Public bug reported:
Alright, this is going to be a frustrating bug for everyone involved I
expect, but here goes.
On Ubuntu 16.04, using a non-released VPN client (making this _much_
harder for anyone to reproduce), upgrading the network-manager packages
from 1.2.2-0ubuntu0.16.04.3 to 1.2.6-0ubuntu0.16.04.1 quite handily
broke DNS over the VPN.
And it broke it really oddly.
dnsmasq binds to socket 12 for the new interface, just fine.
strace shows that it does the sendto for the DNS request, and that the
poll calls are working, just fine.
tcpdump shows the response messages, they are coming back from the
correct host and port, going to my IP and the port that dnsmasq is
sending from.
There are no iptables rules involved, nothing is set to deny.
dnsmasq is never getting the response packet.
The request thus times out.
Doing a host or dig directly to the DNS server works just fine.
And this is completely reproducible, and goes away the moment I
downgrade back to 1.2.2-0ubuntu0.16.04.3.
Was there some change to how network-manager handles VPN interfaces/tap0
in the new version?
** Affects: network-manager (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1672491
Title:
New NetworkManager breaks VPN DNS.
Status in network-manager package in Ubuntu:
New
Bug description:
Alright, this is going to be a frustrating bug for everyone involved I
expect, but here goes.
On Ubuntu 16.04, using a non-released VPN client (making this _much_
harder for anyone to reproduce), upgrading the network-manager
packages from 1.2.2-0ubuntu0.16.04.3 to 1.2.6-0ubuntu0.16.04.1 quite
handily broke DNS over the VPN.
And it broke it really oddly.
dnsmasq binds to socket 12 for the new interface, just fine.
strace shows that it does the sendto for the DNS request, and that the
poll calls are working, just fine.
tcpdump shows the response messages, they are coming back from the
correct host and port, going to my IP and the port that dnsmasq is
sending from.
There are no iptables rules involved, nothing is set to deny.
dnsmasq is never getting the response packet.
The request thus times out.
Doing a host or dig directly to the DNS server works just fine.
And this is completely reproducible, and goes away the moment I
downgrade back to 1.2.2-0ubuntu0.16.04.3.
Was there some change to how network-manager handles VPN
interfaces/tap0 in the new version?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1672491/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
