touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #87077
[Bug 1270189] Re: Ubuntu Touch devices are using cellular DNS servers over wifi connection
@Jamie
I think this explains the behavior I often see when enabling WiFi and it
auto-connects to a known AP. NM shows the connection as active ( ie.
nmcli d ), the routing table it correct, pinging an IP address works,
however for the first 30-90s after the connection comes up, DNS lookups
fail. I think this is one of the underlying causes of users complaining
about networking failing when they activate WiFi on Touch devices.
That said, unwinding this may be a bit tricky as NM keeps both
connections active, but sets WiFi as the default route. As the DNS
Servers were added in order to dnsmasq, and unwinding this in NM might
be tricky, I wonder if patching this in dnsmasq is the right way to go?
I'll do some investigation of dnsmasq's DBus API. If we changed
dnsmasq to reverse the ordering of DNS servers. The only issue here is
whether all of the DNS servers for an interface are added as group or
not. If they're added individually, then reversing the order would have
the effect of reversing the individual DNS servers for a particular
interface too, which might not be desired behavior.
** Also affects: network-manager (Ubuntu RTM)
Importance: Undecided
Status: New
** Also affects: canonical-devices-system-image
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1270189
Title:
Ubuntu Touch devices are using cellular DNS servers over wifi
connection
Status in the base for Ubuntu mobile products:
New
Status in network-manager package in Ubuntu:
Confirmed
Status in network-manager package in Ubuntu RTM:
New
Bug description:
On my Nexus 4, build 121 with TMobile, when I am on wifi, I correctly
get a 192.168 ip and DNS entries for this network (on wlan0) -- fine.
When I am in range of cellular data, I get an ip address from TMobile
and am given DNS entries that aren't on the same network as the
TMobile ip address (on rmnet_usb0). The problem is, the DNS entries
from TMobile are preferred over the ones from the wifi network such
that while wlan0 is correctly setup as the default route, DNS queries
are being made to the TMobile DNS servers over wlan0 because there are
no explicit routes to these servers. This is problematic because the
remote DNS server may not respond to queries coming from out of
network or site policy may disallow the use of foreign DNS servers--
both of which result in slow (or possibly failing) DNS queries since
the cellular DNS is checked first. Also, where it did work, these
queries could incur charges when the user is intending to use only
wifi. In the case of (at least) TMobile, this could be a security
concern because the well-known TMobile DNS servers are on the private
'10.' network, which opens the possibility for a rogue DNS server to
be on the private wifi network with this ip address.
This could be fixed in (at least) four ways:
1) when on wifi, don't merge the DNS servers on cellular networks at all which forces the device to use the ones available on the site (wlan0). This is guaranteed to not incur changes
2) when on wifi, merge the DNS server from the cellular network, but add them after the ones on the wifi network. This will try the site's DNS first and only if they fail, fallback to the cellular DNS. This may incur charges under certain circumstances
3) add an explicit route to the cellular DNS servers through rmnet_usb0. This will bypass the site DNS with all queries going through cellular DNS. This will incur charges and would make the device unable to resolve site-local names.
4) same as '2', but also add explicit routes for the cellular name servers. This should only incur charges if wifi DNS fails
I think '3' is out. '2' and '4' seems most intuitive (with '4' perhaps
most correct). '1' seems also ok.
# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.x.1 0.0.0.0 UG 0 0 0 wlan0
100.152.35.128 0.0.0.0 255.255.255.252 U 0 0 0 rmnet_usb0
192.168.x.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0
Jan 17 07:36:38 ubuntu-phablet NetworkManager[1130]: <info> Auto-activating connection '/310260575949457/context1'.
Jan 17 07:36:38 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) starting connection '/310260575949457/context1'
Jan 17 07:36:38 ubuntu-phablet NetworkManager[1130]: <info> (/ril_0): device state change: disconnected -> prepare (reason 'none') [30 40 0]
Jan 17 07:36:38 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 1 of 5 (Device Prepare) scheduled...
Jan 17 07:36:38 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 1 of 5 (Device Prepare) started...
Jan 17 07:36:38 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 1 of 5 (Device Prepare) complete.
Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> (/ril_0): IPv4 static configuration:
Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> address 100.152.35.130/30
Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> DNS 10.177.0.34
Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> DNS 10.168.183.116
Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 2 of 5 (Device Configure) scheduled...
Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 2 of 5 (Device Configure) starting...
Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> (/ril_0): device state change: prepare -> config (reason 'none') [40 50 0]
Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 2 of 5 (Device Configure) successful.
Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 3 of 5 (IP Configure Start) scheduled.
Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 2 of 5 (Device Configure) complete.
Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 3 of 5 (IP Configure Start) started...
Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> (/ril_0): device state change: config -> ip-config (reason 'none') [50 70 0]
Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 5 of 5 (IPv4 Configure Commit) scheduled...
Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 4 of 5 (IPv6 Configure Timeout) scheduled...
Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 3 of 5 (IP Configure Start) complete.
Jan 17 07:36:41 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 5 of 5 (IPv4 Commit) started...
Jan 17 07:36:42 ubuntu-phablet NetworkManager[1130]: <info> (/ril_0): device state change: ip-config -> secondaries (reason 'none') [70 90 0]
Jan 17 07:36:42 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 5 of 5 (IPv4 Commit) complete.
Jan 17 07:36:42 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 4 of 5 (IPv6 Configure Timeout) started...
Jan 17 07:36:42 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) Stage 4 of 5 (IPv6 Configure Timeout) complete.
Jan 17 07:36:42 ubuntu-phablet NetworkManager[1130]: <info> (/ril_0): device state change: secondaries -> activated (reason 'none') [90 100 0]
Jan 17 07:36:42 ubuntu-phablet NetworkManager[1130]: <info> Writing DNS information to /sbin/resolvconf
Jan 17 07:36:42 ubuntu-phablet dnsmasq[2189]: setting upstream servers from DBus
Jan 17 07:36:42 ubuntu-phablet dnsmasq[2189]: using nameserver 10.168.183.116#53
Jan 17 07:36:42 ubuntu-phablet dnsmasq[2189]: using nameserver 10.177.0.34#53
Jan 17 07:36:42 ubuntu-phablet dnsmasq[2189]: using nameserver 192.168.x.x#53
Jan 17 07:36:42 ubuntu-phablet dnsmasq[2189]: using nameserver 208.67.222.222#53
Jan 17 07:36:42 ubuntu-phablet dnsmasq[2189]: using nameserver 208.67.220.220#53
Jan 17 07:36:42 ubuntu-phablet NetworkManager[1130]: <info> Activation (/ril_0) successful, device activated.
To manage notifications about this bug go to:
https://bugs.launchpad.net/canonical-devices-system-image/+bug/1270189/+subscriptions