18:45:14

arizonajoe
Member
Registered: 2022-02-22
Posts: 18

Re: Nordvpn utilizing Nordlynx (Wireguard) not connecting...again.

I am going to summarize what I did to troubleshoot this problem here.  If a forum admin or mod is unhappy with the length of this post or the way I have written it, kindly provide me with constructive criticisms or just delete it.  Maybe I should have used a pastebin more, but I wanted to respond to DMaevsky's request for troubleshooting steps.

Firstly...

In the past, Nord techs have blamed connection problems on the Linux implementation of ipv6.  Nord (and OpenVPN), to the best of my knowledge, does not yet support IPv6. But I avoid that entire issue on my Arch PCs by modifying the kernel parameter to completely disable the IPv6 stack as follows:

ipv6.disable_ipv6=1

Secondly, I have assumed that I have a defective install of the AUR Nordvpn-bin CLI binary, so I uninstalled it completely. I painstakingly double-checked the entire directory tree from root downward to delete (as root user), every errant nordvpn file that may have been left behind.

Thirdly,  I reinstall the app and avoid all AUR helpers.  In the past, I have had issues with trizen, yay, and pacaur and so I always install from AUR snapshot using makepkg. The I use the typical systemctl enablement and check to make sure I am still part of the nordvpn group. If not, I enable the daemon and then add myself as user.  Then I login to nordvpn, get the login link which opens Firefox, login via the browser, and login completes. At the command line, I type:

nordvpn c

This is what I get:

Connecting to United States #8715 (us8715.nordvpn.com)
-Whoops! Connection failed. Please try again. If the problem persists, contact our customer support.

In the OP, I was experiencing libtelio errors.  They seem to have disappeared. Now I have a different set of errors in daemonlog.txt (w/o posting the whole file here and also w/o relying on my pastebin), and after the app flushes the IP tables flushing in the filter. nat, mangle, raw, and security categories, I get this:

Apr 20 09:32:48 joesarchlinux nordvpnd[798]: 2023/04/20 09:32:48 [Debug] picking servers for NORDLYNX technology
Apr 20 09:32:48 joesarchlinux nordvpnd[798]: 2023/04/20 09:32:48 [Info] starting vpn
Apr 20 09:32:49 joesarchlinux nordvpnd[798]: 2023/04/20 09:32:49 [Warning] executing 'ip -4 rule del from all lookup main suppress_prefixlength 0' command: exit status 2: RTNETLINK answers: No such file or directory
Apr 20 09:32:49 joesarchlinux nordvpnd[798]: 2023/04/20 09:32:49 [Warning] executing 'ip -4 rule del not from all fwmark 57841' command: exit status 2: RTNETLINK answers: No such file or directory
Apr 20 09:32:49 joesarchlinux nordvpnd[798]: 2023/04/20 09:32:49 [Warning] executing 'ip -6 rule del from all lookup main suppress_prefixlength 0' command: exit status 2: RTNETLINK answers: No such file or directory
Apr 20 09:32:49 joesarchlinux nordvpnd[798]: 2023/04/20 09:32:49 [Warning] executing 'ip -6 rule del not from all fwmark 57841' command: exit status 2: RTNETLINK answers: No such file or directory
Apr 20 09:32:49 joesarchlinux nordvpnd[798]: 2023/04/20 09:32:49 [Error] opening the tunnel: setting mtu for the interface: route ip+net: no such network interface

So the app is having issues seeing the network interface. So I check the network interface:

 ip addr show

 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp8s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 2c:4d:54:46:bb:94 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.94/24 brd 192.168.1.255 scope global dynamic noprefixroute enp8s0
       valid_lft 85464sec preferred_lft 85464sec
    inet6 fe80::5b9e:5579:7b0b:e3a4/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
3: enp0s31f6: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
    link/ether 2c:4d:54:46:bb:93 brd ff:ff:ff:ff:ff:ff
4: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether c8:e2:65:0e:42:5a brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.236/24 brd 192.168.1.255 scope global dynamic noprefixroute wlan0
       valid_lft 85464sec preferred_lft 85464sec
    inet6 fe80::4350:5526:ada6:35c3/64 scope link noprefixroute
       valid_lft forever preferred_lft forever

Everything seems to be in order with my connections. I am using an ASUS high-end W/S (Workstation) board with Cat5 Ethernet and Wi-Fi functionality.  Turning one off and leaving the other on makes no difference.  Leaving both on is also fine. the VPN tunnel should protect all routes. Nordlynx still fails.

In my business, say, "When you hear hoofbeats, don't think ZEBRAS!  Think horses!  So after all of the horses won't work, I finally think "zebras" and investigate whether Wireguard-dependent NordLynx is being altered in some obscure way by NetworkManager. So I create an unmanaged.conf file here and create in:

/etc/NetworkManager/conf.d:

[keyfile]
unmanaged-devices=type:wireguard

I try to connect to a Nord server using Nordlynx technology after a reboot and it fails again.

So I am at my wits end with NordLynx.  I did message the developer (if they ever get my email) on this matter via tech support. I doubt I will hear back.

Last edited by arizonajoe (2023-04-20 20:23:08)

Offline

#7 2023-04-20 19:16:05

Stagger Lee
Member
Registered: 2020-10-16
Posts: 6

Re: Nordvpn utilizing Nordlynx (Wireguard) not connecting...again.

Almost all issues for libtelio github are about this problem. They advice to do something that was never needed to be done before.

https://github.com/NordSecurity/libtelio/issues

Offline

#8 2023-04-20 23:59:55

arizonajoe
Member
Registered: 2022-02-22
Posts: 18

Re: Nordvpn utilizing Nordlynx (Wireguard) not connecting...again.

More nordvpn angst. 

Now nordvpn openvpn technology is giving me issues on both Archlinux machines on two different ISPs.

After activating nordvpn with openvpn technology with udp protocol as the chosen protocol, this is the status:

$ nordvpn status
Status: Connected
Hostname: us9757.nordvpn.com
IP: 181.214.70.114
Country: United States
City: Los Angeles
Current technology: OPENVPN
Current protocol: TCP
Transfer: 5.98 KiB received, 18.97 KiB sent
Uptime: 28 seconds

Notice the app's refusal to use UDP protocol, a protocol that is exquisitely good for transmission of large packets and the desirable protocol for files that size that I must transmit.

So I disconnect the vpn and then reboot to reset the network adapter to insure a clean vpn connection. I then flush the IP tables and restart the NetworkManager daemon:

$ sudo iptables -F INPUT
$ sudo iptables -F OUTPUT
$ sudo iptables -P INPUT ACCEPT
$ sudo iptables -P OUTPUT ACCEPT
$ sudo systemctl restart NetworkManager

Then I insure a proper route showing both:

$ ip route show default
default via 192.168.1.1 dev enp8s0 proto dhcp src 192.168.1.94 metric 100
default via 192.168.1.1 dev wlan0 proto dhcp src 192.168.1.236 metric 600

And make sure that my current Ethernet adapter and WiFi adapter are "UP:"

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp8s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 2c:4d:54:46:bb:94 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.94/24 brd 192.168.1.255 scope global dynamic noprefixroute enp8s0
       valid_lft 85464sec preferred_lft 85464sec
    inet6 fe80::5b9e:5579:7b0b:e3a4/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
3: enp0s31f6: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
    link/ether 2c:4d:54:46:bb:93 brd ff:ff:ff:ff:ff:ff
4: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether c8:e2:65:0e:42:5a brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.236/24 brd 192.168.1.255 scope global dynamic noprefixroute wlan0
       valid_lft 85464sec preferred_lft 85464sec
    inet6 fe80::4350:5526:ada6:35c3/64 scope link noprefixroute
       valid_lft forever preferred_lft forever

I finally recheck that my protocol is set to udp for the large video files I wish to upload to my remote server by repeating a command to set udp as the protocol, and the app admonishes me with output that "Protocol is already set to udp:"

$ nordvpn set protocol udp
Protocol is already set to 'UDP'.

So I happily look forward to a nice openvpn connection using the UDP PROTOCOL and this follows:

$ nordvpn c
Connecting to United States #8716 (us8716.nordvpn.com)
You are connected to United States #8716 (us8716.nordvpn.com)!

But I'll only believe it when I check nordvpn status:

$ nordvpn status
Status: Connected
Hostname: us8716.nordvpn.com
IP: 192.145.119.136
Country: United States
City: Phoenix
Current technology: OPENVPN
Current protocol:TCP
Transfer: 218 B received, 228 B sent
Uptime: 7 seconds

And my hope is dashed.

Similar results on my other Arch box.  Ideas?

Last edited by arizonajoe (2023-04-21 00:34:51)

Offline

#9 2023-04-21 07:09:46

-thc
Member
Registered: 2017-03-15
Posts: 485

Re: Nordvpn utilizing Nordlynx (Wireguard) not connecting...again.

My suggestion: If you have a box or vm that still connects - use the NordVPN app to connect and extract all relevant data as described in detail here:

https://gist.github.com/bluewalk/7b3db0 … 76a42eaad3

Set up your own WireGuard connection with the Arch network management of your choice.

A "wg-quick" compatible configuration file would look like this:

[Interface]
Address = 10.5.0.2/32                     # from "ifconfig nordlynx"
PrivateKey = xxxx                         # from "sudo wg show nordlynx private-key"

[Peer]
PublicKey = xxxx                          # from "sudo wg show nordlynx public-key"
AllowedIPs = 0.0.0.0/0                    # full tunnel VPN - all traffic routed through WireGuard
Endpoint = nordvpn-server:51820           # from the server details via "curl -s "https://api.nordvpn.com....."

Offline

#10 2023-04-22 20:13:08

arizonajoe
Member
Registered: 2022-02-22
Posts: 18

Re: Nordvpn utilizing Nordlynx (Wireguard) not connecting...again.

Thanks, -thc, for the wg-quick config suggestion. I'll try it when I have some time.  My new ASUS router has wireguard support, so that should be interesting to try.

I did get a response back from Nordvpn on these issues:

"Thank you for getting back to us.

We are aware of the Nordlynx issues on NordVPN-supported Linux systems and our developers are currently investigating them.

Regarding issues with Arch Linux distribution, thank you for the additional information you provided."

I do suspect that when Nord developers get the "supported" Linux systems NordLynx and openvpn issues fixed, the Archlinux "fix" would likely be automatic.

Offline

#11 2023-06-09 19:57:13

Stagger Lee
Member
Registered: 2020-10-16
Posts: 6

Re: Nordvpn utilizing Nordlynx (Wireguard) not connecting...again.

Seems as it is fixed now. At least on Desktop PC, will check later on Notebook.

Offline

Board footer

Powered by FluxBB