I've finally managed to test the Ubuntu 18.04 backport; apologies for the delay.
At first it seemed to work. I tried an internal domain which isn't the main $COMPANY.com and isn't in the default search domains for the VPN, and it worked after the upgrade.
Some hours later, I was unable to get a Kerberos ticket because various other DNS lookups, even within the main $COMPANY.com domain, were being done on the local network and not the VPN.
I manually set ipv4.dns-priority=-1 and ipv4.dns-search=~. but this is a full-tunnel VPN; surely I shouldn't have needed to do that part manually?
(Sebastian, apologies for the somewhat grumpy comment earlier. I am very happy to be proved wrong.)
I've finally managed to test the Ubuntu 18.04 backport; apologies for the delay.
At first it seemed to work. I tried an internal domain which isn't the main $COMPANY.com and isn't in the default search domains for the VPN, and it worked after the upgrade.
Some hours later, I was unable to get a Kerberos ticket because various other DNS lookups, even within the main $COMPANY.com domain, were being done on the local network and not the VPN.
I manually set ipv4.dns- priority= -1 and ipv4.dns-search=~. but this is a full-tunnel VPN; surely I shouldn't have needed to do that part manually?
(Sebastian, apologies for the somewhat grumpy comment earlier. I am very happy to be proved wrong.)