[Bug 1624317] Re: systemd-resolved breaks VPN with split-horizon DNS

Mathew Hodson mathew.hodson at gmail.com
Sun Sep 1 01:48:01 UTC 2019 

** Description changed:

  [Impact]
  
-  * NetworkManager incorrectly handles dns-priority of the VPN-like
+  * NetworkManager incorrectly handles dns-priority of the VPN-like
  connections, which leads to leaking DNS queries outside of the VPN into
  the general internet.
  
-  * Upstream has resolved this issue in master and 1.8 to correctly
+  * Upstream has resolved this issue in master and 1.8 to correctly
  configure any dns backends with negative dns-priority settings.
- 
- [Test Case]
- 
- #FIXME#
- 
-  * detailed instructions how to reproduce the bug
- 
-  * these should allow someone who is not familiar with the affected
-    package to reproduce the bug and verify that the updated package fixes
-    the problem.
- 
- #FIXME#
  
  [Regression Potential]
  
-  * If this issue is changed DNS resolution will change, for certain
+  * If this issue is changed DNS resolution will change, for certain
  queries, to go via VPN rather than general internet. And therefore, one
  may get new/different results or even loose access to resolve/access
  certain parts of the interent depending on what the DNS server on VPN
  chooses to respond to.
  
  [Other Info]
-  
-  * Original bug report
+ 
+  * Original bug report
  
  I use a VPN configured with network-manager-openconnect-gnome in which a
  split-horizon DNS setup assigns different addresses to some names inside
  the remote network than the addresses seen for those names from outside
  the remote network.  However, systemd-resolved often decides to ignore
  the VPN’s DNS servers and use the local network’s DNS servers to resolve
  names (whether in the remote domain or not), breaking the split-horizon
  DNS.
  
  This related bug, reported by Lennart Poettering himself, was closed with the current Fedora release at the time reaching EOL:
  https://bugzilla.redhat.com/show_bug.cgi?id=1151544

-- 
You received this bug notification because you are a member of Network-
manager, which is subscribed to NetworkManager.
https://bugs.launchpad.net/bugs/1624317

Title:
  systemd-resolved breaks VPN with split-horizon DNS

To manage notifications about this bug go to:
https://bugs.launchpad.net/network-manager/+bug/1624317/+subscriptions

More information about the ubuntu-desktop mailing list