[Touch-packages] [Bug 1672491] Re: New NetworkManager breaks VPN DNS.
*** This bug is a duplicate of bug 1754671 *** https://bugs.launchpad.net/bugs/1754671 ** This bug is no longer a duplicate of bug 1688018 DNS server from vpn connection is not being used after network-manager upgrade to 1.2.6 ** This bug has been marked a duplicate of bug 1754671 Full-tunnel VPN DNS leakage regression -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1672491 Title: New NetworkManager breaks VPN DNS. Status in network-manager package in Ubuntu: Confirmed Bug description: Alright, this is going to be a frustrating bug for everyone involved I expect, but here goes. On Ubuntu 16.04, using a non-released VPN client (making this _much_ harder for anyone to reproduce), upgrading the network-manager packages from 1.2.2-0ubuntu0.16.04.3 to 1.2.6-0ubuntu0.16.04.1 quite handily broke DNS over the VPN. And it broke it really oddly. dnsmasq binds to socket 12 for the new interface, just fine. strace shows that it does the sendto for the DNS request, and that the poll calls are working, just fine. tcpdump shows the response messages, they are coming back from the correct host and port, going to my IP and the port that dnsmasq is sending from. There are no iptables rules involved, nothing is set to deny. dnsmasq is never getting the response packet. The request thus times out. Doing a host or dig directly to the DNS server works just fine. And this is completely reproducible, and goes away the moment I downgrade back to 1.2.2-0ubuntu0.16.04.3. Was there some change to how network-manager handles VPN interfaces/tap0 in the new version? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1672491/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1672491] Re: New NetworkManager breaks VPN DNS.
*** This bug is a duplicate of bug 1688018 *** https://bugs.launchpad.net/bugs/1688018 ** This bug is no longer a duplicate of bug 1639776 name resolution (dnsmasq) fails to send queries out after suspend/resume reconnects the interface ** This bug has been marked a duplicate of bug 1688018 DNS server from vpn connection is not being used after network-manager upgrade to 1.2.6 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1672491 Title: New NetworkManager breaks VPN DNS. Status in network-manager package in Ubuntu: Confirmed Bug description: Alright, this is going to be a frustrating bug for everyone involved I expect, but here goes. On Ubuntu 16.04, using a non-released VPN client (making this _much_ harder for anyone to reproduce), upgrading the network-manager packages from 1.2.2-0ubuntu0.16.04.3 to 1.2.6-0ubuntu0.16.04.1 quite handily broke DNS over the VPN. And it broke it really oddly. dnsmasq binds to socket 12 for the new interface, just fine. strace shows that it does the sendto for the DNS request, and that the poll calls are working, just fine. tcpdump shows the response messages, they are coming back from the correct host and port, going to my IP and the port that dnsmasq is sending from. There are no iptables rules involved, nothing is set to deny. dnsmasq is never getting the response packet. The request thus times out. Doing a host or dig directly to the DNS server works just fine. And this is completely reproducible, and goes away the moment I downgrade back to 1.2.2-0ubuntu0.16.04.3. Was there some change to how network-manager handles VPN interfaces/tap0 in the new version? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1672491/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1672491] Re: New NetworkManager breaks VPN DNS.
*** This bug is a duplicate of bug 1639776 *** https://bugs.launchpad.net/bugs/1639776 Any updates for this one? After half year? on LTS? Are you serious? Please note, that this bug #1672491 , ##1639776 and many other could be easily patched, just by applying patches: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=2675f2061525bc954be14988d64384b74aa7bf8b http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=16800ea072dd0cdf14d951c4bb8d2808b3dfe53d to dnsmasq package. If someone just could move the lazy ass and at least follow other distros like Fedora https://bugzilla.redhat.com/show_bug.cgi?id=1373485 I will post non constructive and frustrating post to all regarding bugs, so hopefully someone will feel ashamed and finally fix it. Otherwise I would like to ask you: step down as maintainers and orphan given package so someone else who knows how to patch source could take over from you - because you are doing no good by doing nothing! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1672491 Title: New NetworkManager breaks VPN DNS. Status in network-manager package in Ubuntu: Confirmed Bug description: Alright, this is going to be a frustrating bug for everyone involved I expect, but here goes. On Ubuntu 16.04, using a non-released VPN client (making this _much_ harder for anyone to reproduce), upgrading the network-manager packages from 1.2.2-0ubuntu0.16.04.3 to 1.2.6-0ubuntu0.16.04.1 quite handily broke DNS over the VPN. And it broke it really oddly. dnsmasq binds to socket 12 for the new interface, just fine. strace shows that it does the sendto for the DNS request, and that the poll calls are working, just fine. tcpdump shows the response messages, they are coming back from the correct host and port, going to my IP and the port that dnsmasq is sending from. There are no iptables rules involved, nothing is set to deny. dnsmasq is never getting the response packet. The request thus times out. Doing a host or dig directly to the DNS server works just fine. And this is completely reproducible, and goes away the moment I downgrade back to 1.2.2-0ubuntu0.16.04.3. Was there some change to how network-manager handles VPN interfaces/tap0 in the new version? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1672491/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1672491] Re: New NetworkManager breaks VPN DNS.
*** This bug is a duplicate of bug 1639776 *** https://bugs.launchpad.net/bugs/1639776 ** This bug is no longer a duplicate of bug 1671606 DNS server from vpn connection is not being used after network-manager upgrade to 1.2.6-0ubuntu0.16.04.1 ** This bug has been marked a duplicate of bug 1639776 dnsmasq fails to send queries out after suspend disconnects the interface -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1672491 Title: New NetworkManager breaks VPN DNS. Status in network-manager package in Ubuntu: Confirmed Bug description: Alright, this is going to be a frustrating bug for everyone involved I expect, but here goes. On Ubuntu 16.04, using a non-released VPN client (making this _much_ harder for anyone to reproduce), upgrading the network-manager packages from 1.2.2-0ubuntu0.16.04.3 to 1.2.6-0ubuntu0.16.04.1 quite handily broke DNS over the VPN. And it broke it really oddly. dnsmasq binds to socket 12 for the new interface, just fine. strace shows that it does the sendto for the DNS request, and that the poll calls are working, just fine. tcpdump shows the response messages, they are coming back from the correct host and port, going to my IP and the port that dnsmasq is sending from. There are no iptables rules involved, nothing is set to deny. dnsmasq is never getting the response packet. The request thus times out. Doing a host or dig directly to the DNS server works just fine. And this is completely reproducible, and goes away the moment I downgrade back to 1.2.2-0ubuntu0.16.04.3. Was there some change to how network-manager handles VPN interfaces/tap0 in the new version? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1672491/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1672491] Re: New NetworkManager breaks VPN DNS.
*** This bug is a duplicate of bug 1671606 *** https://bugs.launchpad.net/bugs/1671606 ** This bug has been marked a duplicate of bug 1671606 DNS server from vpn connection is not being used after network-manager upgrade to 1.2.6-0ubuntu0.16.04.1 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1672491 Title: New NetworkManager breaks VPN DNS. Status in network-manager package in Ubuntu: Confirmed Bug description: Alright, this is going to be a frustrating bug for everyone involved I expect, but here goes. On Ubuntu 16.04, using a non-released VPN client (making this _much_ harder for anyone to reproduce), upgrading the network-manager packages from 1.2.2-0ubuntu0.16.04.3 to 1.2.6-0ubuntu0.16.04.1 quite handily broke DNS over the VPN. And it broke it really oddly. dnsmasq binds to socket 12 for the new interface, just fine. strace shows that it does the sendto for the DNS request, and that the poll calls are working, just fine. tcpdump shows the response messages, they are coming back from the correct host and port, going to my IP and the port that dnsmasq is sending from. There are no iptables rules involved, nothing is set to deny. dnsmasq is never getting the response packet. The request thus times out. Doing a host or dig directly to the DNS server works just fine. And this is completely reproducible, and goes away the moment I downgrade back to 1.2.2-0ubuntu0.16.04.3. Was there some change to how network-manager handles VPN interfaces/tap0 in the new version? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1672491/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1672491] Re: New NetworkManager breaks VPN DNS.
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: network-manager (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1672491 Title: New NetworkManager breaks VPN DNS. Status in network-manager package in Ubuntu: Confirmed Bug description: Alright, this is going to be a frustrating bug for everyone involved I expect, but here goes. On Ubuntu 16.04, using a non-released VPN client (making this _much_ harder for anyone to reproduce), upgrading the network-manager packages from 1.2.2-0ubuntu0.16.04.3 to 1.2.6-0ubuntu0.16.04.1 quite handily broke DNS over the VPN. And it broke it really oddly. dnsmasq binds to socket 12 for the new interface, just fine. strace shows that it does the sendto for the DNS request, and that the poll calls are working, just fine. tcpdump shows the response messages, they are coming back from the correct host and port, going to my IP and the port that dnsmasq is sending from. There are no iptables rules involved, nothing is set to deny. dnsmasq is never getting the response packet. The request thus times out. Doing a host or dig directly to the DNS server works just fine. And this is completely reproducible, and goes away the moment I downgrade back to 1.2.2-0ubuntu0.16.04.3. Was there some change to how network-manager handles VPN interfaces/tap0 in the new version? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1672491/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1672491] Re: New NetworkManager breaks VPN DNS.
Alright, this is due to a change to 1.2.4: commit 2f12f485607590d6415cf5fb81ad4db5b04615cd Author: Beniamino GalvaniDate: Wed May 11 18:43:41 2016 +0200 dns: specify egress interface for each dnsmasq upstream server Currently we don't specify to dnsmasq which interface must be used to contact a given nameserver and so requests can be sent through the wrong interface. Fix this by concatenating a @interface prefix to each server (unless an IPv6 interface scope-id is already present). https://bugzilla.gnome.org/show_bug.cgi?id=765153 (cherry picked from commit b71e104d333a1eb3325274089faf449126a4b157) Now, this causes _two_ problems. The first is that for some VPN connections you get traffic going out on tap0, but due to the wonders of ipsec the responses show up on the actual interface, such as eth0 or wlan0. This is a little bit of a pain normally, but it means that dnsmasq simply dies. It is possible that this is something I can fix on my VPN package, but it's _not_ a change that I expected to see in a LTS release. Second, https://bugzilla.redhat.com/show_bug.cgi?id=1373485 (upstream commit http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=2675f2061525bc954be14988d64384b74aa7bf8b fixes it) now matters, and without that fix anything that removes an interface and brings it back up breaks dnsmasq until dnsmasq is restarted. So, either 16.04 needs to fall back to 1.2.2, or dnsmasq needs the fix applied. (And if the latter is chosen, VPN plugins which worked before may still be non-functional until additional work on them is done. Again, in an LTS release?) Regards, Zephaniah E. Loss-Cutler-Hull. ** Bug watch added: GNOME Bug Tracker #765153 https://bugzilla.gnome.org/show_bug.cgi?id=765153 ** Bug watch added: Red Hat Bugzilla #1373485 https://bugzilla.redhat.com/show_bug.cgi?id=1373485 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1672491 Title: New NetworkManager breaks VPN DNS. Status in network-manager package in Ubuntu: New Bug description: Alright, this is going to be a frustrating bug for everyone involved I expect, but here goes. On Ubuntu 16.04, using a non-released VPN client (making this _much_ harder for anyone to reproduce), upgrading the network-manager packages from 1.2.2-0ubuntu0.16.04.3 to 1.2.6-0ubuntu0.16.04.1 quite handily broke DNS over the VPN. And it broke it really oddly. dnsmasq binds to socket 12 for the new interface, just fine. strace shows that it does the sendto for the DNS request, and that the poll calls are working, just fine. tcpdump shows the response messages, they are coming back from the correct host and port, going to my IP and the port that dnsmasq is sending from. There are no iptables rules involved, nothing is set to deny. dnsmasq is never getting the response packet. The request thus times out. Doing a host or dig directly to the DNS server works just fine. And this is completely reproducible, and goes away the moment I downgrade back to 1.2.2-0ubuntu0.16.04.3. Was there some change to how network-manager handles VPN interfaces/tap0 in the new version? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1672491/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp