Network Manager Applet

VPN - "Additional DNS servers" Settings are being Ignored

Bug #1633874 reported by Lonnie Lee Best
This bug report is a duplicate of:  Bug #1825965: Missing "Additional DNS Servers". Edit Remove
56
This bug affects 12 people
Affects Status Importance Assigned to Milestone
Network Manager Applet
New
Undecided
Unassigned
NetworkManager-OpenVPN
New
Undecided
Unassigned
network-manager-vpnc
New
Undecided
Unassigned
network-manager (Ubuntu)
Triaged
High
Unassigned

Bug Description

During configuring of a VPN, Network Manager normally allows you to specify additional DNS servers that are located on the virtual private network:

http://neartalk.com/ss/2016-10-16_001_601x625.png

However, in Ubuntu 16.10 the network manager is ignoring the additional DNS that I've specified at the dialog I've linked above.

Normally, after connecting to a VPN (where additional DNS servers are specified), the command (below) will show (in addition to your local DNS servers) the remote DNS servers (located on the VPN):

nmcli dev show | grep DNS

Unfortunately, in Ubuntu 16.10, this is not working. Consequently, I cannot resolve remote computers by their computer-name, which is very inconvenient considering that I have over 100 Remmina connections set to resolve by name. Right now, I have to manually discover the IP addresses of the remote computer-names before connecting to the computers with Remmina.

I've confirm this issue on both OpenVPN and Cisco vpnc connections. The additional DNS server are not making it here:

nmcli dev show | grep DNS

ProblemType: Bug
DistroRelease: Ubuntu 16.10
Package: network-manager 1.2.4-0ubuntu1
ProcVersionSignature: Ubuntu 4.8.0-22.24-generic 4.8.0
Uname: Linux 4.8.0-22-generic x86_64
ApportVersion: 2.20.3-0ubuntu8
Architecture: amd64
CurrentDesktop: Unity
Date: Sun Oct 16 09:31:31 2016
IfupdownConfig:
 # interfaces(5) file used by ifup(8) and ifdown(8)
 auto lo
 iface lo inet loopback
InstallationDate: Installed on 2016-10-13 (2 days ago)
InstallationMedia: Ubuntu 16.10 "Yakkety Yak" - Release amd64 (20161012.2)
NetworkManager.state:
 [main]
 NetworkingEnabled=true
 WirelessEnabled=true
 WWANEnabled=true
SourcePackage: network-manager
UpgradeStatus: No upgrade log present (probably fresh install)
nmcli-nm:
 RUNNING VERSION STATE STARTUP CONNECTIVITY NETWORKING WIFI-HW WIFI WWAN-HW WWAN
 running 1.2.4 connected started full enabled enabled enabled enabled enabled

See original description
Revision history for this message
Lonnie Lee Best (launchpad-startport) wrote :
Lonnie Lee Best (launchpad-startport)
description: updated
Lonnie Lee Best (launchpad-startport)
information type: Public → Private
Lonnie Lee Best (launchpad-startport)
information type: Private → Public
Revision history for this message
Lonnie Lee Best (launchpad-startport) wrote :

I've reproduced this bug on a completely fresh installation of Ubuntu 16.10

Steps:

1) Install these packages:
sudo apt install network-manager-openvpn-gnome network-manager-vpnc-gnome

2) Create an openVPN or cisco-vpnc VPN-Connection and input the remote dns servers of the network you are connecting to here: http://neartalk.com/ss/2016-10-16_001_601x625.png

3) Connect to the VPN

4) Try to ping a computer (on the remote network) by its name:
ping computer-name

(it won't work)

5) Try to find the Additional DNS server you've configured in the VPN:
nmcli dev show | grep DNS

(you won't find them)

In Ubuntu 16.04, you could easily ping by computer-name to computers in remote networks and nmcli would also show additional DNS servers specified in the VPN configuration. In 16.10, this is broken.

Revision history for this message
Lonnie Lee Best (launchpad-startport) wrote :

Can someone else please confirm this bug?

Revision history for this message
Lonnie Lee Best (launchpad-startport) wrote :

I just downgraded back to Ubuntu 16.04, and I'm experience the same problem.

My home directory is located on a separate partition. So, although I've reinstalled 16.04, there may be some previously existing config files in my home folder that were corrupted by 16.10.

Please advise which files I should delete to see if that's the case.

tags: added: xenial
Revision history for this message
Lonnie Lee Best (launchpad-startport) wrote :

After doing a fresh install of Ubuntu 16.04 into a fresh virtual machine without doing any upgrades both "VPN - Additional DNS Server" and "VPN- Additional Search Domains" worked.

However, these features *stopped working* after doing an upgrade like this:
sudo apt-get update ; sudo apt-get upgrade

I've attached to this post, a log of the initial install (time stamped), and if you scroll to the bottom you can see a list of upgrades (time stamped).

One of these upgrades broke both "VPN - Additional DNS Server" and "VPN- Additional Search Domains" functionality!

Most likely, one of these is the culprit:

2016-10-19 18:18:44 upgrade network-manager:amd64 1.2.0-0ubuntu0.16.04.3 1.2.2-0ubuntu0.16.04.3
2016-10-19 18:18:45 upgrade network-manager-gnome:amd64 1.2.0-0ubuntu0.16.04.3 1.2.0-0ubuntu0.16.04.4

See attachment.

Revision history for this message
Lonnie Lee Best (launchpad-startport) wrote :

Work-around:

Using Synaptic Package Manager, downgrading the network-manager package to version 1.1.93-0ubuntu4 and restarting the network-manager causes the unwanted behavior to stop.

Work around steps:

1) Install Synaptic Package Manager
sudo apt-get install synaptic

2) Search for "network-manager" (no quotes), and then select "network-manager" so that it is highlighted.

3) In the "Package" menu, select "Force Version" and choose 1.1.93-0ubuntu4 from the drop-down-menu:
http://neartalk.com/ss/2016-10-19_005_1918x1077.png

4) Click the Apply button

5) Restart the network-manger service:
sudo service network-manager restart

6) Reconnect to your vpn

After these steps I was able to ping computers on the remote VPN network by their computer-name as prescribed by the "Additional DNS Server" option in the VPN configuration dialog.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in network-manager (Ubuntu):
status: New → Confirmed
Revision history for this message
Lonnie Lee Best (launchpad-startport) wrote :

network-manager version 1.2.0-0ubuntu0.16.04.3 works in Ubuntu 16.04.1

So far, this is the latest version I can confirm is working correctly.

Since this is a stable release, the Update Manager should not upgrade to later versions than this until someone confirms that this bug is not in those versions.

Revision history for this message
Lonnie Lee Best (launchpad-startport) wrote :

Once you have a working network-manager (in regards to this bug), you can prevent that version from being upgraded (until you verify the bug is fixed) like this:

sudo apt-mark hold network-manager

To prove this is working you can run:
sudo apt-get upgrade -V

Then you'll see this:

   The following packages have been kept back:
   network-manager (1.1.93-0ubuntu4 => 1.2.2-0ubuntu0.16.04.3)

Aron Xu (happyaron)
Changed in network-manager (Ubuntu):
status: Confirmed → Triaged
Revision history for this message
Lonnie Lee Best (launchpad-startport) wrote :

Also see:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1633003

Revision history for this message
Lonnie Lee Best (launchpad-startport) wrote :

This seems related:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1629611

Revision history for this message
Lonnie Lee Best (launchpad-startport) wrote :

The scope of this bug may not be limited to just VPN. There are reports of DNS being ignored for WiFi connections also:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1629276

Revision history for this message
Lonnie Lee Best (launchpad-startport) wrote :

When configuring the IPv4 settings of a VPN connection, clicking the "Routes" button produces this menu:

http://neartalk.com/ss/2016-12-05_001_634x674.png

I always check the box for "Use this connection only for resources on its network".

However, (due to recent updates) when this box is check I cannot ping machines on the remote network by computer name.

When this box is checked, the network-manger is failing to query the two remote DNS servers for computer-names:
http://neartalk.com/ss/2016-12-05_001_634x674.png

It should query these additional DNS servers whether that box is check or not.

Can someone please fix this?

Revision history for this message
Sebastien Bacher (seb128) wrote :

Thank you for your bug report and the for the debugging details and sorry you didn't much responses so far ... Aron could you have a look and see if that's something that should be forwarded upstream or maybe a known issue?

Changed in network-manager (Ubuntu):
assignee: nobody → Aron Xu (happyaron)
Sebastien Bacher (seb128)
Changed in network-manager (Ubuntu):
importance: Undecided → High
Lonnie Lee Best (launchpad-startport)
tags: added: zesty
Revision history for this message
Lonnie Lee Best (launchpad-startport) wrote :

Can someone please address this issue?

Revision history for this message
Lonnie Lee Best (launchpad-startport) wrote :

I'm amazed that a bug of this bug's fundamental importance gets introduced during a Long Term Support release.

On top of that surprise, 6 months later, I'm still waiting on the fix.

This is fundamental stuff that should be tested before moving Ubuntu to a later version of Network-Manager in a long term release.

Network Manager 1.1.93-0ubuntu4 was stable and should have remained default in Ubuntu 16.04.2 until the issues in this bug report were tested and fixed in later versions.

Revision history for this message
Lonnie Lee Best (launchpad-startport) wrote :

Please take a look at these too:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1629611

and

https://bugs.launchpad.net/network-manager-applet/+bug/1633877

All are closely related, but each specifies diferent aspects that need to be checked-off as this is being fixed.

Revision history for this message
Sebastien Bacher (seb128) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. The issue you are reporting is an upstream one and it would be nice if somebody having it could send the bug to the developers of the software by following the instructions at https://wiki.ubuntu.com/Bugs/Upstream/GNOME. If you have done so, please tell us the number of the upstream bug (or the link), so we can add a bugwatch that will inform us about its status. Thanks in advance.

Aron Xu (happyaron)
Changed in network-manager (Ubuntu):
assignee: Aron Xu (happyaron) → nobody
Revision history for this message
Matija “hook” Šuklje (matija-suklje) wrote :

Until this gets fixed, how about at least providing 1.2.2 or 1.1.93-0ubuntu4 as a force downgrade for 17.04 users that need VPN to work properly?

Revision history for this message
Matija “hook” Šuklje (matija-suklje) wrote :

I installed 1.8.0 (latest upstream stable) from Debian Sid .deb packages on my Kubuntu 17.04 and it solved this issue for me.

It might be worth a try if a simple upgrade to 1.8.0 would fix this.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.