[Bug 1624317] Re: systemd-resolved breaks VPN with split-horizon DNS

[Martin Pitt]

The upstream issue actually applies to both. IMHO, if you restrict a DNS
server to a particular list of domains it should be used *exactly* for
the given domains (only). Querying it for other domains is a privacy
leak, and querying other name servers for those domains is most probably
going to fail anyway and thus a waste.

> Also, here I am using NetworkManager, not systemd-networkd.

That's unrelated, as that is about resolving DNS names, not bringing up
the network.

So, this does match the upstream issue, setting to triaged.

** Changed in: systemd (Ubuntu)
       Status: New => Triaged

** Changed in: systemd (Ubuntu)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1624317

Title:
  systemd-resolved breaks VPN with split-horizon DNS

Status in systemd:
  New
Status in systemd package in Ubuntu:
  Triaged

Bug description:
  I use a VPN configured with network-manager-openconnect-gnome in which
  a split-horizon DNS setup assigns different addresses to some names
  inside the remote network than the addresses seen for those names from
  outside the remote network.  However, systemd-resolved often decides
  to ignore the VPN’s DNS servers and use the local network’s DNS
  servers to resolve names (whether in the remote domain or not),
  breaking the split-horizon DNS.

  This related bug, reported by Lennart Poettering himself, was closed with the current Fedora release at the time reaching EOL:
  https://bugzilla.redhat.com/show_bug.cgi?id=1151544

To manage notifications about this bug go to:
https://bugs.launchpad.net/systemd/+bug/1624317/+subscriptions