[Bug 2106017] [NEW] Network manager still adds default ipv6 route despite setting to ignore it
Bartosz Woronicz
2106017 at bugs.launchpad.net
Wed Apr 2 14:30:20 UTC 2025
Public bug reported:
This is my VPN connection. I set not to add DNS resolving (ipv6.ignore-
auto-dns: "true") and default route for ipv6 (ipv6.never-default:
"true")
Yet after connection it still set the default route via tun0
These routes I get:
2a00:1398:300:14::/64 dev tun0 proto kernel metric 50 pref medium
2000::/3 via 2a00:1398:300:14::1 dev tun0 proto static metric 50 pref medium
For instance
$ dig en.wikipedia.org AAAA +short
dyna.wikimedia.org.
2a02:ec80:300:ed1a::1
$ sudo ip -6 r get 2a02:ec80:300:ed1a::1
2a02:ec80:300:ed1a::1 from :: via 2a00:1398:300:14::1 dev tun0 proto static src 2a00:1398:300:14::1080 metric 50 pref medium
Maybe I don't understand something here. But the above subnets does not
cover en.wikipedia.org ipv6 .
$ sudo cat /etc/netplan/90-NM-6be5abbb-c998-4f66-9752-e2d10a6c13b4.yaml
network:
version: 2
nm-devices:
NM-6be5abbb-c998-4f66-9752-e2d10a6c13b4:
renderer: NetworkManager
networkmanager:
uuid: "6be5abbb-c998-4f66-9752-e2d10a6c13b4"
name: "CENSORED"
passthrough:
connection.type: "vpn"
connection.timestamp: "1743602165"
vpn.ca: "/home/mastier/.cert/CENSORED.pem"
vpn.connect-timeout: "5"
vpn.connection-type: "password"
vpn.dev: "tun"
vpn.password-flags: "1"
vpn.remote: "CENSORED:1194:udp"
vpn.tls-version-min: "1.3"
vpn.username: "CENSORED"
vpn.verify-x509-name: "name:CENSORED"
vpn.service-type: "org.freedesktop.NetworkManager.openvpn"
ipv4.method: "auto"
ipv4.never-default: "true"
ipv6.addr-gen-mode: "default"
ipv6.ignore-auto-dns: "true"
ipv6.method: "auto"
ipv6.never-default: "true"
proxy._: ""
$ apt-cache policy network-manager
network-manager:
Installed: 1.46.0-1ubuntu2.2
Candidate: 1.46.0-1ubuntu2.2
Version table:
*** 1.46.0-1ubuntu2.2 500
500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
100 /var/lib/dpkg/status
1.46.0-1ubuntu2 500
500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
$ apt-cache policy network-manager-openvpn
network-manager-openvpn:
Installed: 1.10.2-4build2
Candidate: 1.10.2-4build2
Version table:
*** 1.10.2-4build2 500
500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
100 /var/lib/dpkg/status
$ apt-cache policy netplan.io
netplan.io:
Installed: 1.1.1-1~ubuntu24.04.1
Candidate: 1.1.1-1~ubuntu24.04.1
Version table:
*** 1.1.1-1~ubuntu24.04.1 500
500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
100 /var/lib/dpkg/status
1.0-2ubuntu1.2 500
500 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages
1.0-2ubuntu1 500
500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
** Affects: netplan.io (Ubuntu)
Importance: Undecided
Status: New
** Affects: network-manager (Ubuntu)
Importance: Undecided
Status: New
** Also affects: netplan.io (Ubuntu)
Importance: Undecided
Status: New
** Description changed:
This is my VPN connection. I set not to add DNS resolving (ipv6.ignore-
auto-dns: "true") and default route for ipv6 (ipv6.never-default:
"true")
Yet after connection it still set the default route via tun0
These routes I get:
2a00:1398:300:14::/64 dev tun0 proto kernel metric 50 pref medium
2000::/3 via 2a00:1398:300:14::1 dev tun0 proto static metric 50 pref medium
-
For instance
$ dig en.wikipedia.org AAAA +short
dyna.wikimedia.org.
2a02:ec80:300:ed1a::1
$ sudo ip -6 r get 2a02:ec80:300:ed1a::1
2a02:ec80:300:ed1a::1 from :: via 2a00:1398:300:14::1 dev tun0 proto static src 2a00:1398:300:14::1080 metric 50 pref medium
-
- Maybe I don't understand something here. But the above subnets does not cover en.wikipedia.org ipv6 .
-
+ Maybe I don't understand something here. But the above subnets does not
+ cover en.wikipedia.org ipv6 .
$ sudo cat /etc/netplan/90-NM-6be5abbb-c998-4f66-9752-e2d10a6c13b4.yaml
network:
- version: 2
- nm-devices:
- NM-6be5abbb-c998-4f66-9752-e2d10a6c13b4:
- renderer: NetworkManager
- networkmanager:
- uuid: "6be5abbb-c998-4f66-9752-e2d10a6c13b4"
- name: "kit"
- passthrough:
- connection.type: "vpn"
- connection.timestamp: "1743602165"
- vpn.ca: "/home/mastier/.cert/CENSORED.pem"
- vpn.connect-timeout: "5"
- vpn.connection-type: "password"
- vpn.dev: "tun"
- vpn.password-flags: "1"
- vpn.remote: "CENSORED:1194:udp"
- vpn.tls-version-min: "1.3"
- vpn.username: "CENSORED"
- vpn.verify-x509-name: "name:CENSORED"
- vpn.service-type: "org.freedesktop.NetworkManager.openvpn"
- ipv4.method: "auto"
- ipv4.never-default: "true"
- ipv6.addr-gen-mode: "default"
- ipv6.ignore-auto-dns: "true"
- ipv6.method: "auto"
- ipv6.never-default: "true"
- proxy._: ""
-
+ version: 2
+ nm-devices:
+ NM-6be5abbb-c998-4f66-9752-e2d10a6c13b4:
+ renderer: NetworkManager
+ networkmanager:
+ uuid: "6be5abbb-c998-4f66-9752-e2d10a6c13b4"
+ name: "CENSORED"
+ passthrough:
+ connection.type: "vpn"
+ connection.timestamp: "1743602165"
+ vpn.ca: "/home/mastier/.cert/CENSORED.pem"
+ vpn.connect-timeout: "5"
+ vpn.connection-type: "password"
+ vpn.dev: "tun"
+ vpn.password-flags: "1"
+ vpn.remote: "CENSORED:1194:udp"
+ vpn.tls-version-min: "1.3"
+ vpn.username: "CENSORED"
+ vpn.verify-x509-name: "name:CENSORED"
+ vpn.service-type: "org.freedesktop.NetworkManager.openvpn"
+ ipv4.method: "auto"
+ ipv4.never-default: "true"
+ ipv6.addr-gen-mode: "default"
+ ipv6.ignore-auto-dns: "true"
+ ipv6.method: "auto"
+ ipv6.never-default: "true"
+ proxy._: ""
$ apt-cache policy network-manager
network-manager:
- Installed: 1.46.0-1ubuntu2.2
- Candidate: 1.46.0-1ubuntu2.2
- Version table:
- *** 1.46.0-1ubuntu2.2 500
- 500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
- 100 /var/lib/dpkg/status
- 1.46.0-1ubuntu2 500
- 500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
-
+ Installed: 1.46.0-1ubuntu2.2
+ Candidate: 1.46.0-1ubuntu2.2
+ Version table:
+ *** 1.46.0-1ubuntu2.2 500
+ 500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
+ 100 /var/lib/dpkg/status
+ 1.46.0-1ubuntu2 500
+ 500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
$ apt-cache policy network-manager-openvpn
network-manager-openvpn:
- Installed: 1.10.2-4build2
- Candidate: 1.10.2-4build2
- Version table:
- *** 1.10.2-4build2 500
- 500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
- 100 /var/lib/dpkg/status
+ Installed: 1.10.2-4build2
+ Candidate: 1.10.2-4build2
+ Version table:
+ *** 1.10.2-4build2 500
+ 500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
+ 100 /var/lib/dpkg/status
$ apt-cache policy netplan.io
netplan.io:
- Installed: 1.1.1-1~ubuntu24.04.1
- Candidate: 1.1.1-1~ubuntu24.04.1
- Version table:
- *** 1.1.1-1~ubuntu24.04.1 500
- 500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
- 100 /var/lib/dpkg/status
- 1.0-2ubuntu1.2 500
- 500 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages
- 1.0-2ubuntu1 500
- 500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
+ Installed: 1.1.1-1~ubuntu24.04.1
+ Candidate: 1.1.1-1~ubuntu24.04.1
+ Version table:
+ *** 1.1.1-1~ubuntu24.04.1 500
+ 500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
+ 100 /var/lib/dpkg/status
+ 1.0-2ubuntu1.2 500
+ 500 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages
+ 1.0-2ubuntu1 500
+ 500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to netplan.io in Ubuntu.
Matching subscriptions: foundations-bugs
https://bugs.launchpad.net/bugs/2106017
Title:
Network manager still adds default ipv6 route despite setting to
ignore it
Status in netplan.io package in Ubuntu:
New
Status in network-manager package in Ubuntu:
New
Bug description:
This is my VPN connection. I set not to add DNS resolving
(ipv6.ignore-auto-dns: "true") and default route for ipv6 (ipv6.never-
default: "true")
Yet after connection it still set the default route via tun0
These routes I get:
2a00:1398:300:14::/64 dev tun0 proto kernel metric 50 pref medium
2000::/3 via 2a00:1398:300:14::1 dev tun0 proto static metric 50 pref medium
For instance
$ dig en.wikipedia.org AAAA +short
dyna.wikimedia.org.
2a02:ec80:300:ed1a::1
$ sudo ip -6 r get 2a02:ec80:300:ed1a::1
2a02:ec80:300:ed1a::1 from :: via 2a00:1398:300:14::1 dev tun0 proto static src 2a00:1398:300:14::1080 metric 50 pref medium
Maybe I don't understand something here. But the above subnets does
not cover en.wikipedia.org ipv6 .
$ sudo cat /etc/netplan/90-NM-6be5abbb-c998-4f66-9752-e2d10a6c13b4.yaml
network:
version: 2
nm-devices:
NM-6be5abbb-c998-4f66-9752-e2d10a6c13b4:
renderer: NetworkManager
networkmanager:
uuid: "6be5abbb-c998-4f66-9752-e2d10a6c13b4"
name: "CENSORED"
passthrough:
connection.type: "vpn"
connection.timestamp: "1743602165"
vpn.ca: "/home/mastier/.cert/CENSORED.pem"
vpn.connect-timeout: "5"
vpn.connection-type: "password"
vpn.dev: "tun"
vpn.password-flags: "1"
vpn.remote: "CENSORED:1194:udp"
vpn.tls-version-min: "1.3"
vpn.username: "CENSORED"
vpn.verify-x509-name: "name:CENSORED"
vpn.service-type: "org.freedesktop.NetworkManager.openvpn"
ipv4.method: "auto"
ipv4.never-default: "true"
ipv6.addr-gen-mode: "default"
ipv6.ignore-auto-dns: "true"
ipv6.method: "auto"
ipv6.never-default: "true"
proxy._: ""
$ apt-cache policy network-manager
network-manager:
Installed: 1.46.0-1ubuntu2.2
Candidate: 1.46.0-1ubuntu2.2
Version table:
*** 1.46.0-1ubuntu2.2 500
500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
100 /var/lib/dpkg/status
1.46.0-1ubuntu2 500
500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
$ apt-cache policy network-manager-openvpn
network-manager-openvpn:
Installed: 1.10.2-4build2
Candidate: 1.10.2-4build2
Version table:
*** 1.10.2-4build2 500
500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
100 /var/lib/dpkg/status
$ apt-cache policy netplan.io
netplan.io:
Installed: 1.1.1-1~ubuntu24.04.1
Candidate: 1.1.1-1~ubuntu24.04.1
Version table:
*** 1.1.1-1~ubuntu24.04.1 500
500 http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
100 /var/lib/dpkg/status
1.0-2ubuntu1.2 500
500 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages
1.0-2ubuntu1 500
500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/netplan.io/+bug/2106017/+subscriptions
More information about the foundations-bugs
mailing list