[Bug 1634689] Re: DNS leak after upgrade to 16.10
*** This bug is a duplicate of bug 1754671 *** https://bugs.launchpad.net/bugs/1754671 ** This bug has been marked a duplicate of bug 1754671 Full-tunnel VPN DNS leakage regression -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1634689 Title: DNS leak after upgrade to 16.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1634689/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1634689] Re: DNS leak after upgrade to 16.10
[Expired for openvpn (Ubuntu) because there has been no activity for 60 days.] ** Changed in: openvpn (Ubuntu) Status: Incomplete => Expired -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1634689 Title: DNS leak after upgrade to 16.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1634689/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1634689] Re: DNS leak after upgrade to 16.10
Mathieu, sorry for the delay. https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1652525 is the bug ID. Thanks. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1634689 Title: DNS leak after upgrade to 16.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1634689/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 1634689] Re: DNS leak after upgrade to 16.10
My setup is pretty generic. I'm sure Eylul's log files are representative of the same bug. On Mon, Dec 19, 2016 at 11:47 AM, Mathieu Trudel-Lapierrewrote: > Eylul, please file a separate bug for your particular issue, you > configuration may be quite different than James'. When you've done so, > please comment back here with the bug number. > > -- > You received this bug notification because you are subscribed to the bug > report. > https://bugs.launchpad.net/bugs/1634689 > > Title: > DNS leak after upgrade to 16.10 > > Status in openvpn package in Ubuntu: > Incomplete > > Bug description: > Two different openvpn servers I have tried now have a DNS leak with an > Ubuntu 16.10 client. This worked fine for both of these servers with > Ubuntu 16.04 clients. > > I've edited this to reflect better understanding of the bug. I > initially believed it was not redirecting the gateway at all. It turns > out that it is correctly redirecting the gateway, and is using the > pushed DNS ip. But the DNS being pushed is secondary to the ISP's DNS, > which results in a DNS leak. This was not the behavior of openvpn with > Ubuntu 16.04. > > This may be related to the bug described in this comment: (He > describes a "fix" applied to 16.10, which might be the source of the > problem.) > > https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/120/comments/50 > > That comment leads to the package below, which may also be the source of > the problem: > https://launchpad.net/ubuntu/+source/network-manager/1.2.2-0ubuntu4 > > edit2: The problem also exists when running openvpn from the command > line, so the network manager is not part of the problem. > > To manage notifications about this bug go to: > https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1634689/+subscriptions -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1634689 Title: DNS leak after upgrade to 16.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1634689/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1634689] Re: DNS leak after upgrade to 16.10
Eylul, please file a separate bug for your particular issue, you configuration may be quite different than James'. When you've done so, please comment back here with the bug number. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1634689 Title: DNS leak after upgrade to 16.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1634689/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1634689] Re: DNS leak after upgrade to 16.10
Also noticed this. when using a couple of example setup files (different servers) that worked without leak in 16.04, in 16.10 there is dns leak. I am not sure how to exactly send requests mean for VPN but would be willing to try if I can figure it out. The rest of the information is below. How is the VPN configured on the client? Export of VPN settings as .ovpn: client remote ca cert key comp-lzo yes dev tun proto udp nobind auth-nocache script-security 2 persist-key persist-tun user nm-openvpn group nm-openvpn vpn conf at /etc/NetworkManager: [connection] id= uuid= type=vpn permissions= secondaries= timestamp= [vpn] connection-type=tls remote=: comp-lzo=yes cert-pass-flags=0 cert= dev=tun key= ca= service-type=org.freedesktop.NetworkManager.openvpn [ipv4] dns-search= method=auto [ipv6] addr-gen-mode=stable-privacy dns-search= ip6-privacy=0 method=auto Is it set up to "Use this connection only for the resources on its network"? Is that the case for both IPv4 and IPv6? No, and no. What are the contents of /etc/resolv.conf? /etc/resolve.conf while VPN is running: # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 127.0.1.1 search home -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1634689 Title: DNS leak after upgrade to 16.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1634689/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1634689] Re: DNS leak after upgrade to 16.10
"There is a DNS leak" doesn't tell us much. Could you please further describe what you're seeing as incorrect behavior, and exactly how the VPN is configured on the client? Is it set up to "Use this connection only for the resources on its network"? Is that the case for both IPv4 and IPv6? What are the contents of /etc/resolv.conf, and what happens if you try to send requests meant for the VPN (preferably without any browser or other things running that could send DNS requests), and immediately afterwards send a USR1 signal to dnsmasq? (You can use "sudo kill -USR1 `pidof dnsmasq`", or sudo kill -USR1 just the dnsmasq process spawned by NetworkManager). ** Changed in: openvpn (Ubuntu) Status: Confirmed => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1634689 Title: DNS leak after upgrade to 16.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1634689/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1634689] Re: DNS leak after upgrade to 16.10
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: openvpn (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1634689 Title: DNS leak after upgrade to 16.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1634689/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1634689] Re: DNS leak after upgrade to 16.10
** Description changed: Two different openvpn servers I have tried now have a DNS leak with an Ubuntu 16.10 client. This worked fine for both of these servers with Ubuntu 16.04 clients. I've edited this to reflect better understanding of the bug. I initially believed it was not redirecting the gateway at all. It turns out that it is correctly redirecting the gateway, and is using the pushed DNS ip. But the DNS being pushed is secondary to the ISP's DNS, which results in a DNS leak. This was not the behavior of openvpn with Ubuntu 16.04. This may be related to the bug described in this comment: (He describes a "fix" applied to 16.10, which might be the source of the problem.) https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/120/comments/50 - That comment leads to the package below, which may also be the source of the problem: + That comment leads to the package below, which may also be the source of the problem: https://launchpad.net/ubuntu/+source/network-manager/1.2.2-0ubuntu4 + + edit2: The problem also exists when running openvpn from the command + line, so the network manager is not part of the problem. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1634689 Title: DNS leak after upgrade to 16.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1634689/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs