Public bug reported:

This is my VPN connection. I set not to add DNS resolving (ipv6.ignore-
auto-dns: "true") and default route for ipv6 (ipv6.never-default:
"true")

Yet after connection it still set the default route via tun0

These routes I get:
2a00:1398:300:14::/64 dev tun0 proto kernel metric 50 pref medium
2000::/3 via 2a00:1398:300:14::1 dev tun0 proto static metric 50 pref medium

For instance
$ dig en.wikipedia.org AAAA +short
dyna.wikimedia.org.
2a02:ec80:300:ed1a::1

$ sudo ip -6 r get 2a02:ec80:300:ed1a::1
2a02:ec80:300:ed1a::1 from :: via 2a00:1398:300:14::1 dev tun0 proto static src 
2a00:1398:300:14::1080 metric 50 pref medium

Maybe I don't understand something here. But the above subnets does not
cover en.wikipedia.org ipv6 .

$ sudo cat /etc/netplan/90-NM-6be5abbb-c998-4f66-9752-e2d10a6c13b4.yaml
network:
  version: 2
  nm-devices:
    NM-6be5abbb-c998-4f66-9752-e2d10a6c13b4:
      renderer: NetworkManager
      networkmanager:
        uuid: "6be5abbb-c998-4f66-9752-e2d10a6c13b4"
        name: "CENSORED"
        passthrough:
          connection.type: "vpn"
          connection.timestamp: "1743602165"
          vpn.ca: "/home/mastier/.cert/CENSORED.pem"
          vpn.connect-timeout: "5"
          vpn.connection-type: "password"
          vpn.dev: "tun"
          vpn.password-flags: "1"
          vpn.remote: "CENSORED:1194:udp"
          vpn.tls-version-min: "1.3"
          vpn.username: "CENSORED"
          vpn.verify-x509-name: "name:CENSORED"
          vpn.service-type: "org.freedesktop.NetworkManager.openvpn"
          ipv4.method: "auto"
          ipv4.never-default: "true"
          ipv6.addr-gen-mode: "default"
          ipv6.ignore-auto-dns: "true"
          ipv6.method: "auto"
          ipv6.never-default: "true"
          proxy._: ""

$ apt-cache policy network-manager
network-manager:
  Installed: 1.46.0-1ubuntu2.2
  Candidate: 1.46.0-1ubuntu2.2
  Version table:
 *** 1.46.0-1ubuntu2.2 500
        500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
        100 /var/lib/dpkg/status
     1.46.0-1ubuntu2 500
        500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages

$ apt-cache policy network-manager-openvpn
network-manager-openvpn:
  Installed: 1.10.2-4build2
  Candidate: 1.10.2-4build2
  Version table:
 *** 1.10.2-4build2 500
        500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
        100 /var/lib/dpkg/status

$ apt-cache policy netplan.io
netplan.io:
  Installed: 1.1.1-1~ubuntu24.04.1
  Candidate: 1.1.1-1~ubuntu24.04.1
  Version table:
 *** 1.1.1-1~ubuntu24.04.1 500
        500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
        100 /var/lib/dpkg/status
     1.0-2ubuntu1.2 500
        500 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages
     1.0-2ubuntu1 500
        500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages

** Affects: netplan.io (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: network-manager (Ubuntu)
     Importance: Undecided
         Status: New

** Also affects: netplan.io (Ubuntu)
   Importance: Undecided
       Status: New

** Description changed:

  This is my VPN connection. I set not to add DNS resolving (ipv6.ignore-
  auto-dns: "true") and default route for ipv6 (ipv6.never-default:
  "true")
  
  Yet after connection it still set the default route via tun0
  
  These routes I get:
  2a00:1398:300:14::/64 dev tun0 proto kernel metric 50 pref medium
  2000::/3 via 2a00:1398:300:14::1 dev tun0 proto static metric 50 pref medium
  
- 
  For instance
  $ dig en.wikipedia.org AAAA +short
  dyna.wikimedia.org.
  2a02:ec80:300:ed1a::1
  
  $ sudo ip -6 r get 2a02:ec80:300:ed1a::1
  2a02:ec80:300:ed1a::1 from :: via 2a00:1398:300:14::1 dev tun0 proto static 
src 2a00:1398:300:14::1080 metric 50 pref medium
  
- 
- Maybe I don't understand something here. But the above subnets does not cover 
en.wikipedia.org ipv6 .
- 
+ Maybe I don't understand something here. But the above subnets does not
+ cover en.wikipedia.org ipv6 .
  
  $ sudo cat /etc/netplan/90-NM-6be5abbb-c998-4f66-9752-e2d10a6c13b4.yaml
  network:
-   version: 2
-   nm-devices:
-     NM-6be5abbb-c998-4f66-9752-e2d10a6c13b4:
-       renderer: NetworkManager
-       networkmanager:
-         uuid: "6be5abbb-c998-4f66-9752-e2d10a6c13b4"
-         name: "kit"
-         passthrough:
-           connection.type: "vpn"
-           connection.timestamp: "1743602165"
-           vpn.ca: "/home/mastier/.cert/CENSORED.pem"
-           vpn.connect-timeout: "5"
-           vpn.connection-type: "password"
-           vpn.dev: "tun"
-           vpn.password-flags: "1"
-           vpn.remote: "CENSORED:1194:udp"
-           vpn.tls-version-min: "1.3"
-           vpn.username: "CENSORED"
-           vpn.verify-x509-name: "name:CENSORED"
-           vpn.service-type: "org.freedesktop.NetworkManager.openvpn"
-           ipv4.method: "auto"
-           ipv4.never-default: "true"
-           ipv6.addr-gen-mode: "default"
-           ipv6.ignore-auto-dns: "true"
-           ipv6.method: "auto"
-           ipv6.never-default: "true"
-           proxy._: ""
- 
+   version: 2
+   nm-devices:
+     NM-6be5abbb-c998-4f66-9752-e2d10a6c13b4:
+       renderer: NetworkManager
+       networkmanager:
+         uuid: "6be5abbb-c998-4f66-9752-e2d10a6c13b4"
+         name: "CENSORED"
+         passthrough:
+           connection.type: "vpn"
+           connection.timestamp: "1743602165"
+           vpn.ca: "/home/mastier/.cert/CENSORED.pem"
+           vpn.connect-timeout: "5"
+           vpn.connection-type: "password"
+           vpn.dev: "tun"
+           vpn.password-flags: "1"
+           vpn.remote: "CENSORED:1194:udp"
+           vpn.tls-version-min: "1.3"
+           vpn.username: "CENSORED"
+           vpn.verify-x509-name: "name:CENSORED"
+           vpn.service-type: "org.freedesktop.NetworkManager.openvpn"
+           ipv4.method: "auto"
+           ipv4.never-default: "true"
+           ipv6.addr-gen-mode: "default"
+           ipv6.ignore-auto-dns: "true"
+           ipv6.method: "auto"
+           ipv6.never-default: "true"
+           proxy._: ""
  
  $ apt-cache policy network-manager
  network-manager:
-   Installed: 1.46.0-1ubuntu2.2
-   Candidate: 1.46.0-1ubuntu2.2
-   Version table:
-  *** 1.46.0-1ubuntu2.2 500
-         500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
-         100 /var/lib/dpkg/status
-      1.46.0-1ubuntu2 500
-         500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
- 
+   Installed: 1.46.0-1ubuntu2.2
+   Candidate: 1.46.0-1ubuntu2.2
+   Version table:
+  *** 1.46.0-1ubuntu2.2 500
+         500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
+         100 /var/lib/dpkg/status
+      1.46.0-1ubuntu2 500
+         500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
  
  $ apt-cache policy network-manager-openvpn
  network-manager-openvpn:
-   Installed: 1.10.2-4build2
-   Candidate: 1.10.2-4build2
-   Version table:
-  *** 1.10.2-4build2 500
-         500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
-         100 /var/lib/dpkg/status
+   Installed: 1.10.2-4build2
+   Candidate: 1.10.2-4build2
+   Version table:
+  *** 1.10.2-4build2 500
+         500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
+         100 /var/lib/dpkg/status
  
  $ apt-cache policy netplan.io
  netplan.io:
-   Installed: 1.1.1-1~ubuntu24.04.1
-   Candidate: 1.1.1-1~ubuntu24.04.1
-   Version table:
-  *** 1.1.1-1~ubuntu24.04.1 500
-         500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
-         100 /var/lib/dpkg/status
-      1.0-2ubuntu1.2 500
-         500 http://security.ubuntu.com/ubuntu noble-security/main amd64 
Packages
-      1.0-2ubuntu1 500
-         500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
+   Installed: 1.1.1-1~ubuntu24.04.1
+   Candidate: 1.1.1-1~ubuntu24.04.1
+   Version table:
+  *** 1.1.1-1~ubuntu24.04.1 500
+         500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
+         100 /var/lib/dpkg/status
+      1.0-2ubuntu1.2 500
+         500 http://security.ubuntu.com/ubuntu noble-security/main amd64 
Packages
+      1.0-2ubuntu1 500
+         500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/2106017

Title:
  Network manager still adds default ipv6 route despite setting to
  ignore it

Status in netplan.io package in Ubuntu:
  New
Status in network-manager package in Ubuntu:
  New

Bug description:
  This is my VPN connection. I set not to add DNS resolving
  (ipv6.ignore-auto-dns: "true") and default route for ipv6 (ipv6.never-
  default: "true")

  Yet after connection it still set the default route via tun0

  These routes I get:
  2a00:1398:300:14::/64 dev tun0 proto kernel metric 50 pref medium
  2000::/3 via 2a00:1398:300:14::1 dev tun0 proto static metric 50 pref medium

  For instance
  $ dig en.wikipedia.org AAAA +short
  dyna.wikimedia.org.
  2a02:ec80:300:ed1a::1

  $ sudo ip -6 r get 2a02:ec80:300:ed1a::1
  2a02:ec80:300:ed1a::1 from :: via 2a00:1398:300:14::1 dev tun0 proto static 
src 2a00:1398:300:14::1080 metric 50 pref medium

  Maybe I don't understand something here. But the above subnets does
  not cover en.wikipedia.org ipv6 .

  $ sudo cat /etc/netplan/90-NM-6be5abbb-c998-4f66-9752-e2d10a6c13b4.yaml
  network:
    version: 2
    nm-devices:
      NM-6be5abbb-c998-4f66-9752-e2d10a6c13b4:
        renderer: NetworkManager
        networkmanager:
          uuid: "6be5abbb-c998-4f66-9752-e2d10a6c13b4"
          name: "CENSORED"
          passthrough:
            connection.type: "vpn"
            connection.timestamp: "1743602165"
            vpn.ca: "/home/mastier/.cert/CENSORED.pem"
            vpn.connect-timeout: "5"
            vpn.connection-type: "password"
            vpn.dev: "tun"
            vpn.password-flags: "1"
            vpn.remote: "CENSORED:1194:udp"
            vpn.tls-version-min: "1.3"
            vpn.username: "CENSORED"
            vpn.verify-x509-name: "name:CENSORED"
            vpn.service-type: "org.freedesktop.NetworkManager.openvpn"
            ipv4.method: "auto"
            ipv4.never-default: "true"
            ipv6.addr-gen-mode: "default"
            ipv6.ignore-auto-dns: "true"
            ipv6.method: "auto"
            ipv6.never-default: "true"
            proxy._: ""

  $ apt-cache policy network-manager
  network-manager:
    Installed: 1.46.0-1ubuntu2.2
    Candidate: 1.46.0-1ubuntu2.2
    Version table:
   *** 1.46.0-1ubuntu2.2 500
          500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
          100 /var/lib/dpkg/status
       1.46.0-1ubuntu2 500
          500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages

  $ apt-cache policy network-manager-openvpn
  network-manager-openvpn:
    Installed: 1.10.2-4build2
    Candidate: 1.10.2-4build2
    Version table:
   *** 1.10.2-4build2 500
          500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
          100 /var/lib/dpkg/status

  $ apt-cache policy netplan.io
  netplan.io:
    Installed: 1.1.1-1~ubuntu24.04.1
    Candidate: 1.1.1-1~ubuntu24.04.1
    Version table:
   *** 1.1.1-1~ubuntu24.04.1 500
          500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
          100 /var/lib/dpkg/status
       1.0-2ubuntu1.2 500
          500 http://security.ubuntu.com/ubuntu noble-security/main amd64 
Packages
       1.0-2ubuntu1 500
          500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/netplan.io/+bug/2106017/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to