← Back to team overview

desktop-packages team mailing list archive

  1. desktop-packages team
  2. Mailing list archive
  3. Message #80767

[Bug 1390623] [NEW] VPN with IPv6 connectivity but no IPv6 DNS server results in broken DNS config

  Thread PreviousDate PreviousThread Next 
Public bug reported:

When connecting to a VPN that provides both a default route over IPv4
and IPv6, but only DNS servers over IPv4, you can end up with the IPv4
DNS servers set up as "split DNS". When that happens, the user is left
without a working DNS configuration.

See the attached log file for an example.

I think the cause is that the patch for avoiding split DNS on VPNs with
default routes[1] stops looking when it finds the first VPN
configuration with a default route. If that configuration happens to be
the IPv6-side of the VPN connection, then it will still add the IPv4
configuration with split DNS.

A workaround is to simply add a IPv6 DNS server to the configuration in
addition to the IPv4 DNS servers. In that case, the IPv6 DNS server is
added without split DNS.

This has been tested with both Ubuntu 14.04 LTS and Xubuntu 14.04.

Package versions (on Xubuntu 14.04):
 network-manager 0.9.8.8-0ubuntu7
 network-manager-openvpn 0.9.8.2-1ubuntu4
 openvpn 2.3.2-7ubuntu3

[1] http://bazaar.launchpad.net/~network-manager/network-
manager/ubuntu/view/head:/debian/patches/dnsmasq-vpn-dns-filtering.patch

** Affects: network-manager (Ubuntu)
     Importance: Undecided
         Status: New

** Attachment added: "Log from VPN DNS setup"
   https://bugs.launchpad.net/bugs/1390623/+attachment/4255469/+files/vpnlog.txt

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1390623

Title:
  VPN with IPv6 connectivity but no IPv6 DNS server results in broken
  DNS config

Status in “network-manager” package in Ubuntu:
  New

Bug description:
  When connecting to a VPN that provides both a default route over IPv4
  and IPv6, but only DNS servers over IPv4, you can end up with the IPv4
  DNS servers set up as "split DNS". When that happens, the user is left
  without a working DNS configuration.

  See the attached log file for an example.

  I think the cause is that the patch for avoiding split DNS on VPNs
  with default routes[1] stops looking when it finds the first VPN
  configuration with a default route. If that configuration happens to
  be the IPv6-side of the VPN connection, then it will still add the
  IPv4 configuration with split DNS.

  A workaround is to simply add a IPv6 DNS server to the configuration
  in addition to the IPv4 DNS servers. In that case, the IPv6 DNS server
  is added without split DNS.

  This has been tested with both Ubuntu 14.04 LTS and Xubuntu 14.04.

  Package versions (on Xubuntu 14.04):
   network-manager 0.9.8.8-0ubuntu7
   network-manager-openvpn 0.9.8.2-1ubuntu4
   openvpn 2.3.2-7ubuntu3

  [1] http://bazaar.launchpad.net/~network-manager/network-
  manager/ubuntu/view/head:/debian/patches/dnsmasq-vpn-dns-
  filtering.patch

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1390623/+subscriptions

Follow ups

References

  Thread PreviousDate PreviousThread Next