Incorrect default routing after vpnc completes
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
NetworkManager |
Fix Released
|
Medium
|
|||
network-manager (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
We're using vpnc with a password + one time token at work so I run it from the command line. I've been using it for years, this laptop is probably 2 years old, upgrading ubuntu every half year and I've never had this issue before I upgraded to 15.10.
I've put set +x in the vpnc-script, and I'm also tailing syslog in the same window. Got this trace after being accepted, towards the end:
+ set_default_route
+ /sbin/ip route
+ fix_ip_get_output
+ + grepsed -e ^default
s/ /\n/g
Nov 5 11:16:54 niclan-lap NetworkManager[
Nov 5 11:16:54 niclan-lap NetworkManager[
+ sed -ne 1p;/via/
HERE the correct default routing is installed:
+ /sbin/ip route replace default dev tun0
+ /sbin/ip route flush cache
And at this point network manager pounces (this is the very next line of the console (from tail -f syslog):
Nov 5 11:16:54 niclan-lap NetworkManager[
+ [ -n ]
+ [ -n -o -n ]
+ [ -n 194.19.44.43 195.204.29.42 ]
+ modify_
+ NEW_RESOLVCONF=
+ NEW_RESOLVCONF=
nameserver 194.19.44.43
+ NEW_RESOLVCONF=
nameserver 194.19.44.43
nameserver 195.204.29.42
+ [ -n ]
Nov 5 11:16:54 niclan-lap NetworkManager[
+ echo
nameserver 194.19.44.43
nameserver 195.204.29.42
+ /sbin/resolvconf -a tun0
Major networkmanager action:
Nov 5 11:16:54 niclan-lap NetworkManager[
Nov 5 11:16:54 niclan-lap NetworkManager[
Nov 5 11:16:55 niclan-lap NetworkManager[
Nov 5 11:16:55 niclan-lap NetworkManager[
Nov 5 11:16:55 niclan-lap NetworkManager[
Nov 5 11:16:55 niclan-lap dbus[743]: [system] Activating via systemd: service name='org.
Nov 5 11:16:55 niclan-lap systemd[1]: Starting Network Manager Script Dispatcher Service...
Nov 5 11:16:55 niclan-lap dbus[743]: [system] Successfully activated service 'org.freedeskto
Nov 5 11:16:55 niclan-lap systemd[1]: Started Network Manager Script Dispatcher Service.
Nov 5 11:16:55 niclan-lap nm-dispatcher: Dispatching action 'up' for tun0
Nov 5 11:16:55 niclan-lap systemd[1]: Reloading OpenBSD Secure Shell server.
Nov 5 11:16:55 niclan-lap systemd[1]: Reloaded OpenBSD Secure Shell server.
+ run_hooks post-connect
+ HOOK=post-connect
+ [ -d /etc/vpnc/
+ exit 0
VPNC started in background (pid: 8778)...
root@niclan-
At this point I cannot reach resources through the VPN.
root@niclan-
default via 10.99.64.1 dev wlan0 proto static metric 600
10.21.50.0/24 dev tun0 scope link
10.99.64.0/23 dev wlan0 proto kernel scope link src 10.99.64.195 metric 600
169.254.0.0/16 dev wlan0 scope link metric 1000
193.69.44.30 via 10.99.64.1 dev wlan0 src 10.99.64.195
194.19.44.87 via 10.99.64.1 dev wlan0 proto dhcp metric 600
Nov 5 11:18:51 niclan-lap wpa_supplicant[
As we see the default routing is through the wlan0 instead of tun0. So the default routing set in the vpnc-script is already removed. I can only speculate to _what_ removed it, but network-manager seems to have been active at the time.
So I add the routing again:
root@niclan-
root@niclan-
root@niclan-
default dev tun0 scope link
default via 10.99.64.1 dev wlan0 proto static metric 600
10.21.50.0/24 dev tun0 scope link
10.99.64.0/23 dev wlan0 proto kernel scope link src 10.99.64.195 metric 600
169.254.0.0/16 dev wlan0 scope link metric 1000
193.69.44.30 via 10.99.64.1 dev wlan0 src 10.99.64.195
194.19.44.87 via 10.99.64.1 dev wlan0 proto dhcp metric 600
The routing table is now correct I would say, at least I reach the resources inside the vpn without issue.
ProblemType: Bug
DistroRelease: Ubuntu 15.10
Package: vpnc 0.5.3r550-2
ProcVersionSign
Uname: Linux 4.2.0-16-generic x86_64
ApportVersion: 2.19.1-0ubuntu4
Architecture: amd64
CurrentDesktop: KDE
Date: Thu Nov 5 11:58:20 2015
InstallationDate: Installed on 2013-11-07 (727 days ago)
InstallationMedia: Kubuntu 13.04 "Raring Ringtail" - Release amd64 (20130424)
SourcePackage: vpnc
UpgradeStatus: Upgraded to wily on 2015-10-26 (9 days ago)
modified.
Changed in network-manager-vpnc (Ubuntu): | |
importance: | Undecided → Medium |
affects: | network-manager-vpnc (Ubuntu) → network-manager (Ubuntu) |
Changed in network-manager: | |
importance: | Unknown → Medium |
status: | Unknown → Fix Released |
There are several components at play here, apart from the vpnc package there's vpnc-scripts as well as network- manager- vpnc{-gnome} . None of these changed between 15.04 and 15.10. What did change is network-manager itself (from 0.9.10. 0-4ubuntu15. 1 to 1.0.4-0ubuntu5) and I suspect the network- manager- vpnc package lacks adaptation to handle your case properl. Hence I'm reassigning this bug.