After update DNS work unstable

Bug #1589005 reported by TyhDyh on 2016-06-03
64
This bug affects 13 people
Affects Status Importance Assigned to Milestone
network-manager (Ubuntu)
Critical
Unassigned

Bug Description

Today I have updated network-manager from update repo and chrome have started get err_name_resolution_failed apt started get network errors.

W: Failed to fetch http://by.archive.ubuntu.com/ubuntu/pool/main/n/network-manager/network-manager_1.1.93-0ubuntu4_amd64.deb
  Temporary failure resolving 'by.archive.ubuntu.com'

I got same error when previously update network-manager from ubuntu-proposed, so I think this packet with regression moved to normal update.

workaround: download old network-manager_1.1.93-0ubuntu4_amd64.deb and install it using
sudo dpkg -i network-manager_1.1.93-0ubuntu4_amd64.deb
and lock version
echo "network-manager hold" | sudo dpkg --set-selections

"apt update" going to show network-manager as upgradable but "apt upgrage" going to ignore it

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: network-manager 1.2.0-0ubuntu0.16.04.2
ProcVersionSignature: Ubuntu 4.4.0-22.40-generic 4.4.8
Uname: Linux 4.4.0-22-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.1
Architecture: amd64
CurrentDesktop: Unity
Date: Sat Jun 4 01:39:17 2016
IfupdownConfig:
 # interfaces(5) file used by ifup(8) and ifdown(8)
 auto lo
 iface lo inet loopback
InstallationDate: Installed on 2016-05-01 (33 days ago)
InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.1)
IpRoute:
 default via 192.168.100.1 dev enp8s0 proto static metric 100
 169.254.0.0/16 dev enp8s0 scope link metric 1000
 192.168.100.0/24 dev enp8s0 proto kernel scope link src 192.168.100.9 metric 100
NetworkManager.state:
 [main]
 NetworkingEnabled=true
 WirelessEnabled=false
 WWANEnabled=true
SourcePackage: network-manager
UpgradeStatus: No upgrade log present (probably fresh install)
nmcli-con:
 NAME UUID TYPE TIMESTAMP TIMESTAMP-REAL AUTOCONNECT AUTOCONNECT-PRIORITY READONLY DBUS-PATH ACTIVE DEVICE STATE ACTIVE-PATH
 Проводное соединение 1 34318290-4c71-4b1f-9154-d0f134b91440 802-3-ethernet 1464993435 Sat 04 Jun 2016 01:37:15 MSK yes 4294966297 no /org/freedesktop/NetworkManager/Settings/2 yes enp8s0 activated /org/freedesktop/NetworkManager/ActiveConnection/0
 HUAWEI-KpW2 1 8087b7e0-51dc-43c4-8928-4d03c85a5762 802-11-wireless 1464546384 Sun 29 May 2016 21:26:24 MSK yes 0 no /org/freedesktop/NetworkManager/Settings/1 no -- -- --
nmcli-dev:
 DEVICE TYPE STATE DBUS-PATH CONNECTION CON-UUID CON-PATH
 enp8s0 ethernet connected /org/freedesktop/NetworkManager/Devices/1 Проводное соединение 1 34318290-4c71-4b1f-9154-d0f134b91440 /org/freedesktop/NetworkManager/ActiveConnection/0
 wlp9s0 wifi unavailable /org/freedesktop/NetworkManager/Devices/0 -- -- --
 lo loopback unmanaged /org/freedesktop/NetworkManager/Devices/2 -- -- --
nmcli-nm: Error: command ['nmcli', '-f', 'all', 'nm'] failed with exit code 2: Error: Object 'nm' is unknown, try 'nmcli help'.

TyhDyh (mybox-1-tut) wrote :
TyhDyh (mybox-1-tut) on 2016-06-03
description: updated
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in network-manager (Ubuntu):
status: New → Confirmed
Arno Mühren (arnomuhren) wrote :

This bug affects me also. Is it possible to include instruction on how to lock the version after the workaround has been applied?

TyhDyh (mybox-1-tut) wrote :

echo "network-manager hold" | sudo dpkg --set-selections

"apt update" going to show network-manager as upgradable but "apt upgrage" going to ignore it

description: updated
Changed in network-manager (Ubuntu):
importance: Undecided → Critical

In two other bugs, I too am suffering from the latest Network Manger update.

Additional DNS Servers are ignored when specified via VPN configured connections:
-https://bugs.launchpad.net/network-manager-applet/+bug/1633874

Additional Search Domains are ignored when specified via VPN configured connections:
-https://bugs.launchpad.net/network-manager-applet/+bug/1633877

tags: added: yakkety
Aron Xu (happyaron) wrote :

Can't reproduce with current version, is it still affecting you?

Changed in network-manager (Ubuntu):
status: Confirmed → Incomplete
Tamas Papp (tkpapp) wrote :

I still have this problem with network-manager 1.2.4-0ubuntu1.

sudo service network-manager restart

provides a temporary workaround.

TyhDyh (mybox-1-tut) wrote :

Same problem with all latest update. Only network-manager_1.1.93-0ubuntu4_amd64.deb works well

Arno Mühren (arnomuhren) wrote :

I also still have this problem with 1.2.2-0ubuntu0.16.04.3 amd64
Only version 1.1.93 works for me on 16.04.

Changed in network-manager (Ubuntu):
status: Incomplete → Confirmed

Please:

1. In the Terminal application enter "sudo apt purge dnsmasq".
2. Reboot the system.
3. If that fixes this bug, please mark it as duplicate of bug #1534501.

Thank you.

I'm noticing the same behavior. For a while I see DNS requests from the build in dnsmasq being sent to the forwarding DNS servers (either as set by DHCP or manually in the network manager config) and responses coming in just fine. After a while however I only see the request packets being sent on my ethernet interface, but no response packets being received on my network interface (as shown by wireshark).

However it does look like disabling the build-in dnsmasq in network manager fixes the problems for now.

I also seem to experience the same (or similar) issue. When I connect to my companies Cisco ASA VPN using OpenConnect (in NetworkManager), it seems that with network-manager after v1.2.2, the previously configured DNS servers aren't overwritten with what VPN sends. Instead, those VPN servers get appended to the list.

So, at first, before I connect to VPN, I only have one DNS server configured: 192.168.42.129
Next, I connect to the VPN.

To see the effective list of DNS servers, I created the file /etc/NetworkManager/dnsmasq.d/dnsmasq.conf, containing:

log-queries=extra
log-async=7

After a reboot, dnsmasq uses this settings. Now, when a USR1 signal is send to dnsmasq, it'll print information to syslog.

With v1.2.2 (network-manager_1.2.2-0ubuntu0.16.04.4_amd64.deb):
$ tail -F /var/log/syslog &
# => Connect to Cisco VPN with OpenConnect
$ sudo pkill -USR1 dnsmasq

Mar 20 15:52:40 dns-issue-test dnsmasq[992]: time 1490021560
Mar 20 15:52:40 dns-issue-test dnsmasq[992]: cache size 0, 0/0 cache insertions re-used unexpired cache entries.
Mar 20 15:52:40 dns-issue-test dnsmasq[992]: queries forwarded 14, queries answered locally 1
Mar 20 15:52:40 dns-issue-test dnsmasq[992]: queries for authoritative zones 0
Mar 20 15:52:40 dns-issue-test dnsmasq[992]: server 192.168.251.6#53: queries sent 1, retried or failed 0
Mar 20 15:52:40 dns-issue-test dnsmasq[992]: server 192.168.251.7#53: queries sent 7, retried or failed 0
Mar 20 15:52:40 dns-issue-test dnsmasq[992]: Host Address Flags Expires

With v1.2.4 (network-manager_1.2.4-0ubuntu0.16.04.1_amd64.deb), I get this:

$ sudo dpkg -i Downloads/network-manager_1.2.4-0ubuntu0.16.04.1_amd64.deb
$ sudo reboot

...

$ tail -F /var/log/syslog &
# => Connect to Cisco VPN with OpenConnect
$ sudo pkill -USR1 dnsmasq

Mar 20 15:56:42 dns-issue-test dnsmasq[976]: time 1490021802
Mar 20 15:56:42 dns-issue-test dnsmasq[976]: cache size 0, 0/0 cache insertions re-used unexpired cache entries.
Mar 20 15:56:42 dns-issue-test dnsmasq[976]: queries forwarded 14, queries answered locally 1
Mar 20 15:56:42 dns-issue-test dnsmasq[976]: queries for authoritative zones 0
Mar 20 15:56:42 dns-issue-test dnsmasq[976]: server 192.168.42.129#53: queries sent 5, retried or failed 0
Mar 20 15:56:42 dns-issue-test dnsmasq[976]: server 192.168.251.6#53: queries sent 0, retried or failed 0
Mar 20 15:56:42 dns-issue-test dnsmasq[976]: server 192.168.251.7#53: queries sent 0, retried or failed 0
Mar 20 15:56:42 dns-issue-test dnsmasq[976]: Host Address Flags Expires

So, as can be seen, the two additional DNS servers 192.168.251.6 and 192.168.251.7 just got added to the list of effective DNS servers. 192.168.42.129 is still in the list.

With v1.2.2, the old DNS server (=> 192.168.42.129) was removed.

See https://gist.github.com/alexs77/85de4198016b5a6c6b40548b9aa71867 for a better readable version.

And I also forgot to add, that I do NOT have the "normal" full blown dnsmasq package installed; only dnsmasq-base.

Rowan Wookey (rwky) wrote :

I had an issue that sounds like this, after disconnecting from an OpenVPN session my DNS would fail, killing dnsmasq and restarting network manager would resolve the problem.

To fix it I removed all network interfaces (lan/wifi/vpn etc) from network manager, rebooted, then re-added the interfaces, the problem appears to have gone away. Hopefully others find this helpful.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers