On 19.04 I can see the following (correct) behavior.
With VPN (turned on via NetworkManager):
# note: no "global" DNS servers have been configured by hand through
systemd-resolved conf using "DNS=" directive
systemd-resolved --status
# ...
Link 15 (tun0)
Current Scopes: DNS
DefaultRoute setting: yes
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Current DNS Server: <vpndns1>
DNS Servers: <vpndns1>
<vpndns2>
DNS Domain: ~.
Link 2 (wlp59s0)
Current Scopes: DNS
DefaultRoute setting: yes
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Current DNS Server: <local-dhcp-dns1>
DNS Servers: <local-dhcp-dns1>
<local-dhcp-dns2>
DNS Domain: deadbeefcafe
Without VPN:
systemd-resolved --status
# ...
Link 2 (wlp59s0)
Current Scopes: DNS
DefaultRoute setting: yes
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Current DNS Server: <local-dhcp-dns1>
DNS Servers: <local-dhcp-dns1>
<local-dhcp-dns2>
DNS Domain: ~.
deadbeefcafe
"~." configuration goes to the tun0 interface once VPN is enabled and is
removed from the physical interface. In this example it means that
DHCP-advertised local DNS servers will be used for deadbeefcafe domain only and
everything else will go through the DNS servers of a VPN service.
Clarifications on how "~." affects DNS request routing:
https://github.com/systemd/systemd/blame/v240/src/resolve/resolved-dns-scope.c#L1411-L1418
* "~." really trumps everything and clearly indicates that
this interface shall receive all
* traffic it can get. */
http://manpages.ubuntu.com/manpages/disco/man5/resolved.conf.5.html#options
https://www.freedesktop.org/software/systemd/man/resolved.conf.html#Domains=
Packages:
ii network-manager 1.16.0-0ubuntu2
amd64 network management framework (daemon and userspace tools)
ii network-manager-config-connectivity-ubuntu 1.16.0-0ubuntu2
all NetworkManager configuration to enable connectivity
checking
ii network-manager-gnome 1.8.20-1ubuntu1
amd64 network management framework (GNOME frontend)
ii network-manager-openvpn 1.8.10-1
amd64 network management framework (OpenVPN plugin core)
ii network-manager-openvpn-gnome 1.8.10-1
amd64 network management framework (OpenVPN plugin GNOME GUI)
ii netplan.io 0.97-0ubuntu1~19.04.1
amd64 YAML network configuration abstraction for various backends
ii systemd 240-6ubuntu5.3
amd64 system and service manager
I have also captured DNS packets on all interfaces via Wireshark and confirmed
that DNS requests go to the correct DNS servers on 19.04.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1688018
Title:
DNS server from vpn connection is not being used after network-manager
upgrade to 1.2.6
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1688018/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
