← Back to team overview

desktop-packages team mailing list archive

[Bug 1430077] Re: [vivid] VPN connection breaks /etc/resolv.conf

 

> Now, it is being pushed instead to /etc/resolv.conf.
> 
> nameserver 10.99.244.1
> nameserver 127.0.1.1
>
> [...]
> Connecting to the VPN also pushes search paths to /etc/resolv.conf - overriding the search
> domains that I have already configured, and which should take precedence.


Is this being done in NM itself, i.e., does NM send these two addresses in this order to resolvconf? Or does something else send the 10.99.244.1 address to resolvconf? Or does something else write directly to /etc/resolv.conf?


> This is breaking the DNS handling for libvirt-bin, which has its own forwarding dnsmasq
> instance which it expects to be able to talk to the first nameserver listed here.


(As an aside, you may be interested in the discussion at #1163147. It is proposed there that the forwarding dnsmasq instance for libvirt compile its nameserver list using a resolvconf hook script, in the same manner as the plain dnsmasq does. Then if it is configured to listen on some loopback address it can be used on the host system to look up names of vm guests as well as other names.)
   

> The nameserver in question does not work (and is not meant to be used) for any name
> lookups except company-internal domains.


Ah, so the VPN nameserver does not provide general DNS service; you rely on dnsmasq to route queries.

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1430077

Title:
  [vivid] VPN connection breaks /etc/resolv.conf

Status in network-manager package in Ubuntu:
  Confirmed

Bug description:
  After some recent update in vivid, connecting to my employer's VPN
  with network-manager-openvpn has resulted in broken name resolution.
  Previously, the VPN-provided nameserver setting would be pushed into
  the config of the dnsmasq run by NM.  Now, it is being pushed instead
  to /etc/resolv.conf.

   nameserver 10.99.244.1
   nameserver 127.0.1.1

  This is breaking the DNS handling for libvirt-bin, which has its own
  forwarding dnsmasq instance which it expects to be able to talk to the
  first nameserver listed here.  The nameserver in question does not
  work (and is not meant to be used) for any name lookups except
  company-internal domains.

  Connecting to the VPN also pushes search paths to /etc/resolv.conf -
  overriding the search domains that I have already configured, and
  which should take precedence.  (This part is not a regression.)  I
  understand that the purpose of these provided domains is to specify
  the domains for which DNS lookups should be forwarded to the VPN DNS
  server, and *not* to modify the system's DNS lookups for non-FQDN
  requests.

  ProblemType: Bug
  DistroRelease: Ubuntu 15.04
  Package: network-manager 0.9.10.0-4ubuntu9
  ProcVersionSignature: Ubuntu 3.19.0-7.7-generic 3.19.0
  Uname: Linux 3.19.0-7-generic x86_64
  ApportVersion: 2.16.2-0ubuntu1
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Mon Mar  9 17:16:05 2015
  InstallationDate: Installed on 2010-09-24 (1627 days ago)
  InstallationMedia: Ubuntu 10.04.1 LTS "Lucid Lynx" - Release amd64 (20100816.1)
  NetworkManager.state:
   [main]
   NetworkingEnabled=true
   WirelessEnabled=true
   WWANEnabled=true
   WWanEnabled=true
  SourcePackage: network-manager
  UpgradeStatus: Upgraded to vivid on 2014-12-06 (93 days ago)
  nmcli-nm: Error: command ['nmcli', '-f', 'all', 'nm'] failed with exit code 2: Error: Object 'nm' is unknown, try 'nmcli help'.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1430077/+subscriptions


References