desktop-packages team mailing list archive

[geo <geo77@xxxxxxxxxxxxxxx>]

Public bug reported:

I'm guessing that the problem is in network-manager,  but could be
network-manager-openvpn, or network-manager-openvpn-grnome, or dnsmasq?)

I have a fresh install of xubuntu 14.04.3 amd64.  network-manager
0.9.8.8-0ubuntu7.1

It has one eth port connected, plus 2 OpenVPN connections to remote
gateways defined but not normally enabled.

The 2 VPN connections are mutually exclusive.  There is no selective routing defined, so if either is 
enabled its gateway becomes the default route.   This all seems to be working as expected.
 
Obviously I can only ever have one or the other VPN active,  never both.

However,  the dns nameserver assignment is not working correctly.

All of the config has been specified via the NM panel applet, but for clarity I will show you 
extracts from the NM connrction configs in /etc/NetworkManager/system-connections/....

Ignoring the [connection],[vpn],[vpn-secrets] sections here are the 3
[ipv4] and [ipv6] sections:

-----------------
FOR ETH1:

  [ipv6]
  method=ignore
  
  [ipv4]
  method=manual
  dns=192.168.88.1;
  address1=192.168.88.104/24,192.168.88.1
----------------
FOR VPN-A:

  [ipv6]
  method=ignore
  
  [ipv4]
  method=auto
  dns=111.111.111.111;222.222.222.222;       (edited for this report)
----------------- 
and FOR VPN-B:

  [ipv6]
  method=ignore
  
  [ipv4]
  method=auto
  dns=333.333.333.333;      (edited for this report)
------------------

Starting with networking disabled and using the NM panel applet to activate the various 
connections I can monitor in syslog which DNS servers dnsmasq is choosing for its upstream lookups.

Step-1,  enable eth1 (with both VPN connections disabled)
syslog shows:
  dnsmasq[2124]: setting upstream servers from DBus
  dnsmasq[2124]: using nameserver 192.168.88.1#53
(this is good,  192.168.88.1 is a local gateway and dns server combined)

Step-2, enable VPN-A
syslog-shows:
  dnsmasq[2124]: setting upstream servers from DBus
  dnsmasq[2124]: using nameserver 111.111.111.111#53
  dnsmasq[2124]: using nameserver 222.222.222.222#53
(this is good, 192.168.88.1 has been dropped and the 2 servers defined for VPN-A have been selected)

Step-3, disable VPN-A
syslog shows:
  dnsmasq[2124]: setting upstream servers from DBus
  dnsmasq[2124]: using nameserver 192.168.88.1#53
(this is good, exactly as we were before enabling VPN-A)

Step-4, enable VPN-B
syslog shows:
  dnsmasq[2124]: setting upstream servers from DBus
  dnsmasq[2124]: using nameserver 333.333.333.333#53
  dnsmasq[2124]: using nameserver 111.111.111.111#53
  dnsmasq[2124]: using nameserver 222.222.222.222#53
(NO!, this is BAD, nameservers 111 and 222 have nothing to do with VPN-B)

Step-5, disable VPN-B
syslog shows:
  dnsmasq[2124]: setting upstream servers from DBus
  dnsmasq[2124]: using nameserver 192.168.88.1#53
(this is good, )

Step-6, lets try enabling VPN-A again
syslog-shows:
  dnsmasq[2124]: setting upstream servers from DBus
  dnsmasq[2124]: using nameserver 111.111.111.111#53
  dnsmasq[2124]: using nameserver 222.222.222.222#53
(this is good, )

I have experimented with this in multiple ways, as far as I can see any DNS servers applicable to
the FIRST VPN to be activated are somehow "sticky".  If I restart network-manager and then 
activate VPN-B I still get the wrong nameservers.  If I want to activate VPN-B with its correct nameserver
as defined then I have to re-boot and activate VPN-B before VPN-A.   Then of course I end up with the opposite 
problem that VPN-A's nameservers are messed up.

** Affects: network-manager (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1507858

Title:
  Network Manager + dnsmasq are not correctly assigning upstream DNS
  servers

Status in network-manager package in Ubuntu:
  New

Bug description:
  I'm guessing that the problem is in network-manager,  but could be
  network-manager-openvpn, or network-manager-openvpn-grnome, or
  dnsmasq?)

  I have a fresh install of xubuntu 14.04.3 amd64.  network-manager
  0.9.8.8-0ubuntu7.1

  It has one eth port connected, plus 2 OpenVPN connections to remote
  gateways defined but not normally enabled.

  The 2 VPN connections are mutually exclusive.  There is no selective routing defined, so if either is 
  enabled its gateway becomes the default route.   This all seems to be working as expected.
   
  Obviously I can only ever have one or the other VPN active,  never both.

  However,  the dns nameserver assignment is not working correctly.

  All of the config has been specified via the NM panel applet, but for clarity I will show you 
  extracts from the NM connrction configs in /etc/NetworkManager/system-connections/....

  Ignoring the [connection],[vpn],[vpn-secrets] sections here are the 3
  [ipv4] and [ipv6] sections:

  -----------------
  FOR ETH1:

    [ipv6]
    method=ignore
    
    [ipv4]
    method=manual
    dns=192.168.88.1;
    address1=192.168.88.104/24,192.168.88.1
  ----------------
  FOR VPN-A:

    [ipv6]
    method=ignore
    
    [ipv4]
    method=auto
    dns=111.111.111.111;222.222.222.222;       (edited for this report)
  ----------------- 
  and FOR VPN-B:

    [ipv6]
    method=ignore
    
    [ipv4]
    method=auto
    dns=333.333.333.333;      (edited for this report)
  ------------------

  Starting with networking disabled and using the NM panel applet to activate the various 
  connections I can monitor in syslog which DNS servers dnsmasq is choosing for its upstream lookups.

  Step-1,  enable eth1 (with both VPN connections disabled)
  syslog shows:
    dnsmasq[2124]: setting upstream servers from DBus
    dnsmasq[2124]: using nameserver 192.168.88.1#53
  (this is good,  192.168.88.1 is a local gateway and dns server combined)

  Step-2, enable VPN-A
  syslog-shows:
    dnsmasq[2124]: setting upstream servers from DBus
    dnsmasq[2124]: using nameserver 111.111.111.111#53
    dnsmasq[2124]: using nameserver 222.222.222.222#53
  (this is good, 192.168.88.1 has been dropped and the 2 servers defined for VPN-A have been selected)

  Step-3, disable VPN-A
  syslog shows:
    dnsmasq[2124]: setting upstream servers from DBus
    dnsmasq[2124]: using nameserver 192.168.88.1#53
  (this is good, exactly as we were before enabling VPN-A)

  Step-4, enable VPN-B
  syslog shows:
    dnsmasq[2124]: setting upstream servers from DBus
    dnsmasq[2124]: using nameserver 333.333.333.333#53
    dnsmasq[2124]: using nameserver 111.111.111.111#53
    dnsmasq[2124]: using nameserver 222.222.222.222#53
  (NO!, this is BAD, nameservers 111 and 222 have nothing to do with VPN-B)

  Step-5, disable VPN-B
  syslog shows:
    dnsmasq[2124]: setting upstream servers from DBus
    dnsmasq[2124]: using nameserver 192.168.88.1#53
  (this is good, )

  Step-6, lets try enabling VPN-A again
  syslog-shows:
    dnsmasq[2124]: setting upstream servers from DBus
    dnsmasq[2124]: using nameserver 111.111.111.111#53
    dnsmasq[2124]: using nameserver 222.222.222.222#53
  (this is good, )

  I have experimented with this in multiple ways, as far as I can see any DNS servers applicable to
  the FIRST VPN to be activated are somehow "sticky".  If I restart network-manager and then 
  activate VPN-B I still get the wrong nameservers.  If I want to activate VPN-B with its correct nameserver
  as defined then I have to re-boot and activate VPN-B before VPN-A.   Then of course I end up with the opposite 
  problem that VPN-A's nameservers are messed up.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1507858/+subscriptions