[Bug 1624317] Re: systemd-resolved breaks VPN with split-horizon DNS

Dennis mail at dekies.de
Wed Oct 26 14:45:18 UTC 2016 

Same issue here after upgrade to 16.10.

Here is the log after connecting to VPN:
Switching to system DNS server 10.1.96.48.
Cache miss for daisy.ubuntu.com IN A
Transaction 29603 for <daisy.ubuntu.com IN A> scope dns on */*.
Using feature level UDP+EDNS0+DO+LARGE for transaction 29603.
Using DNS server 10.1.96.48 for transaction 29603.
Sending query packet with id 29603.
Timeout reached on transaction 29603.
Retrying transaction 29603.
Switching to system DNS server 10.1.96.49.
Cache miss for daisy.ubuntu.com IN A
Transaction 29603 for <daisy.ubuntu.com IN A> scope dns on */*.
Using feature level UDP+EDNS0+DO+LARGE for transaction 29603.
Using DNS server 10.1.96.49 for transaction 29603.
Sending query packet with id 29603.
Timeout reached on transaction 29603.
Retrying transaction 29603.
Switching to system DNS server 10.1.96.48.
Cache miss for daisy.ubuntu.com IN A
Transaction 29603 for <daisy.ubuntu.com IN A> scope dns on */*.
Using feature level UDP+EDNS0+DO+LARGE for transaction 29603.
Using DNS server 10.1.96.48 for transaction 29603.
Sending query packet with id 29603.

Later on:
Lost too many UDP packets, downgrading feature level...
Using degraded feature set (UDP+EDNS0+DO) for DNS server 10.1.96.48.
Using feature level UDP+EDNS0+DO for transaction 35344.
Sending query packet with id 35344.
Timeout reached on transaction 29603.

** Changed in: systemd (Ubuntu)
       Status: Incomplete => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1624317

Title:
  systemd-resolved breaks VPN with split-horizon DNS

Status in systemd:
  New
Status in systemd package in Ubuntu:
  Confirmed

Bug description:
  I use a VPN configured with network-manager-openconnect-gnome in which
  a split-horizon DNS setup assigns different addresses to some names
  inside the remote network than the addresses seen for those names from
  outside the remote network.  However, systemd-resolved often decides
  to ignore the VPN’s DNS servers and use the local network’s DNS
  servers to resolve names (whether in the remote domain or not),
  breaking the split-horizon DNS.

  This related bug, reported by Lennart Poettering himself, was closed with the current Fedora release at the time reaching EOL:
  https://bugzilla.redhat.com/show_bug.cgi?id=1151544

To manage notifications about this bug go to:
https://bugs.launchpad.net/systemd/+bug/1624317/+subscriptions

More information about the foundations-bugs mailing list