Bug 1010772 - OpenVPN connection via nm-applet, remote DNS domain resolves with nslookup but other system commands cannot resolve remote domain
Summary: OpenVPN connection via nm-applet, remote DNS domain resolves with nslookup bu...
Keywords:
Status: CLOSED EOL
Alias: None
Product: Fedora
Classification: Fedora
Component: NetworkManager-openvpn
Version: 19
Hardware: x86_64
OS: Linux
unspecified
high
Target Milestone: ---
Assignee: Dan Williams
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-09-23 04:18 UTC by Steve Dainard
Modified: 2015-02-17 17:18 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-02-17 17:18:56 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)
/var/log/messages (6.82 KB, text/plain)
2013-09-23 04:18 UTC, Steve Dainard
no flags Details

Description Steve Dainard 2013-09-23 04:18:04 UTC
Created attachment 801478 [details]
/var/log/messages

Description of problem:
Connecting to a OpenVPN server via nm-applet, I cannot resolve hosts on remote DNS domain. Nslookup WILL work properly, but ping or other applications cannot resolve. All remote hosts/routes are available via IP address.

Version-Release number of selected component (if applicable):
NetworkManager-openvpn-gnome-0.9.8.2-3.fc19.x86_64
NetworkManager-openvpn-0.9.8.2-3.fc19.x86_64
openvpn-2.3.2-4.fc19.x86_64


How reproducible:
Everytime. Attempted downgrading to previous version of NetworkManager with no change.

Steps to Reproduce:
1. Setup an OpenVPN connection via NM applet GUI.
2. Connect.
3. Attempt host resolution on remote domain with any app other than nslookup.

Actual results:
Applications cannot resolve hosts.

Expected results:
Applications resolve hosts, just like nslookup can.

Additional info:
** Connected to VPN ** 

[sdainard@sdainard-laptop ~]$ ping cucm
ping: unknown host cucm

[sdainard@sdainard-laptop ~]$ ping cucm.miovision.corp.
ping: unknown host cucm.miovision.corp.

[sdainard@sdainard-laptop ~]$ nslookup cucm
Server:		10.0.0.2
Address:	10.0.0.2#53

Name:	cucm.miovision.corp
Address: 10.0.6.30

[sdainard@sdainard-laptop ~]$ cat /etc/resolv.conf 
# Generated by NetworkManager
domain dainard.lan
search miovision.corp dainard.lan
nameserver 10.0.0.2
nameserver 10.0.0.5
nameserver 192.168.10.1

default via 5.5.0.1 dev tun0  proto static 
5.5.0.0/20 dev tun0  proto kernel  scope link  src 5.5.0.110 
172.168.1.0/24 dev virbr1  proto kernel  scope link  src 172.168.1.1 
192.168.10.0/24 dev wlp3s0  proto kernel  scope link  src 192.168.10.147  metric 9 
192.168.100.0/24 dev virbr0  proto kernel  scope link  src 192.168.100.1 
***.**.***.** via 192.168.10.1 dev wlp3s0  proto static

Comment 1 Steve Dainard 2013-09-28 18:05:30 UTC
A wireshark capture revealed that all dns requests were going to the local DNS server, rather than the remote DNS server.

Downgrading NetworkManager has solved this issue:

# yum downgrade NetworkManager NetworkManager-glib
Loaded plugins: langpacks, refresh-packagekit
Resolving Dependencies
--> Running transaction check
---> Package NetworkManager.x86_64 1:0.9.8.2-2.fc19 will be a downgrade
---> Package NetworkManager.x86_64 1:0.9.8.2-9.git20130709.fc19 will be erased
---> Package NetworkManager-glib.x86_64 1:0.9.8.2-2.fc19 will be a downgrade
---> Package NetworkManager-glib.x86_64 1:0.9.8.2-9.git20130709.fc19 will be erased
--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================================================================================================================================
 Package                                                   Arch                                         Version                                                 Repository                                    Size
===================================================================================================================================================================================================================
Downgrading:
 NetworkManager                                            x86_64                                       1:0.9.8.2-2.fc19                                        fedora                                       982 k
 NetworkManager-glib                                       x86_64                                       1:0.9.8.2-2.fc19                                        fedora                                       315 k

Transaction Summary
===================================================================================================================================================================================================================
Downgrade  2 Packages

Total download size: 1.3 M
Is this ok [y/d/N]: y
Downloading packages:
(1/2): NetworkManager-glib-0.9.8.2-2.fc19.x86_64.rpm                                                                                                                                        | 315 kB  00:00:01     
(2/2): NetworkManager-0.9.8.2-2.fc19.x86_64.rpm                                                                                                                                             | 982 kB  00:00:03     
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                                                              383 kB/s | 1.3 MB     00:03     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : 1:NetworkManager-glib-0.9.8.2-2.fc19.x86_64                                                                                                                                                     1/4 
  Installing : 1:NetworkManager-0.9.8.2-2.fc19.x86_64                                                                                                                                                          2/4 
  Cleanup    : 1:NetworkManager-0.9.8.2-9.git20130709.fc19.x86_64                                                                                                                                              3/4 
  Cleanup    : 1:NetworkManager-glib-0.9.8.2-9.git20130709.fc19.x86_64                                                                                                                                         4/4 
  Verifying  : 1:NetworkManager-glib-0.9.8.2-2.fc19.x86_64                                                                                                                                                     1/4 
  Verifying  : 1:NetworkManager-0.9.8.2-2.fc19.x86_64                                                                                                                                                          2/4 
  Verifying  : 1:NetworkManager-0.9.8.2-9.git20130709.fc19.x86_64                                                                                                                                              3/4 
  Verifying  : 1:NetworkManager-glib-0.9.8.2-9.git20130709.fc19.x86_64                                                                                                                                         4/4 

Removed:
  NetworkManager.x86_64 1:0.9.8.2-9.git20130709.fc19                                                    NetworkManager-glib.x86_64 1:0.9.8.2-9.git20130709.fc19                                                   

Installed:
  NetworkManager.x86_64 1:0.9.8.2-2.fc19                                                                NetworkManager-glib.x86_64 1:0.9.8.2-2.fc19                                                               

Complete!
[root@sdainard-laptop ~]# service NetworkManager restart
Redirecting to /bin/systemctl restart  NetworkManager.service
[root@sdainard-laptop ~]# ping dc1
PING dc1.miovision.corp (10.0.0.2) 56(84) bytes of data.
64 bytes from 10.0.0.2: icmp_seq=1 ttl=126 time=53.6 ms
64 bytes from 10.0.0.2: icmp_seq=2 ttl=126 time=54.6 ms
64 bytes from 10.0.0.2: icmp_seq=3 ttl=126 time=53.3 ms
64 bytes from 10.0.0.2: icmp_seq=4 ttl=126 time=56.3 ms
^C
--- dc1.miovision.corp ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 53.396/54.507/56.384/1.196 ms

Comment 2 Fedora End Of Life 2015-01-09 19:56:58 UTC
This message is a notice that Fedora 19 is now at end of life. Fedora 
has stopped maintaining and issuing updates for Fedora 19. It is 
Fedora's policy to close all bug reports from releases that are no 
longer maintained. Approximately 4 (four) weeks from now this bug will
be closed as EOL if it remains open with a Fedora 'version' of '19'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora 19 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

Comment 3 Fedora End Of Life 2015-02-17 17:18:56 UTC
Fedora 19 changed to end-of-life (EOL) status on 2015-01-06. Fedora 19 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.


Note You need to log in before you can comment on or make changes to this bug.