[Desktop-packages] [Bug 1599949] Re: NetworkManager Sets Wrong DNS Server When OpenVPN tun0 starts if ipv6 on underlying interface in Ubuntu 16.04

Launchpad Bug Tracker Wed, 20 Jul 2016 02:51:25 -0700

Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: network-manager (Ubuntu)
       Status: New => Confirmed


-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1599949

Title:
  NetworkManager Sets Wrong DNS Server When OpenVPN tun0 starts if ipv6
  on underlying interface in Ubuntu 16.04

Status in network-manager package in Ubuntu:
  Confirmed

Bug description:
  In Ubuntu 16.04 when I start an OpenVPN tunnel via the NetworkManager
  GUI over an outer interface for which only IPv4 is configured, only
  the DNS server that is reachable through the new tun0 interface is
  configured by network manager. This is correct, no DNS leakage outside
  the tunnel occurs.

  However, if I start OpenVPN and use an outer interface (over which
  tun0 flows) that has both IPv4 and IPv6 configured, the NetworkManager
  reports the DNS server of the outer interface and the DNS server of
  the tun0 interface to dnsmasq/resolvconf. This leads to DNS leakage
  outside tun0 and is a security issue as DNS queries are done inside
  and outside the tunnel. Here's the interesting part in syslog:

  -----

  
  Jul  7 20:02:40 wlm NetworkManager[4694]: <warn>  [1467914560.9893] device 
(tun0): failed to disable userspace IPv6LL address handling
  Jul  7 20:02:40 wlm NetworkManager[4694]: <info>  [1467914560.9897] device 
(tun0): state change: ip-config -> ip-check (reason 'none') [70 80 0]
  Jul  7 20:02:40 wlm NetworkManager[4694]: <info>  [1467914560.9913] device 
(tun0): state change: ip-check -> secondaries (reason 'none') [80 90 0]
  Jul  7 20:02:40 wlm NetworkManager[4694]: <info>  [1467914560.9917] device 
(tun0): state change: secondaries -> activated (reason 'none') [90 100 0]
  Jul  7 20:02:40 wlm NetworkManager[4694]: <info>  [1467914560.9963] policy: 
set 'tun0' (tun0) as default for IPv4 routing and DNS
  Jul  7 20:02:41 wlm NetworkManager[4694]: <info>  [1467914560.9967] dns-mgr: 
Writing DNS information to /sbin/resolvconf
  Jul  7 20:02:41 wlm systemd[1]: Starting Network Manager Script Dispatcher 
Service...
  Jul  7 20:02:41 wlm dnsmasq[16825]: setting upstream servers from DBus

  Jul  7 20:02:41 wlm dnsmasq[16825]: using nameserver 10.8.0.1#53
  Jul  7 20:02:41 wlm dnsmasq[16825]: using nameserver 192.168.42.1#53

  Jul  7 20:02:41 wlm dbus[878]: [system] Successfully activated service 
'org.freedesktop.nm_dispatcher'
  Jul  7 20:02:41 wlm nm-dispatcher: req:1 'vpn-up' [tun0]: new request (1 
scripts)

  
  -------

  Only 10.8.0.1 should be configured at this point. 192.168.42.1 should
  NOT be configure (and is not if the outer interface is IPv4 only!

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1599949/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1599949] Re: NetworkManager Sets Wrong DNS Server When OpenVPN tun0 starts if ipv6 on underlying interface in Ubuntu 16.04

Reply via email to