NetworkManager, dnsmasq & VPN-provided DNS servers ?

Tom H tomh0665 at
Mon Mar 28 15:13:16 UTC 2016

On Thu, Mar 24, 2016 at 12:15 PM, Florent B <florent at> wrote:
> I don't understand something with NetworkManager in its default
> configuration, where dns servers are handled by dnsmasq.
> *It seems* that dnsmasq balances queries across all DNS servers it
> knows, including local servers and servers provided through a VPN.
> Behaviour should be : use VPN-provided DNS servers first, no ?
> Actual behaviour leads to DNS leaks, which could be dangerous.
> The only solution I found is to disable dnsmasq, and let DNS servers
> handled by the system with resolv.conf file, where DNS servers provided
> via VPN are on the top of the list.

I haven't used NM with dnsmasq but, with the standalone dnsmasq, you
can use "server=/vpn_domain/vpn_nameserver_ip" in "/etc/dnsmasq.conf"
or "/etc/dnsmasq.d/". There's an "/etc/NetworkManager/dnsmasq.d/"
directory that must (famous last words!) provide the same

More information about the ubuntu-users mailing list