Did you ensure that the connection was set for "use only for resources
on the connection"? (I believe this may be ipv4.never-default=yes
setting in nmcli... and only bring it up because you do not mention it.)

I also think the negative DNS priority might be historical, no longer
needed. (I just noticed mine was set to 50, which I believe is default
for VPN connections now)

I should also note that if the never-default is set to "no"... I *will*
see the DNS server, however the routing is then incorrect as the VPN
concerned doesn't provide public routes.

So to be clear... never-default needs to be set to yes... DNS we expect
is from DHCP options sent from the VPN server, and the problem is that
you will see NO DNS servers for tun0 when you run the 'systemd-resolve
--status' command

You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.

  NetworkManager 1.10.6-2ubuntu1.2 breaks VPN DNS

Status in network-manager package in Ubuntu:

Bug description:
  NetworkManager as of 1.10.6-2ubuntu1.2 has cause a regression whereby
  a VPN connection which sets it's dns-priority to a negative value,
  which should cause the DNS server supplied by the DNS connection to be
  placed first, instead now refuses to place the DNS server into the
  resolver under any circumstance.

  Pinning the 1.10.6-2ubuntu1.1 works around the issue.

  I suspect the fix-dns-leak-lp1754671.patch has caused this regression.

  This patch should be reverted as soon as possible to restore proper
  functionality of network manager with respect to VPN servers with DNS

  $ lsb_release -rd
  Description:  Ubuntu 18.04.3 LTS
  Release:      18.04

To manage notifications about this bug go to:

Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to