----- Original Message ----- > From: "Ralf Jung" <p...@ralfj.de> > To: "Pavel Simerda" <psime...@redhat.com> > Cc: "Tomas Hozza" <tho...@redhat.com>, "Paul Wouters" <p...@nohats.ca>, > dnssec-trigger@NLnetLabs.nl > Sent: Sunday, September 21, 2014 2:56:08 PM > Subject: Re: [Dnssec-trigger] [Bug] incorrect DNS servers are used when > network-manager connects to VPN > > Hi, > > >> Do you have an example for a VPN plugin that uses the "right" way to > >> expose information to NM? That would be a good starter to get this into > >> OpenConnect. > > > > There's https://git.gnome.org/browse/network-manager-openconnect/ > > Well, yes, that's what I am using. It shows the behaviour that I > described (DNS servers are not properly forwarded to dnssec-trigger). I > thought you said that this plugin needs patching to fix this forwarding?
Hi, I'm sorry, I didn't follow the discussion carefully. We (more specificaly I and Tomáš) are working on the dnssec-trigger hooks for NetworkManager. You're apparently using an older/different version so the behavior may be much different from what we are already testing. Basically the VPN is expected to give away information to NetworkManager and we're getting the information from NetworkManager and setting up unbound accordingly. Depending on the configuration of NM, the VPN name servers or the physical connection name servers are used globally, and the VPN name servers are being used for known domains for the VPN. I'm not using the openconnect plugin myself. It might be better if you find me (pavlix) on IRC Freenode (for example in #nm) and we can discuss it in more detail. Cheers, Pavel > > Kind regards > Ralf > _______________________________________________ dnssec-trigger mailing list dnssec-trigger@NLnetLabs.nl http://open.nlnetlabs.nl/mailman/listinfo/dnssec-trigger
