Notes; when "things are working", host does either:
while on VPN: {{{ $ LC_ALL=C host -t soa local. Host local. not found: 3(NXDOMAIN) $ LC_ALL=C dig -t soa local. ; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> -t soa local. ;; global options: +cmd ;; Got answer: ;; WARNING: .local is reserved for Multicast DNS ;; You are currently testing what happens when an mDNS query is leaked to DNS ;; ->>HEADER<<- opcode: QUERY, status: FORMERR, id: 7637 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: e1ff5e7222ad62da (echoed) ;; QUESTION SECTION: ;local. IN SOA ;; Query time: 21 msec ;; SERVER: 192.168.194.20#53(192.168.194.20) ;; WHEN: Mon Aug 20 12:01:19 EDT 2018 ;; MSG SIZE rcvd: 46 }}} while off VPN: {{{ $ LC_ALL=C host -t soa local. Host local not found: 2(SERVFAIL) $ LC_ALL=C dig -t soa local. ; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> -t soa local. ;; global options: +cmd ;; Got answer: ;; WARNING: .local is reserved for Multicast DNS ;; You are currently testing what happens when an mDNS query is leaked to DNS ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 61619 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;local. IN SOA ;; Query time: 0 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) ;; WHEN: Mon Aug 20 12:02:24 EDT 2018 ;; MSG SIZE rcvd: 34 }}} ===== while in the broken/hung state: ^^^^^^^^^^^ ===== {{{ $ LC_ALL=C host -t soa local. <HANGS FOREVER> :( }}} (even hangs w/ "-W 1") ... dig command augmented returns!: {{{ $ LC_ALL=C dig -t soa local. ; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> -t soa local. ;; global options: +cmd ;; Got answer: ;; WARNING: .local is reserved for Multicast DNS ;; You are currently testing what happens when an mDNS query is leaked to DNS ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 16967 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;local. IN SOA ;; Query time: 0 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) ;; WHEN: Mon Aug 20 11:56:58 EDT 2018 ;; MSG SIZE rcvd: 34 }}} (I am not familiar enough with SOAL local. lookups though to say if it can replace the host invocation in this method) /usr/lib/avahi/avahi-daemon-check-dns.sh dns_has_local() { # Some magic to do tests if [ -n "${FAKE_HOST_RETURN}" ] ; then if [ "${FAKE_HOST_RETURN}" = "true" ]; then return 0; else return 1; fi fi OUT=`LC_ALL=C host -t soa local. 2>&1` if [ $? -eq 0 ] ; then if echo "$OUT" | egrep -vq 'has no|not found'; then return 0 fi else # Checking the dns servers failed. Assuming no .local unicast dns, but # remove the nameserver cache so we recheck the next time we're triggered rm -f ${NS_CACHE} fi return 1 } -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to avahi in Ubuntu. https://bugs.launchpad.net/bugs/1752411 Title: bind9-host, avahi-daemon-check-dns.sh hang forever causes network connections to get stuck Status in avahi package in Ubuntu: Confirmed Status in bind9 package in Ubuntu: Confirmed Status in openconnect package in Ubuntu: Invalid Status in strongswan package in Ubuntu: New Status in avahi package in Debian: New Bug description: On 18.04 Openconnect connects successfully to any of multiple VPN concentrators but network traffic does not flow across the VPN tunnel connection. When testing on 16.04 this works flawlessly. This also worked on this system when it was on 17.10. I have tried reducing the mtu of the tun0 network device but this has not resulted in me being able to successfully ping the IP address. Example showing ping attempt to the IP of DNS server: ~$ cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN # 127.0.0.53 is the systemd-resolved stub resolver. # run "systemd-resolve --status" to see details about the actual nameservers. nameserver 172.29.88.11 nameserver 127.0.0.53 liam@liam-lat:~$ netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlp2s0 105.27.198.106 192.168.1.1 255.255.255.255 UGH 0 0 0 wlp2s0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0 172.29.0.0 0.0.0.0 255.255.0.0 U 0 0 0 tun0 172.29.88.11 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlp2s0 liam@liam-lat:~$ ping 172.29.88.11 PING 172.29.88.11 (172.29.88.11) 56(84) bytes of data. ^C --- 172.29.88.11 ping statistics --- 4 packets transmitted, 0 received, 100% packet loss, time 3054ms ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: openconnect 7.08-3 ProcVersionSignature: Ubuntu 4.15.0-10.11-generic 4.15.3 Uname: Linux 4.15.0-10-generic x86_64 ApportVersion: 2.20.8-0ubuntu10 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Wed Feb 28 22:11:33 2018 InstallationDate: Installed on 2017-06-15 (258 days ago) InstallationMedia: Ubuntu 16.04.1 LTS "Xenial Xerus" - Release amd64 (20160719) SourcePackage: openconnect UpgradeStatus: Upgraded to bionic on 2018-02-22 (6 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/1752411/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp