In reference to John Bedford's comment: >bedfojo (commercial-johnbedford) wrote on 2017-06-06: #57 >Nicholas, thank you very much for your work on this patch. >It works correctly for me: no DNS leak detected by either https://ipleak.net >or >https://dnsleaktest.com for me, when both detected leaks in the unpatched >version. >Running Ubuntu-MATE 17.04. >Could we perhaps get this upstreamed into NM? >bedfojo (commercial-johnbedford) wrote on 2017-06-06: #58 >I should add that I'm using network-manager-openvpn and >network-manager-openvpn-gnome.
I think it would be great if we could get this patch upstreamed into the network-manager! I've attached a finalized version of the patch with a more informative / verbose syslog message that also accounts for cisco gre/gretap connections not in #49. Please use this patch when building network-manager for Ubuntu 17.04. I will also attach a .deb build of network-manager for easy installation and testing for anyone interested. So far, this is known to solve dns leaks with network-manager-openvpn but could also solve dns leaks for other VPNs that use TUN, TAP, or Cisco GRE network interfaces through the network-manager. You should now see a message in your syslog when connecting that looks like the following: NetworkManager[32636]: <info> [1496880041.6435] systemd-resolved[0x55cc602ce430]: Link #12 type is VPN TUN or TAP, fixing DNS leak... Make sure to stop apt from replacing the patched .deb using: sudo apt-mark hold network-manager To verify that you are using the 'routing-only domain', use the command systemd-resolve --status and look for the line "DNS Domain: ~." under the VPN link number. Alternatively, check that you are not experiencing DNS leaks using the 'extended test' on https://dnsleaktest.com/ Cheers :) ** Patch added: "resolved-vpn-dns-leak-fix.patch" https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1624317/+attachment/4891740/+files/resolved-vpn-dns-leak-fix.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1624317 Title: systemd-resolved breaks VPN with split-horizon DNS To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1624317/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
