1753422 – DNS settings not populated for openconnect vpn

Bug 1753422 - DNS settings not populated for openconnect vpn

Summary: DNS settings not populated for openconnect vpn

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	NetworkManager-openconnect
Sub Component:
Version:	31
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	---
Assignee:	David Woodhouse
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2019-09-18 21:22 UTC by Brandon Bennett
Modified:	2019-10-04 21:56 UTC (History)
CC List:	6 users (show)
Fixed In Version:	NetworkManager-openconnect-1.2.6-2.fc31 NetworkManager-openconnect-1.2.6-2.fc30 NetworkManager-openconnect-1.2.6-2.fc29
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-09-27 01:29:03 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
trace logs from NetworkManager (130.78 KB, text/plain) 2019-09-18 21:42 UTC, Brandon Bennett	no flags	Details
View All

Description Brandon Bennett 2019-09-18 21:22:02 UTC

Description of problem:
After upgrading to Fedora 31 beta when connecting to an openconnect vpn (Cisco Anyconnect) the DNS servers are not being populated (however DNS search domains do)

Looking at the network connect trace logs the tun interface never gets dns populated.

Config for VPN shows that it is set for automatic DNS for ipv6 and ipv4.

Sep 18 15:04:18 thecheat NetworkManager[1275]: <trace> [1568840658.7685] dbus-object[3e4079c88691fb07]: export: "/org/freedesktop/NetworkManager/Settings/27"
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7686] ++ connection 'new connection' (0x7fd61c001560/NMSimpleConnection/"tun"): [/org/freedesktop/NetworkManager/Settings/27]
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7687] ++ connection                [ 0x55638e807dd0 ]
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7687] ++ connection.autoconnect    = FALSE
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7687] ++ connection.id             = 'vpn0'
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7687] ++ connection.interface-name = 'vpn0'
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7687] ++ connection.permissions    = []
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7687] ++ connection.timestamp      = 1568840658
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7687] ++ connection.type           = 'tun'
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7687] ++ connection.uuid           = 'f80ceca4-6b8e-4098-849d-b20b38ea9c42'
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7688] ++ tun                       [ 0x55638e776ee0 ]
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7688] ++ tun.owner                 = '996'
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7688] ++ ipv4                      [ 0x55638e7f9260 ]
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7688] ++ ipv4.addresses            = ((GPtrArray*) 0x55638e809a80)
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7688] ++ ipv4.dns                  = []
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7688] ++ ipv4.dns-priority         = 100
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7688] ++ ipv4.dns-search           = []
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7688] ++ ipv4.method               = 'manual'
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7689] ++ ipv4.routes               = ((GPtrArray*) 0x55638e809820)
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7689] ++ ipv4.routing-rules        = <unknown>
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7689] ++ ipv6                      [ 0x55638e778330 ]
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7689] ++ ipv6.addresses            = ((GPtrArray*) 0x55638e809ba0)
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7689] ++ ipv6.dns                  = []
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7689] ++ ipv6.dns-priority         = 100
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7689] ++ ipv6.dns-search           = []
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7689] ++ ipv6.method               = 'manual'
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7690] ++ ipv6.routes               = ((GPtrArray*) 0x55638e771aa0)
Sep 18 15:04:18 thecheat NetworkManager[1275]: <debug> [1568840658.7690] ++ ipv6.routing-rules        = <unknown>


Using openconnect command line directly (bypassing NetworkManager) works.  

Version-Release number of selected component (if applicable):



How reproducible:
Every time


Steps to Reproduce:
1. Establish connection to a openconnect VPN
2. Check /etc/resolv.conf and see updated domains but the same DNS servers as before


Actual results:

The original DNS servers are there


Expected results:

DNS servers populated from VPN connection.


Additional info:

Used to work fine in Fedora 30.  Also works fine manually with `openconnect` command line.  DNS servers are being sent in the response.

Also NetworkConnect is configured for dns = default.

Comment 1 Brandon Bennett 2019-09-18 21:30:15 UTC

Name         : NetworkManager-openconnect
Version      : 1.2.6

Comment 2 Brandon Bennett 2019-09-18 21:42:49 UTC

Created attachment 1616450 [details]
trace logs from NetworkManager

These have been sanitized to remove company details

Comment 3 David Woodhouse 2019-09-25 14:54:29 UTC

When you connect from the command line, your DNS servers include at least one IPv6 address?

Please try the build from https://koji.fedoraproject.org/koji/taskinfo?taskID=37858397

Comment 4 Fedora Update System 2019-09-25 14:55:19 UTC

FEDORA-2019-6810b56d2b has been submitted as an update to Fedora 31. https://bodhi.fedoraproject.org/updates/FEDORA-2019-6810b56d2b

Comment 5 Fedora Update System 2019-09-25 15:32:15 UTC

FEDORA-2019-5aefed27ac has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2019-5aefed27ac

Comment 6 Fedora Update System 2019-09-25 15:32:29 UTC

FEDORA-2019-71424ab2b9 has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2019-71424ab2b9

Comment 7 Fedora Update System 2019-09-26 01:29:40 UTC

NetworkManager-openconnect-1.2.6-2.fc29 has been pushed to the Fedora 29 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-71424ab2b9

Comment 8 Fedora Update System 2019-09-26 02:48:26 UTC

NetworkManager-openconnect-1.2.6-2.fc30 has been pushed to the Fedora 30 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-5aefed27ac

Comment 9 Fedora Update System 2019-09-26 02:56:01 UTC

NetworkManager-openconnect-1.2.6-2.fc31 has been pushed to the Fedora 31 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-6810b56d2b

Comment 10 Fedora Update System 2019-09-27 01:29:03 UTC

NetworkManager-openconnect-1.2.6-2.fc31 has been pushed to the Fedora 31 stable repository. If problems still persist, please make note of it in this bug report.

Comment 11 Fedora Update System 2019-09-30 01:00:21 UTC

NetworkManager-openconnect-1.2.6-2.fc30 has been pushed to the Fedora 30 stable repository. If problems still persist, please make note of it in this bug report.

Comment 12 Fedora Update System 2019-10-04 21:56:41 UTC

NetworkManager-openconnect-1.2.6-2.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.