On Wed, Mar 22, 2017 at 08:19:32PM -0400, Paul Smith wrote: > Hi all. I'm having a problem with DNS servers over openvpn. I use > NetworkManager to configure (via openvpn config file import) and > start/stop the VPN. I'm using Ubuntu GNOME 16.10, with: > > [...] > > I've also enabled "nmcli general logging level TRACE" and looked at the > journalctl logging when starting / stopping both VPN configurations and > it all looks fine to me: for both I can see the IP address for the DNS > server added as "50 vpn v4 tun0 : <newIP>" where my default DNS servers > are 100. I see dnsmasq messages saying it's adding the new DNS address > as the nameserver for all the domains. > > What does it mean that the local DNS service is returning REFUSED? How > can I debug this further? Or, does anyone know how to fix it?
You can enable logging of queries in dnsmasq with: echo log-queries > /etc/NetworkManager/dnsmasq.d/log-queries killall -HUP NetworkManager After this, you should see in logs queries sent by dnsmasq and responses from name servers. Which dnsmasq version are you using? There was a bug in the way dnsmasq cached sockets for queries that caused problems when the VPN interface is recreated by kernel with a different ifindex; see [1] [2] for more details. This could be the cause of the problem you see. Beniamino [1] https://bugzilla.redhat.com/show_bug.cgi?id=1367772 [2] http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=2675f2061525bc954be14988d64384b74aa7bf8b
signature.asc
Description: PGP signature
_______________________________________________ networkmanager-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/networkmanager-list
