[Bug 1754671] Re: Full-tunnel VPN DNS leakage regression

fessmage 1754671 at bugs.launchpad.net
Tue Feb 5 07:48:09 UTC 2019


@dwmw2, as far as i understand, you should configuring DNS through
systemd-resolve only. Try remove your edits from `/etc/NetworkManager
/system-connections`, or even delete your connections from
NetworkManager interface, and create new. After that, establish vpn
connection and see at `systemd-resolve --status`, you should get
something like this:

```
Link 3 (tun0)
      Current Scopes: DNS
       LLMNR setting: yes
MulticastDNS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
         DNS Servers: xx.xx.xx.xx
                      xx.xx.xx.xx
          DNS Domain: ~.

Link 2 (enp3s0)
      Current Scopes: DNS
       LLMNR setting: yes
MulticastDNS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
         DNS Servers: 192.168.1.1
          DNS Domain: local.domain
```

Where local.domain was received from DHCP server in local network. In
that case you will send DNS requests in local.domain to local DNS
server, and all other DNS requests - over VPN. That is expected
behaviour. If you get this, but you have needs for redirecting DNS
requests for some domain through other route (let's say, requests to
local2.domain2, without VPN), you can do this with next command:
`systemd-resolve -i enp3s0 --set-domain=local2.domain2`

-- 
You received this bug notification because you are a member of Network-
manager, which is subscribed to NetworkManager.
https://bugs.launchpad.net/bugs/1754671

Title:
  Full-tunnel VPN DNS leakage regression

To manage notifications about this bug go to:
https://bugs.launchpad.net/network-manager/+bug/1754671/+subscriptions



More information about the ubuntu-desktop mailing list