Public bug reported: If you leave openvpn running for long enough it will eventually begin to fail with output like:
May 27 19:16:54 wakko nm-openvpn[16480]: RESOLVE: Cannot resolve host address: XXXX: Temporary failure in name resolution Analysis shows this is because openvpn is sending DNS queries to 127.0.0.1: socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 8 connect(8, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")}, 16) = 0 poll([{fd=8, events=POLLOUT}], 1, 0) = 1 ([{fd=8, revents=POLLOUT}]) sendto(8, ..., 30, MSG_NOSIGNAL, NULL, 0) = 30 However, this is not correct, dnsmasq listens on 127.0.1.1. It appears the a cause of this is the chroot, the chroot has no resolv.conf in it and the glibc default is to use 127.0.0.1 openvpn does a DNS query before chroot'ing which used to be enough to cache resolv.conf forever. I wonder if something has changed in glibc recently to cause the resolv.conf to be reloaded (eg Debian apparently has a patch that does this) A work around would be to copy the system resolv.conf into /var/lib/openvpn/chroot before starting openvpn Seen on Xenial and a few prior versions. ** Affects: network-manager-openvpn (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1586570 Title: openvpn chroot does not have a valid resolv.conf To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/1586570/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs