P.S. Oscar, and everyone else who has commented, please say what version
of network-manager-openvpn you are using.
I have just done some testing. I have the following package versions.
network-manager 0.9.8.0-0ubuntu17
network-manager-dev 0.9.8.0-0ubuntu6
network-manager-gnome 0.9.8.0-1ubuntu2
network-manager-openvpn 0.9.8.2-1ubuntu2
When I make an OpenVPN connection to corp.com via my home LAN which has
local TLD "mydom" I see the following in /var/log/syslog.
[...] NetworkManager[1247]: <info> Internal DNS: 172.17.1.2
Whether dns=dnsmasq or not I get the following.
$ nmcli -f IP4 dev list | grep DNS
IP4.DNS[1]: 192.168.1.254
IP4.DNS[1]: 192.168.1.254
In fact, nmcli seems to have no knowledge at all of the VPN. But this
doesn't seem to matter.
Now (a) if "dns=dnsmasq" then NetworkManager passes the address
127.0.1.1 (which is the listen address of the dnsmasq instance that it
controls) to resolvconf
$ cat /run/resolvconf/interface/NetworkManager
domain mydom
search corp.com mydom
nameserver 127.0.1.1
which turns up in resolv.conf .
$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by
resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.1.1
search mydom corp.com
and passes the correct addresses to the dnsmasq instance that it
controls, as evidenced by dnsmasq's messages in syslog.
[...] dnsmasq[5803]: setting upstream servers from DBus
[...] dnsmasq[5803]: using nameserver 172.17.1.2#53 for domain
17.172.in-addr.arpa
[...] dnsmasq[5803]: using nameserver 172.17.1.2#53 for domain corp.com
[...] dnsmasq[5803]: using nameserver 192.168.1.254#53
[...] dnsmasq[5803]: using nameserver 192.168.1.254#53
Testing reveals that LAN, Internet and VPN names are all resolved
correctly and I can see with wireshark that the DNS queries are
forwarded to the correct addresses by dnsmasq. That is *.corp.com
queries go to 172.17.1.2 and other queries to 192.168.1.254.
If (b) "dns=dnsmasq" is commented out then NetworkManager passes the VPN
nameserver and LAN nameserver addresses, in that order, to resolvconf.
$ cat /run/resolvconf/interface/NetworkManager
domain mydom
search corp.com mydom
nameserver 172.17.1.2
nameserver 192.168.1.254
$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by
resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 172.17.1.2
nameserver 192.168.1.254
search mydom corp.com
Testing reveals that Internet and VPN names are resolved correctly but
LAN names are not and I can see that all queries go to the VPN
nameserver.
This is all as I would expect, except (as I mentioned earlier) for the
nmcli output, which fails to include any VPN information.
Conclusion: I can't reproduce the bug. Name service works for me with or
without "dns=dnsmasq" insofar as I would expect.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1169437
Title:
network-manager dnsmasq openvpn DNS issue
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/1169437/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
