Package: openvpn Version: 2.5~beta3-1 Severity: important X-Debbugs-Cc: debb...@chiraag.me
Dear Maintainer, I happened to run into an interesting issue and I'm not entirely sure if the problem is in openvpn, openvpn-systemd-resolved, or systemd-resolved. 1. I have several configuration files in /etc/openvpn, say A.conf and B.conf. 2. I run sudo systemctl start openvpn@A and note that the tunnel is established, DNS queries don't leak, etc. Everything's good. 3. I then run sudo systemctl start openvpn@B and note that a new tunnel is established and DNS queries are (at the very least) _also_ routed to the new DNS server. Everything's still good (I'm not sure if DNS queries are *also* routed to the first VPN server's DNS server due to both having dhcp-option DOMAIN-ROUTE ., but that's irrelevant for my specific use-case and irrelevant to this bug). 4. I then disconnect from B by running sudo systemctl stop openvpn@B and note that the first tunnel is still established (good!), but all traffic seems to be directed to my main network interface instead (bad!). This can be verified by going to e.g. https://whatismyipaddress.com and noticing that your ISP's IP address is the one showing there rather than the IP address assigned by your VPN provider. I would have expected the first tunnel to take over the connection, especially since resolvectl status still seemed to indicate that everything was set correctly on the DNS end (correct domain routing, etc) and systemctl status openvpn@A seemed to show that the VPN is still connected. Sincerely, Chiraag -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.8.0-1-amd64 (SMP w/8 CPU threads) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=kn_IN.UTF-8, LC_CTYPE=kn_IN.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages openvpn depends on: ii debconf [debconf-2.0] 1.5.74 ii iproute2 5.8.0-1 ii libc6 2.31-3 ii liblz4-1 1.9.2-2 ii liblzo2-2 2.10-2 ii libpam0g 1.3.1-5 ii libpkcs11-helper1 1.26-1+b1 ii libssl1.1 1.1.1g-1 ii libsystemd0 246.6-1 ii lsb-base 11.1.0 Versions of packages openvpn recommends: pn easy-rsa <none> Versions of packages openvpn suggests: hi openssl 1.1.1g-1 ii openvpn-systemd-resolved 1.3.0-3 pn resolvconf <none> -- Configuration Files: /etc/openvpn/update-resolv-conf [Errno 13] Permission denied: '/etc/openvpn/update-resolv-conf' -- debconf information excluded
