Why does bonjour break OpenClaw on some VPS hosts?

Because bonjour depends on local-network discovery behavior that many VPS and restricted container environments do not support cleanly. In the fresh field report behind this guide, the bonjour advertiser became stuck in probing and then triggered an unhandled CIAO PROBING CANCELLED rejection that crashed the gateway.

What is the fastest recovery?

Disable the bonjour plugin, then restart the gateway. That was the working field workaround on April 26 and is the right first move when mDNS discovery is not useful in your VPS environment anyway.

Should I use bonjour on a VPS at all?

Usually only if you have a specific local-network discovery use case and you know your network supports it. Most VPS deployments do not benefit from bonjour enough to justify startup risk.

Does this mean my provider model or API keys are wrong?

No. This crash happens during plugin startup and local service advertisement, before model routing or provider credentials become the main issue.

Blog

OpenClaw bonjour crash loop on VPS? Disable the wrong plugin fast

Problem statement: your OpenClaw gateway starts, looks briefly healthy, and then falls straight into a crash loop with Unhandled promise rejection: CIAO PROBING CANCELLED. If bonjour is enabled and you are running on a VPS or a restricted container network, the simplest explanation is often the right one: the gateway is trying to use local-network discovery in an environment where local-network discovery is the wrong tool.

Why this one surprises operators

The gateway can reach a ready-looking state before the crash happens.
The error text mentions bonjour internals, not a plain-language VPS networking mismatch.
People keep debugging providers, API keys, or Docker images even though the crash is earlier than all of that.
The fix is often simple, but only after you stop assuming every enabled plugin belongs on every host type.

Evidence from the field

GitHub issue #72075 was opened on 2026-04-26 after a reproducible gateway crash loop on a Linux VPS.
The captured logs showed bonjour advertiser probing getting stuck, then an unhandled CIAO PROBING CANCELLED rejection, followed by the gateway process exiting.
The reported environment was a VPS where mDNS or UDP port 5353 was likely restricted or simply not a good fit for how the host network behaved.
The practical field workaround was to disable the bonjour plugin, after which the gateway started normally.

What bonjour is actually for

Bonjour helps software announce itself on a local network so nearby machines can discover it automatically. That can be useful on a laptop, home network, or office LAN where devices share the same broadcast-friendly environment. It is much less useful on a rented VPS that lives behind provider networking rules, containers, NAT layers, and firewall policies you do not fully control.

In other words, bonjour is not “generally good.” It is good when your deployment actually needs local discovery. If your OpenClaw instance lives on a VPS and your real access path is a domain, reverse proxy, Tailscale, browser relay, or other explicit remote-access method, bonjour usually adds more startup surface area than value.

Why a VPS is the wrong home for this plugin so often

mDNS is local-network oriented: many VPS networks do not expose or prioritize that style of discovery.
Containers can blur host identity: probing hostnames inside containerized environments is less predictable than on a flat LAN.
Firewall defaults are usually conservative: UDP 5353 is frequently restricted or irrelevant.
Your actual access path is usually explicit anyway: domains, dashboards, tunnels, and relays do not need bonjour.

How the failure usually appears in logs

The fresh report showed a sequence that looked roughly like this: bonjour advertiser probing took too long, OpenClaw tried to restart the advertiser, the plugin logged an advertised state that never became healthy, and then the runtime threw CIAO PROBING CANCELLED as an unhandled promise rejection. Systemd then saw the main process exit and restarted the gateway, which created the loop.

[plugins] bonjour: restarting advertiser (service stuck in probing ...)
[plugins] bonjour: advertised gateway ... state=unannounced
[openclaw] Unhandled promise rejection: CIAO PROBING CANCELLED
systemd: openclaw-gateway.service: Main process exited, status=1/FAILURE

Once you see that pattern, stop debugging your LLM provider or channel tokens. This is a startup plugin mismatch.

Fast diagnostic workflow

1) Confirm bonjour is enabled

That sounds obvious, but it matters. If bonjour is disabled already, this guide is not your answer.

2) Check whether the crash happens after readiness but during plugin startup

In the fresh report, the gateway got far enough into startup to look alive before the bonjour failure crashed it. That timing helps separate bonjour crash loops from basic boot failures.

3) Look for probing or advertiser language in the log

Phrases like stuck in probing, advertised gateway, or CIAO PROBING CANCELLED point squarely at bonjour and mDNS advertisement rather than the rest of the platform.

4) Ask the practical question: do you actually need local discovery here?

Most VPS operators do not. If you already connect through a dashboard, a stable domain, Tailscale, or another explicit route, bonjour is usually optional at best.

Step-by-step recovery plan

1) Disable bonjour

This is the working field workaround and the right first move if your instance lives on a VPS.

openclaw plugins disable bonjour

2) Restart the gateway

The crash loop will continue until you restart with the bonjour plugin out of the startup path.

openclaw gateway restart

3) Watch one full clean startup

You are looking for boring behavior now: no advertiser probing loop, no unhandled bonjour rejection, and no immediate service exit.

4) Verify your real access method still works

Test the path you actually use in practice, such as your domain, proxy, browser relay, or Tailscale route. If that works, you have likely lost nothing important by disabling bonjour.

5) Keep bonjour off unless you can justify it

The default safe posture on a VPS is simple: if a plugin is only helping with local-network discovery and your deployment is not a local network device, leave it disabled.

Fix once. Stop recurring bonjour VPS crash loops.

If this keeps coming back, you can move your existing setup to managed OpenClaw cloud hosting instead of rebuilding the same stack. Import your current instance, keep your context, and move onto a runtime with lower ops overhead.

Import flow in ~1 minute
Keep your current instance context
Run with managed security and reliability defaults

If you would rather compare options first, review OpenClaw cloud hosting or see the best OpenClaw hosting options before deciding.

Import your current OpenClaw instance in 1 click Compare hosted vs self-hosted options

OpenClaw import first screen in OpenClaw Setup dashboard (light theme) — 1) Paste import payload

OpenClaw import first screen in OpenClaw Setup dashboard (dark theme) — 1) Paste import payload

OpenClaw import completed screen in OpenClaw Setup dashboard (light theme) — 2) Review and launch

OpenClaw import completed screen in OpenClaw Setup dashboard (dark theme) — 2) Review and launch

When bonjour is still reasonable

There are cases where bonjour makes sense: a local lab setup, a shared home network, a developer machine on the same LAN as the clients that need discovery, or a tightly controlled internal environment designed for local service advertisement. The important word is local. A VPS is usually the opposite of that.

Edge cases worth checking

The host is technically on Linux, but still inside a provider-managed network

Linux itself is not the issue. The issue is whether the surrounding network behaves like a friendly local subnet for mDNS. Most provider-managed networks do not.

You run Docker on the VPS

That adds another layer where hostnames and network visibility can become less predictable. It makes the case for disabling bonjour stronger, not weaker.

You worry that disabling bonjour is hiding the real problem

If bonjour is not part of your actual access strategy, disabling it is not a cheat. It is removing an unnecessary source of startup risk.

The gateway still crashes after bonjour is off

Then you have a different failure branch. The value of this guide is that it helps you quickly eliminate one very specific crash-loop cause instead of guessing forever.

How to verify recovery

The gateway completes startup without the bonjour probing loop.
The CIAO PROBING CANCELLED rejection disappears from the logs.
Systemd or your process manager stops restarting the gateway repeatedly.
Your real access method still works after startup.
A second restart remains stable.

Typical mistakes

Assuming every enabled plugin is appropriate on every host type.
Debugging model providers or API keys before reading the startup logs.
Leaving bonjour enabled on a VPS even though you never use local discovery.
Testing only one restart and assuming the incident is gone forever.
Confusing “Linux host” with “local network environment.” They are not the same thing.

If your VPS keeps teaching you the same lesson

If startup reliability matters more than managing every plugin edge yourself, compare the tradeoffs on /compare/, review OpenClaw cloud hosting, and use OpenClaw Setup if you want a steadier path than repeated VPS incident recovery.

Import your current OpenClaw instance in 1 click

FAQ

Does disabling bonjour reduce core OpenClaw features on a VPS?

Usually not for the workflows most VPS operators care about. If you connect through explicit remote-access methods, bonjour is rarely a core requirement.

Should I open UDP 5353 instead of disabling the plugin?

Only if you have a real reason to use local discovery in that environment. For most VPS deployments, opening more network surface to preserve an unnecessary plugin is the wrong trade.

Is this only a RackNerd problem?

No. RackNerd was the reported environment in the fresh issue, but the underlying lesson applies to many restricted VPS and container networks.

What should I read next?

Start with /compare/ if you are deciding between self-hosted and managed options, review OpenClaw cloud hosting if uptime matters most, and visit OpenClaw Setup if you want a simpler way to keep an existing instance online.