Re: Overriding connections (VPN) that abuse DNS (was: Wireless DHCP overwrites DNS settings)
- From: Derek Atkins <warlord MIT EDU>
- To: Dan Williams <dcbw redhat com>
- Cc: Ross Patterson <me rpatterson net>, networkmanager-list gnome org
- Subject: Re: Overriding connections (VPN) that abuse DNS (was: Wireless DHCP overwrites DNS settings)
- Date: Mon, 10 Dec 2007 11:44:51 -0500
Dan Williams <dcbw redhat com> writes:
> On Sat, 2007-12-08 at 13:36 -0800, Ross Patterson wrote:
>> This is somewhat related. I have a poorly behaved VPN connection that
>> sends NM empty DNS settings so that no DNS works when I'm connected to
>> the VPN. I can't fix the VPN, so my current workaround is to copy
>> /etc/resolv.conf before I connect to the VPN, and then write it over the
>> /etc/resolv.conf written by NM *after* connecting to the VPN. IOW, I
>> manually restore the original DNS configuration. This is annoying to
>> say the least.
>> My question is, is there a way to preseve the DNS settings on *just
>> that* VPN connection so I don't have to do this dance every time?
> Not yet; but it can be fixed internally in NetworkManager pretty easily.
> Nobody has come up with a patch yet, and I haven't had time.
> Internally, the IP4 configs are essentially a stack with between 0 and 2
> configs per device. The device's config is at #1, and the VPN config is
> at #2. Whenever the config stack changes, settings should get merged
> with the higher numbered items taking priority over the lower numbered
> ones. Right now, a config with a higher number blows away the config
> with the lower number entirely.
I have a VPN that also gives me incomplete DNS info. The way I fixed
this was by writing a wrapper around /usr/bin/nm-vpnc-service-vpnc-helper
that adjusts the vpnc environment before passing it back to NM via
dbus. In my case I needed to adjust the CISCO_DEF_DOMAIN variable.
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord MIT EDU PGP key available
] [Thread Prev