dns leak
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
network-manager-openvpn (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
Using the network manager to set my OpenVPN I have a DNS leak after connecting to my secured network which also provides Internet connection.
I think solution is here: http://
However, I didn't find in the network manager windows any place to set those scripts.
ProblemType: Bug
DistroRelease: Ubuntu 17.04
Package: network-
ProcVersionSign
Uname: Linux 4.10.0-20-generic x86_64
NonfreeKernelMo
ApportVersion: 2.20.4-0ubuntu4
Architecture: amd64
CurrentDesktop: Unity:Unity7
Date: Mon May 15 10:32:38 2017
InstallationDate: Installed on 2015-04-02 (773 days ago)
InstallationMedia: Ubuntu 14.10 "Utopic Unicorn" - Release amd64 (20141022.1)
SourcePackage: network-
UpgradeStatus: Upgraded to zesty on 2017-04-18 (26 days ago)
Adrian:
My understanding is that as of Ubuntu 16.10 (and this for 17.04 as well), DNS resolution is handled by systemd-resolved and not dnsmasq as in 16.04 and previous.
In earlier versions (using dnsmasq), when using openvpn directly from the console using a client configuration file, we had to use a script (called update-resolv-conf) to properly register the dns settings when connecting. I would assume that network- manager- openvpn runs a similar script for you in the background. The problem is that as of 16.10 and systemd-resolved that script does not play well with systemd-resolved, and therefore creates a leak.
Until network- manager- openvpn is updated to handle dns registration with systemd-resolved, you might need to revert to connecting to your vpn from the console (navigate to /etc/openvpn and calling sudo openvpn --config client.conf from the console). But first you need to create a client configuration file that has essentially the same info that you provide via the gui interface.
OpenVPN provides a sample file here: /github. com/OpenVPN/ openvpn/ blob/master/ sample/ sample- config- files/client. conf
https:/
Then to stop the dns leak you need to copy the update- systemd- resolved script to your /etc/openvpn directory and add a call to the update- systemd- resolved at the end of your client file. I explain this in this post: /bugs.launchpad .net/ubuntu/ +source/ systemd/ +bug/1624317/ comments/ 42
https:/
Sorry if this is a bit technical, but hopefully you can get it to work.