[Bug 1926143] Re: DNS resolution faulty over openconnect

Steve Langasek 1926143 at bugs.launchpad.net
Mon Apr 26 20:31:40 UTC 2021 

So, your VPN provider is serving incorrect DNS information.  That's not
a bug in resolvconf.

Also, your bug report shows that you are using Ubuntu 20.04 LTS.
resolvconf has been deprecated in Ubuntu 20.04 LTS in favor of systemd-
resolved.

** Changed in: resolvconf (Ubuntu)
       Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to resolvconf in Ubuntu.
https://bugs.launchpad.net/bugs/1926143

Title:
  DNS resolution faulty over openconnect

Status in resolvconf package in Ubuntu:
  Invalid

Bug description:
  When connected over VPN, then some domain names are incorrectly
  resolved. In particular HTTPS/SSL is not working for many sites. Steps
  to reproduce:

  1) Connect to a vpn via openconnect

  2) Lookup an address:

  nslookup www.bing.com
  Server:		127.0.0.1
  Address:	127.0.0.1#53

  Non-authoritative answer:
  Name:	www.bing.com
  Address: 145.253.3.148
  Name:	www.bing.com
  Address: 2a01:860:0:210::1:0

  Which is wrong. Whois shows that this is actually an address of a
  backbone server used by my provider.

  Workaround:

  3) Deactivate automatic updates to resolv.conf with sudo dpkg-reconfigure resolvconf
  4) Add the line: nameserver 8.8.8.8 to /etc/resolvconf/resolv.conf.d/head
  5) run sudo resolvconf -u
  6) Verify DNS resolution:

  nslookup www.bing.com
  Server:		8.8.8.8
  Address:	8.8.8.8#53

  Non-authoritative answer:
  www.bing.com	canonical name = a-0001.a-afdentry.net.trafficmanager.net.
  a-0001.a-afdentry.net.trafficmanager.net	canonical name = www-bing-com.dual-a-0001.a-msedge.net.
  www-bing-com.dual-a-0001.a-msedge.net	canonical name = dual-a-0001.a-msedge.net.
  Name:	dual-a-0001.a-msedge.net
  Address: 204.79.197.200
  Name:	dual-a-0001.a-msedge.net
  Address: 13.107.21.200
  Name:	dual-a-0001.a-msedge.net
  Address: 2620:1ec:c11::200

  Which returns the correct ip address.

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: resolvconf 1.82
  Uname: Linux 5.8.0-050800-generic x86_64
  ApportVersion: 2.20.11-0ubuntu27.16
  Architecture: amd64
  CasperMD5CheckResult: skip
  CurrentDesktop: ubuntu:GNOME
  Date: Mon Apr 26 11:21:43 2021
  InstallationDate: Installed on 2015-11-05 (1999 days ago)
  InstallationMedia: Ubuntu 14.04.3 LTS "Trusty Tahr" - Beta amd64 (20150805)
  PackageArchitecture: all
  SourcePackage: resolvconf
  UpgradeStatus: Upgraded to focal on 2020-09-10 (228 days ago)
  modified.conffile..etc.apport.crashdb.conf: [modified]
  mtime.conffile..etc.apport.crashdb.conf: 2019-03-07T14:28:39.455024

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/resolvconf/+bug/1926143/+subscriptions

More information about the foundations-bugs mailing list