Rather odd behavior happens when trying to specify "." or "~." in the line "Edit Connections"->"<VPN Connection Name>"->"IPv4 Settings"->"Method=Automatic (VPN) addresses only"->"Search Domains".
**********
Here is the network config file where "." is specified under the "Search Domains" from /etc/NetworkManager/system-connections/US-East :
**********
And THIS is the output of systemd-resolved for the cond-id 'tun0':
Link 5 (tun0)
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 209.222.18.222 209.222.18.218
As you can see, the dns-search=.; is ignored entirely and "." is not passed to SetLinkDomains, the line "DNS Domain: ~." is missing.
**********
Here is the network config file where "~." is specified under the "Search Domains" from /etc/NetworkManager/system-connections/US-East :
**********
And THIS is the output of systemd-resolved for the cond-id 'tun0':
Link 9 (tun0)
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 209.222.18.222 209.222.18.218
DNS Domain: \126
**********
Something....wrong is happening when the network-manager parses the config file and sends the domains to call SetLinkDomains in nm-systemd-resolved.c. Because... '\126' is clearly not "." or "~.". In fact, it appears to be the octal value for the ASCII character "V" which...really makes no sense. The domains "." or "~." specified and correctly listed in the config file as dns-search=.; or dns-search=~.; are not being passed to SetLinkDomains in as is, which suggests a parsing error....or something in nm-systemd-resolved.c.
I think the easiest solution would be to allow "." to be parsed as a valid domain name under the dns-search label. That would effectively allow us to choose to use the routing-only domain.
Rather odd behavior happens when trying to specify "." or "~." in the line "Edit Connections"->"<VPN Connection Name>"->"IPv4 Settings" ->"Method= Automatic (VPN) addresses only"->"Search Domains".
********** ager/system- connections/ US-East :
Here is the network config file where "." is specified under the "Search Domains" from /etc/NetworkMan
[connection] 3c52-4347- 8ce9-e609bdecec 32 user:noctua: ; 1497311475
id=US-East
uuid=cf291340-
type=vpn
permissions=
secondaries=
timestamp=
[vpn] noctua/ Documents/ openvpn/ openvpn- legacy- tcp/ca. crt type=password us-east. privateinternet access. com:443 cert-tls= server type=org. freedesktop. NetworkManager. openvpn
auth=SHA1
ca=/home/
cipher=BF-CBC
comp-lzo=yes
connection-
dev=tun
dev-type=tun
password-flags=1
proto-tcp=yes
remote=
remote-
reneg-seconds=0
username=<my username here>
service-
[ipv4] 222.18. 222;209. 222.18. 218; auto-dns= true
dns=209.
dns-search=.;
ignore-
method=auto
[ipv6] mode=stable- privacy
addr-gen-
dns-search=
ip6-privacy=0
method=ignore
**********
And THIS is the output of systemd-resolved for the cond-id 'tun0':
Link 5 (tun0)
209.222. 18.218
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 209.222.18.222
As you can see, the dns-search=.; is ignored entirely and "." is not passed to SetLinkDomains, the line "DNS Domain: ~." is missing.
********** ager/system- connections/ US-East :
Here is the network config file where "~." is specified under the "Search Domains" from /etc/NetworkMan
[connection] 3c52-4347- 8ce9-e609bdecec 32 user:noctua: ; 1497314475
id=US-East
uuid=cf291340-
type=vpn
permissions=
secondaries=
timestamp=
[vpn] noctua/ Documents/ openvpn/ openvpn- legacy- tcp/ca. crt type=password us-east. privateinternet access. com:443 cert-tls= server type=org. freedesktop. NetworkManager. openvpn
auth=SHA1
ca=/home/
cipher=BF-CBC
comp-lzo=yes
connection-
dev=tun
dev-type=tun
password-flags=1
proto-tcp=yes
remote=
remote-
reneg-seconds=0
username=<my username here>
service-
[ipv4] 222.18. 222;209. 222.18. 218; auto-dns= true
dns=209.
dns-search=~.;
ignore-
method=auto
[ipv6] mode=stable- privacy
addr-gen-
dns-search=
ip6-privacy=0
method=ignore
**********
And THIS is the output of systemd-resolved for the cond-id 'tun0':
Link 9 (tun0)
209.222. 18.218
Current Scopes: DNS
LLMNR setting: yes
MulticastDNS setting: no
DNSSEC setting: no
DNSSEC supported: no
DNS Servers: 209.222.18.222
DNS Domain: \126
********** resolved. c. Because... '\126' is clearly not "." or "~.". In fact, it appears to be the octal value for the ASCII character "V" which...really makes no sense. The domains "." or "~." specified and correctly listed in the config file as dns-search=.; or dns-search=~.; are not being passed to SetLinkDomains in as is, which suggests a parsing error....or something in nm-systemd- resolved. c.
Something....wrong is happening when the network-manager parses the config file and sends the domains to call SetLinkDomains in nm-systemd-
I think the easiest solution would be to allow "." to be parsed as a valid domain name under the dns-search label. That would effectively allow us to choose to use the routing-only domain.