Re: vpnc plugin: order of resolv.conf entries when using Mobile Broadband vs. (W)LAN

From: Dan Williams <dcbw redhat com>
To: netztier bluewin ch
Cc: networkmanager-list gnome org
Subject: Re: vpnc plugin: order of resolv.conf entries when using Mobile Broadband vs. (W)LAN
Date: Fri, 06 Feb 2009 13:01:59 -0500

On Thu, 2009-02-05 at 21:57 +0100, Marc Luethi wrote:
> Hi all
> 
> Sorry for the delay - there was practically no time to play around with
> my laptop these days.
> 
> In the meantime, I had to upgrade to network-manager packages from
> Launchpad PPA, because the Huawei E220 UMTS device didn't work with the
> normal version shipped with Ubuntu 8.10 (see first post).
> 
> network-manager:       0.7-0ubuntu1~nm1~intrepid1
> network-manager-gnome: 0.7-0ubuntu1~nm1~intrepid1
> network-manager-vpnc:  0.7-0ubuntu1~nm1~intrepid1
> 
> I guess these names don't mean much - they're available here:
> 
> https://launchpad.net/~network-manager/+archive/ppa
> 
> And if I understand correctly, are based on 0.7 final and were release
> on Dec 28 2008.
> 
> Nonetheless, even with these versions of network-manager packages, I had
> the same issue with the sequence of the name-server entries
> in /etc/resolv.conf as described in the first post.

Based on your comments below, there's something going on with resolvconf
then.  I'll have to defer to Alexander Sack and Michael Biebl, since
they are the maintainers for that bit of code since their distros use
resolvconf.

It looks like NetworkManager is doing the right thing here when
resolvconf isn't being used; thus its providing the right information to
the resolvconf handling code.

asac/mbiebl?  thoughts on this problem?

Dan

> 
> On Tue, 2009-01-20 at 22:46 -0500, Dan Williams wrote:
> > Ok, so your home netblock is still being routed over the VPN because the
> > server is pushing down a route that explicitly directs the traffic from
> > your home network over the VPN before the routing table even gets to the
> > default route.
> 
> I wouldn't know that I had configured the VPN Box to do that (in the
> sense of "pushing a route" or an explicit split tunnel configuration). I
> rather think that this comes from the fact that the tun0 gets assigned
> an IP address from my home network block with mask /24 - so
> 172.20.125.0/24 implictely becomes what we call a "connected subnet" in
> cisco speak.
> 
> But let's stay on topic...
> 
> > Yeah, so this doesn't look correct.  Let's assume that perhaps
> > resolvconf is screwing something up since it's obviously rewriting the
> > file.  Would you mind moving the resolvconf binary
> > (usually /bin/resolvconf) out of the way so that NM can't find it?  NM
> > *should* then fall back to writing out /etc/resolv.conf directly, which
> > should allow us to isolate whether NM is indeed getting the nameserver
> > ordering wrong, or whether it's the extra indirection of resolvconf
> 
> So I renamed /sbin/resolvconf to something else and now /etc/resolv.conf
> looks somewhat different (most noticeably it now says "generated by
> NetworkManager").
> 
> Mobile Broadband up, VPN Tunnel down:
> (DNS IP addresses are different from first post, different mobile
> broadband provider).
> 
> ~$ more /etc/resolv.conf
> # Generated by NetworkManager
> nameserver 212.35.35.35
> nameserver 212.35.35.5
> 
> 
> Mobile Broadband up, VPN Tunnel up:
> 
> ~$ more /etc/resolv.conf
> # Generated by NetworkManager
> domain <my home domain>
> search <my home domain>
> nameserver 172.20.125.30
> nameserver 212.35.35.35
> nameserver 212.35.35.5
> 
> 
> Now that does look better indeed. Same goes when using the (home based)
> WLAN hotspot outside the VPN Gateway (Hotspot Subnet: 172.20.124.0/24)
> 
> Hotspot WLAN up, VPN down:
> 
> ~$ more /etc/resolv.conf
> # Generated by NetworkManager
> nameserver 172.20.124.1
> 
> 
> Hotspon WLAN up, VPN up;
> 
> ~$ more /etc/resolv.conf
> # Generated by NetworkManager
> domain <my home domain>
> search <my home domain>
> nameserver 172.20.125.30
> nameserver 172.20.124.1
> 
> 
> Does this leave us with a resolv.conf issue, then?
> Well, there seems to be somewhat of an issue:
> 
> https://bugs.launchpad.net/ubuntu/+source/network-manager-vpnc/+bug/183585
> 
> 
> regards
> 
> Marc
> 
> 
> 
> 
> 
> 
> 
> 
> _______________________________________________
> NetworkManager-list mailing list
> NetworkManager-list gnome org
> http://mail.gnome.org/mailman/listinfo/networkmanager-list

Follow-Ups:
- Re: vpnc plugin: order of resolv.conf entries when using Mobile Broadband vs. (W)LAN
  - From: Alexander Sack

References:
- Re: vpnc plugin: order of resolv.conf entries when using Mobile Broadband vs. (W)LAN
  - From: Marc Luethi

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]