desktop-packages team mailing list archive

Thread
Date

[Bug 1390623] Re: VPN with IPv6 connectivity but no IPv6 DNS server results in broken DNS config

To: desktop-packages@xxxxxxxxxxxxxxxxxxx
From: MikeyB <michael@xxxxxxxxxxxxxxx>
Date: Wed, 26 Aug 2015 01:57:45 -0000
Reply-to: Bug 1390623 <1390623@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Affects 15.04 as well.

before VPN:
Aug 25 21:20:14 challenger dnsmasq[2049]: setting upstream servers from DBus
Aug 25 21:20:14 challenger dnsmasq[2049]: using nameserver 2001:db8:b0e2::51#53
Aug 25 21:20:14 challenger dnsmasq[2049]: using nameserver 2001:db8:b0e2::52#53
Aug 25 21:20:14 challenger dnsmasq[2049]: using nameserver 192.168.1.51#53
Aug 25 21:20:14 challenger dnsmasq[2049]: using nameserver 192.168.1.52#53

after VPN:
Aug 25 21:20:20 challenger dnsmasq[2049]: using nameserver 192.168.0.6#53 for domain netdirect.ca
Aug 25 21:20:20 challenger dnsmasq[2049]: using nameserver 192.168.0.6#53 for domain 31.172.in-addr.arpa
Aug 25 21:20:20 challenger dnsmasq[2049]: using nameserver 192.168.0.6#53 for domain 10.in-addr.arpa
Aug 25 21:20:20 challenger dnsmasq[2049]: using nameserver 192.168.0.6#53 for domain 0.168.192.in-addr.arpa
Aug 25 21:20:20 challenger dnsmasq[2049]: using nameserver 192.168.0.6#53 for domain 235.16.216.in-addr.arpa

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1390623

Title:
  VPN with IPv6 connectivity but no IPv6 DNS server results in broken
  DNS config

Status in network-manager package in Ubuntu:
  Confirmed

Bug description:
  When connecting to a VPN that provides both a default route over IPv4
  and IPv6, but only DNS servers over IPv4, you can end up with the IPv4
  DNS servers set up as "split DNS". When that happens, the user is left
  without a working DNS configuration.

  See the attached log file for an example.

  I think the cause is that the patch for avoiding split DNS on VPNs
  with default routes[1] stops looking when it finds the first VPN
  configuration with a default route. If that configuration happens to
  be the IPv6-side of the VPN connection, then it will still add the
  IPv4 configuration with split DNS.

  A workaround is to simply add a IPv6 DNS server to the configuration
  in addition to the IPv4 DNS servers. In that case, the IPv6 DNS server
  is added without split DNS.

  This has been tested with both Ubuntu 14.04 LTS and Xubuntu 14.04.

  Package versions (on Xubuntu 14.04):
   network-manager 0.9.8.8-0ubuntu7
   network-manager-openvpn 0.9.8.2-1ubuntu4
   openvpn 2.3.2-7ubuntu3

  [1] http://bazaar.launchpad.net/~network-manager/network-
  manager/ubuntu/view/head:/debian/patches/dnsmasq-vpn-dns-
  filtering.patch

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1390623/+subscriptions

References

[Bug 1390623] [NEW] VPN with IPv6 connectivity but no IPv6 DNS server results in broken DNS config
From: Olav Morken, 2014-11-07