← Back to team overview

desktop-packages team mailing list archive

[Bug 1440607] Re: network-manager suddenly using VPN nameserver for single domain only, not updating resolv.conf

 

Created a fresh 14.10 installation (utopic) + network-manager-openconnect-gnome and confirmed the original behaviour.
Upgraded same installation to 15.04 and now experiencing the same behaviour as reported above.

Additionally, as this VPN specifies that other traffic is firewalled,
the default local nameserver does not function and so DNS breaks
entirely once connected.

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1440607

Title:
  network-manager suddenly using VPN nameserver for single domain only,
  not updating resolv.conf

Status in network-manager package in Ubuntu:
  New

Bug description:
  When connecting to a VPN using network manager (openconnect), DNS
  resolution stops working for me.

  This is a regression since 14.10 (and vivid in the last few weeks)
  where it worked as before.  Verified working on a fresh install of
  14.10, upgraded and then verified broken on 15.04.

  Under 14.10 (utopic), the VPN name-servers were used for the entire
  system.

  Under 15.04 (vivid), as of this week, it uses the VPN name-servers
  only for the "VPN domain" (in this case, au.wordomain.com) and
  attempts to use the LAN name-server for all other names.

  This breaks for two reasons

   (1) The VPN domain (which is automatically retrieved from the VPN
  server, and is not manually set, and cannot be overridden) is not the
  only domain I required overridden to get internal DNS.

   (2) The local nameserver access is blocked/firewalled by the
  openconnect policy, and thus even global resolution stops workling.


  
  NetworkManager[836]: <info> VPN connection 'Work VPN' (IP Config Get) reply received.
  NetworkManager[836]: <info> VPN connection 'Work VPN' (IP4 Config Get) reply received.
  NetworkManager[836]: <info> VPN connection 'Work VPN' (IP6 Config Get) reply received.
  NetworkManager[836]: <info> VPN Gateway: 101.10.10.101
  NetworkManager[836]: <info> Tunnel Device: vpn0
  NetworkManager[836]: <info> IPv4 configuration:
  NetworkManager[836]: <info>   Internal Address: 10.131.11.21
  NetworkManager[836]: <info>   Internal Prefix: 21
  NetworkManager[836]: <info>   Internal Point-to-Point Address: 10.131.11.21
  NetworkManager[836]: <info>   Maximum Segment Size (MSS): 0
  NetworkManager[836]: <info>   Forbid Default Route: no
  NetworkManager[836]: <info>   Internal DNS: 10.97.11.12
  NetworkManager[836]: <info>   Internal DNS: 10.97.12.12
  NetworkManager[836]: <info>   DNS Domain: 'au.workdomain.com'
  NetworkManager[836]: <info> IPv6 configuration:
  NetworkManager[836]: <info>   Internal Address: 2406:cdef:abc:dead:beef::13
  NetworkManager[836]: <info>   Internal Prefix: 64
  NetworkManager[836]: <info>   Internal Point-to-Point Address: 2406:cdef:abc:dead:beef::13
  NetworkManager[836]: <info>   Maximum Segment Size (MSS): 0
  NetworkManager[836]: <info>   Forbid Default Route: no
  NetworkManager[836]: <info>   DNS Domain: 'au.workdomain.com'
  openconnect[2710]: Connected vpn0 as 10.131.11.21 + 2406:cdef:abc:dead:beef::13/64, using SSL
  NetworkManager[836]: <info> (vpn0): link connected
  NetworkManager[836]: <info> VPN connection 'Work VPN' (IP Config Get) complete.
  NetworkManager[836]: <info> VPN plugin state changed: started (4)
  NetworkManager[836]: <info> NetworkManager state is now CONNECTED_LOCAL
  NetworkManager[836]: <info> NetworkManager state is now CONNECTED_GLOBAL
  NetworkManager[836]: <info> Policy set 'Work VPN' (vpn0) as default for IPv6 routing and DNS.
  NetworkManager[836]: <info> Writing DNS information to /sbin/resolvconf
  dnsmasq[1485]: setting upstream servers from DBus
  dnsmasq[1485]: using nameserver 220.233.0.4#53
  dnsmasq[1485]: using nameserver 220.233.0.3#53
  dnsmasq[1485]: using nameserver 10.101.11.12#53 for domain au.workdomain.com
  dnsmasq[1485]: using nameserver 10.101.11.12#53 for domain 10.in-addr.arpa
  dnsmasq[1485]: using nameserver 10.101.12.12#53 for domain au.workdomain.com
  dnsmasq[1485]: using nameserver 10.101.12.12#53 for domain 10.in-addr.arpa

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1440607/+subscriptions


References