[Bug 1783377] Re: systemd-resolved updated by network-manager-strongswan needed to restart to use the new dns servers
Peter Beurle
1783377 at bugs.launchpad.net
Mon Aug 17 11:33:10 UTC 2020
Seems like its still a problem in Ubuntu 20.04.1 / focal
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1783377
Title:
systemd-resolved updated by network-manager-strongswan needed to
restart to use the new dns servers
Status in systemd package in Ubuntu:
Confirmed
Bug description:
Ubuntu 18.04.1 / bionic
systemd:
Installé : 237-3ubuntu10.3
Fresh install on a VM, was facing a bug when connecting to strongswan
ikev2 vpn
(https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1772705)
-> Updated from cosmic the required packages for the VPN that has the
bug fixed (5.6.2-2):
network-manager-strongswan:
Installé : 1.4.4-1
Candidat : 1.4.4-1
Table de version :
*** 1.4.4-1 300
300 http://archive.ubuntu.com/ubuntu cosmic/universe amd64 Packages
100 /var/lib/dpkg/status
1.4.2-2 500
500 http://fr.archive.ubuntu.com/ubuntu bionic/universe amd64 Packages
libcharon-extra-plugins:
Installé : 5.6.2-2ubuntu1
Candidat : 5.6.2-2ubuntu1
Table de version :
*** 5.6.2-2ubuntu1 300
300 http://archive.ubuntu.com/ubuntu cosmic/main amd64 Packages
100 /var/lib/dpkg/status
5.6.2-1ubuntu2 500
500 http://fr.archive.ubuntu.com/ubuntu bionic/main amd64 Packages
libcharon-standard-plugins:
Installé : 5.6.2-2ubuntu1
Candidat : 5.6.2-2ubuntu1
Table de version :
*** 5.6.2-2ubuntu1 300
300 http://archive.ubuntu.com/ubuntu cosmic/main amd64 Packages
100 /var/lib/dpkg/status
5.6.2-1ubuntu2 500
500 http://fr.archive.ubuntu.com/ubuntu bionic/main amd64 Packages
libstrongswan-extra-plugins:
Installé : 5.6.2-2ubuntu1
Candidat : 5.6.2-2ubuntu1
Table de version :
*** 5.6.2-2ubuntu1 300
300 http://archive.ubuntu.com/ubuntu cosmic/main amd64 Packages
100 /var/lib/dpkg/status
5.6.2-1ubuntu2 500
500 http://fr.archive.ubuntu.com/ubuntu bionic/main amd64 Packages
libstrongswan-standard-plugins:
Installé : 5.6.2-2ubuntu1
Candidat : 5.6.2-2ubuntu1
Table de version :
*** 5.6.2-2ubuntu1 300
300 http://archive.ubuntu.com/ubuntu cosmic/main amd64 Packages
100 /var/lib/dpkg/status
5.6.2-1ubuntu2 500
500 http://fr.archive.ubuntu.com/ubuntu bionic/main amd64 Packages
Before connecting the VPN, `systemd-resolve --status` shows :
DNS Servers: 192.168.1.254 # my home box resolver
After connecting :
DNS Servers: 10.0.0.254 # DNS resolver provided by the VPN server
192.168.1.254 # my home box resolver
This seems OK, but the resolution fails as it is still using the local DNS :
systemd-resolved[270]: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.
After issuing `systemctl reload-or-restart systemd-resolved.service`,
everything seems fine.
systemd-resolved[5651]: Got DNS stub UDP query packet for id 24298
systemd-resolved[5651]: Looking up RR for my.host.inside.vpn IN A.
systemd-resolved[5651]: Switching to DNS server 10.0.0.254 for interface enp0s3.
systemd-resolved[5651]: Cache miss for my.host.inside.vpn IN A
systemd-resolved[5651]: Transaction 9273 for <my.host.inside.vpn IN A> scope dns on enp0s3/*.
systemd-resolved[5651]: Using feature level UDP+EDNS0 for transaction 9273.
systemd-resolved[5651]: Using DNS server 10.0.0.254 for transaction 9273.
I was hoping that `systemd-resolved` could find the new DNS without
restarting its service after connecting to the VPN.
Thanks for reading
Best Regards,
Vincent
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1783377/+subscriptions
More information about the foundations-bugs
mailing list