[Bug 1926143] [NEW] DNS resolution faulty over openconnect

Mon, 26 Apr 2021 03:30:54 -0700 

Public bug reported:

When connected over VPN, then some domain names are incorrectly
resolved. In particular HTTPS/SSL is not working for many sites. Steps
to reproduce:

1) Connect to a vpn via openconnect

2) Lookup an address:

nslookup www.bing.com
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
Name:   www.bing.com
Address: 145.253.3.148
Name:   www.bing.com
Address: 2a01:860:0:210::1:0

Which is wrong. Whois shows that this is actually an address of a
backbone server used by my provider.

Workaround:

3) Deactivate automatic updates to resolv.conf with sudo dpkg-reconfigure 
resolvconf
4) Add the line: nameserver 8.8.8.8 to /etc/resolvconf/resolv.conf.d/head
5) run sudo resolvconf -u
6) Verify DNS resolution:

nslookup www.bing.com
Server:         8.8.8.8
Address:        8.8.8.8#53

Non-authoritative answer:
www.bing.com    canonical name = a-0001.a-afdentry.net.trafficmanager.net.
a-0001.a-afdentry.net.trafficmanager.net        canonical name = 
www-bing-com.dual-a-0001.a-msedge.net.
www-bing-com.dual-a-0001.a-msedge.net   canonical name = 
dual-a-0001.a-msedge.net.
Name:   dual-a-0001.a-msedge.net
Address: 204.79.197.200
Name:   dual-a-0001.a-msedge.net
Address: 13.107.21.200
Name:   dual-a-0001.a-msedge.net
Address: 2620:1ec:c11::200

Which returns the correct ip address.

ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: resolvconf 1.82
Uname: Linux 5.8.0-050800-generic x86_64
ApportVersion: 2.20.11-0ubuntu27.16
Architecture: amd64
CasperMD5CheckResult: skip
CurrentDesktop: ubuntu:GNOME
Date: Mon Apr 26 11:21:43 2021
InstallationDate: Installed on 2015-11-05 (1999 days ago)
InstallationMedia: Ubuntu 14.04.3 LTS "Trusty Tahr" - Beta amd64 (20150805)
PackageArchitecture: all
SourcePackage: resolvconf
UpgradeStatus: Upgraded to focal on 2020-09-10 (228 days ago)
modified.conffile..etc.apport.crashdb.conf: [modified]
mtime.conffile..etc.apport.crashdb.conf: 2019-03-07T14:28:39.455024

** Affects: resolvconf (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug focal

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926143

Title:
  DNS resolution faulty over openconnect

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/resolvconf/+bug/1926143/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to