Ubuntu
network-manager package

Ubuntu 17.10 OpenVPN DNS Leaks

Bug #1755675 reported by LPNow
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
network-manager (Ubuntu)
New
Undecided
Unassigned

Bug Description

On Ubuntu 17.10 x64 I have noticed that when using the NetworkManager and OpenVPN, that DNS leaks from the Router or ISP, instead of only being tunneled from the VPN...

I have spent hours playing with this, it's beyond absurd, the amount of time and effort needed to try and resolve something that should be working out the box!

This is not LFS, or Slackware, in fact Slackware is simpler and easier to make this work in less then 5 mins!

Seriously this has been an ongoing issue for ages/years in Ubuntu, and the end-users typically for Ubuntu are inexperienced users, again, the only thing end-users should have to do is install the correct OpenVPN packages, configure OpenVPN in the NetworkManager and it works, but it doesn't!

While Canonical works on trying to resolve this, can someone PLEASE tell me a simple way in which to prevent DNS leaks while using OpenVPN through the NetworkManager?

THANKS

Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. It seems that your bug report is not filed about a specific source package though, rather it is just filed against Ubuntu in general. It is important that bug reports be filed about source packages so that people interested in the package can find the bugs about it. You can find some hints about determining what package your bug might be about at https://wiki.ubuntu.com/Bugs/FindRightPackage. You might also ask for help in the #ubuntu-bugs irc channel on Freenode.

To change the source package that this bug is filed about visit https://bugs.launchpad.net/ubuntu/+bug/1755675/+editstatus and add the package name in the text box next to the word Package.

[This is an automated message. I apologize if it reached you inappropriately; please just reply to this message indicating so.]

tags: added: bot-comment
Brian Murray (brian-murray)
affects: ubuntu → network-manager (Ubuntu)
tags: added: artful
Revision history for this message
LPNow (lpnow) wrote :

Sorry I left out a package name.

I am a Linux Geek and I've spent a huge amount of time on this, to the extent that no one should ever have to spend, and I'm not coming up with a simple solution to this.

I'd greatly appreciate it if someone can tell me a simple way to this, without having to install several things like openresolv, unbound, etc...

Thanks

Revision history for this message
LPNow (lpnow) wrote :

CRAP I finally got it!

Now some people might not like the idea of disabling systemd, but as I explain below, I'm not seeing problems on simple networks.

sudo systemctl disable systemd-resolved.service
sudo service systemd-resolved stop

Delete the symlink /etc/resolv.conf
rm /etc/resolv.conf

Install openresolv

Edit NetworkManager.conf

[main]
plugins=ifupdown,keyfile
rc-manager=resolvconf
dns=default

Restart network-manager
sudo service network-manager restart

Edit resolvconf.conf

name_server_blacklist=192.168.1.1

I have as example 192.168.1.1 to block my router, put in the nameserver that appears in resolv.conf you want to block when starting the VPN.

Now when you check resolv.conf before connecting to the VPN it will look like this as example;

# Generated by NetworkManager
nameserver 192.168.1.1

Connect now to your VPN and it will look like this as example;

# Generated by resolvconf
nameserver 12.1.12.1

ENJOY! :)

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.