Sorry for the bump but dnsmasq is still enabled by default and cannot be removed without removing network-manager.
I ran into the issue where dnsmasq introduced a security problem when running VPN connections. For security reasons all DNS traffic was supposed to be flowing to the DNS server pushed by the VPN Server. This used to work before dnsmasq was made the default. With dnsmasq enabled, it sends the DNS request completely at random to the various DNS server the system has learned, including those from the public network (DHCP). This not only leaks information, it also breaks resolving hosts on the other end of the VPN because dnsmasq responds with NXDOMAIN if the query for a VPN-connected hostname happened to have ended up in the public DNS. After commenting out the line dns=dnsmasq in /etc/NetworkManager/NetworkManager.conf DNS is properly enforced again and behaving completely predictable. I wish to remove dnsmasq from my client systems as well because of this security leak. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/992411 Title: network-manager: Please don't Depend on dnsmasq-base Status in “network-manager” package in Ubuntu: Triaged Bug description: dnsmasq in not required... Furthermore because you are over writing the Systems Administrators dhcp setting you have now made it a requirement to edit configurations on every dhcp client. cp@io:~$ dpkg -l dnsmasq-base bind9 dhcp3-server Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Description +++-==============-==============-============================================ ii bind9 1:9.8.1.dfsg.P Internet Domain Name Server ii dhcp3-server 4.1.ESV-R4-0ub ISC DHCP server (transitional package) ii dnsmasq-base 2.59-4 Small caching DNS proxy and DHCP/TFTP server To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/992411/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
