← Back to team overview

touch-packages team mailing list archive

[Bug 1270189] Re: Ubuntu Touch devices are using cellular DNS servers over wifi connection

 

** Changed in: canonical-devices-system-image
    Milestone: ww40-2015 => backlog

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1270189

Title:
  Ubuntu Touch devices are using cellular DNS servers over wifi
  connection

Status in Canonical System Image:
  Confirmed
Status in network-manager package in Ubuntu:
  Confirmed
Status in network-manager package in Ubuntu RTM:
  New

Bug description:
  On my Nexus 4, build 121 with TMobile, when I am on wifi, I correctly
  get a 192.168 ip and DNS entries for this network (on wlan0) -- fine.
  When I am in range of cellular data, I get an ip address from TMobile
  and am given DNS entries that aren't on the same network as the
  TMobile ip address (on rmnet_usb0). The problem is, the DNS entries
  from TMobile are preferred over the ones from the wifi network such
  that while wlan0 is correctly setup as the default route, DNS queries
  are being made to the TMobile DNS servers over wlan0 because there are
  no explicit routes to these servers. This is problematic because the
  remote DNS server may not respond to queries coming from out of
  network or site policy may disallow the use of foreign DNS servers--
  both of which result in slow (or possibly failing) DNS queries since
  the cellular DNS is checked first. Also, where it did work, these
  queries could incur charges when the user is intending to use only
  wifi. In the case of (at least) TMobile, this could be a security
  concern because the well-known TMobile DNS servers are on the private
  '10.' network, which opens the possibility for a rogue DNS server to
  be on the private wifi network with this ip address.

  This could be fixed in (at least) four ways:
   1) when on wifi, don't merge the DNS servers on cellular networks at all which forces the device to use the ones available on the site (wlan0). This is guaranteed to not incur changes
   2) when on wifi, merge the DNS server from the cellular network, but add them after the ones on the wifi network. This will try the site's DNS first and only if they fail, fallback to the cellular DNS. This may incur charges under certain circumstances
   3) add an explicit route to the cellular DNS servers through rmnet_usb0. This will bypass the site DNS with all queries going through cellular DNS. This will incur charges and would make the device unable to resolve site-local names.
   4) same as '2', but also add explicit routes for the cellular name servers. This should only incur charges if wifi DNS fails

  I think '3' is out. '2' and '4' seems most intuitive (with '4' perhaps
  most correct). '1' seems also ok.

  # netstat -rn
  Kernel IP routing table
  Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
  0.0.0.0         192.168.x.1     0.0.0.0         UG        0 0          0 wlan0
  100.152.35.128  0.0.0.0         255.255.255.252 U         0 0          0 rmnet_usb0
  192.168.x.0     0.0.0.0         255.255.255.0   U         0 0          0 wlan0

   Jan 17 07:36:38 ubuntu-phablet NetworkManager[1130]: <info> Auto-activating connection '/310260575949457/context1'.
  Jan 17 07:36:38 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) starting connection '/310260575949457/context1'
  Jan 17 07:36:38 ubuntu-phablet NetworkManager[1130]: <info> (/ril_0): device state change: disconnected -> prepare (reason 'none') [30 40 0]
  Jan 17 07:36:38 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 1 of 5 (Device Prepare) scheduled...
  Jan 17 07:36:38 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 1 of 5 (Device Prepare) started...
  Jan 17 07:36:38 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 1 of 5 (Device Prepare) complete.
  Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> (/ril_0): IPv4 static configuration:
  Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info>   address 100.152.35.130/30
  Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info>   DNS 10.177.0.34
  Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info>   DNS 10.168.183.116
  Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 2 of 5 (Device Configure) scheduled...
  Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 2 of 5 (Device Configure) starting...
  Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> (/ril_0): device state change: prepare -> config (reason 'none') [40 50 0]
  Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 2 of 5 (Device Configure) successful.
  Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 3 of 5 (IP Configure Start) scheduled.
  Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 2 of 5 (Device Configure) complete.
  Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 3 of 5 (IP Configure Start) started...
  Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> (/ril_0): device state change: config -> ip-config (reason 'none') [50 70 0]
  Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 5 of 5 (IPv4 Configure Commit) scheduled...
  Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 4 of 5 (IPv6 Configure Timeout) scheduled...
  Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 3 of 5 (IP Configure Start) complete.
  Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 5 of 5 (IPv4 Commit) started...
  Jan 17 07:36:42 ubuntu-phablet NetworkManager[1130]: <info> (/ril_0): device state change: ip-config -> secondaries (reason 'none') [70 90 0]
  Jan 17 07:36:42 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 5 of 5 (IPv4 Commit) complete.
  Jan 17 07:36:42 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 4 of 5 (IPv6 Configure Timeout) started...
  Jan 17 07:36:42 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 4 of 5 (IPv6 Configure Timeout) complete.
  Jan 17 07:36:42 ubuntu-phablet NetworkManager[1130]: <info> (/ril_0): device state change: secondaries -> activated (reason 'none') [90 100 0]
  Jan 17 07:36:42 ubuntu-phablet NetworkManager[1130]: <info> Writing DNS information to /sbin/resolvconf
  Jan 17 07:36:42 ubuntu-phablet dnsmasq[2189]: setting upstream servers from DBus
  Jan 17 07:36:42 ubuntu-phablet dnsmasq[2189]: using nameserver 10.168.183.116#53
  Jan 17 07:36:42 ubuntu-phablet dnsmasq[2189]: using nameserver 10.177.0.34#53
  Jan 17 07:36:42 ubuntu-phablet dnsmasq[2189]: using nameserver 192.168.x.x#53
  Jan 17 07:36:42 ubuntu-phablet dnsmasq[2189]: using nameserver 208.67.222.222#53
  Jan 17 07:36:42 ubuntu-phablet dnsmasq[2189]: using nameserver 208.67.220.220#53
  Jan 17 07:36:42 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) successful, device activated.

To manage notifications about this bug go to:
https://bugs.launchpad.net/canonical-devices-system-image/+bug/1270189/+subscriptions