Ubuntu

systemd-resolved doesn't work properly for VPN connection

Asked by Artur

I'm using network-manager-openconnect-gnome (Cisco AnyConnect with certificate authentication).
When VPN connection is established local addresses cannot be resolved by systemd-resolved.
Content of /etc/resolv.conf:
   nameserver 127.0.0.53
   options edns0 trust-ad
   search 10.65.206.5

Content of /run/systemd/resolve/stub-resolv.conf:
   nameserver 127.0.0.53
   options edns0 trust-ad
   search 10.65.206.5

Content of /run/systemd/resolve/resolv.conf:
   nameserver 10.65.206.5
   search 10.65.206.5

If I change nameserver to 10.65.206.5 in /etc/resolv.conf local addresses resolv works OK!

Output of dnstracer webmail.abc.local -v:
   Tracing to webmail.abc.local[a] via 127.0.0.53, maximum of 3 retries
   127.0.0.53 (127.0.0.53) IP HEADER
   - Destination address: 127.0.0.53
   DNS HEADER (send)
   - Identifier: 0x180C
   - Flags: 0x00 (Q )
   - Opcode: 0 (Standard query)
   - Return code: 0 (No error)
   - Number questions: 1
   - Number answer RR: 0
   - Number authority RR: 0
   - Number additional RR: 0
   QUESTIONS (send)
   - Queryname: (7)webmail(3)abc(5)local
   - Type: 1 (A)
   - Class: 1 (Internet)
   DNS HEADER (recv)
   - Identifier: 0x180C
   - Flags: 0x8085 (R RA )
   - Opcode: 0 (Standard query)
   - Return code: 5 (Refused)
   - Number questions: 1
   - Number answer RR: 0
   - Number authority RR: 0
   - Number additional RR: 0
   QUESTIONS (recv)
   - Queryname: (7)webmail(3)abc(5)local
   - Type: 1 (A)
   - Class: 1 (Internet)

If I set DNS server address to 10.65.206.2 everything work OK, output of dnstracer webmail.abc.local -vs 10.65.206.2:
   Tracing to webmail.abc.local[a] via 10.65.206.2, maximum of 3 retries
   10.65.206.2 (10.65.206.2) IP HEADER
   - Destination address: 10.65.206.2
   DNS HEADER (send)
   - Identifier: 0x380B
   - Flags: 0x00 (Q )
   - Opcode: 0 (Standard query)
   - Return code: 0 (No error)
   - Number questions: 1
   - Number answer RR: 0
   - Number authority RR: 0
   - Number additional RR: 0
   QUESTIONS (send)
   - Queryname: (7)webmail(3)abc(5)local
   - Type: 1 (A)
   - Class: 1 (Internet)
   DNS HEADER (recv)
   - Identifier: 0x380B
   - Flags: 0x8480 (R AA RA )
   - Opcode: 0 (Standard query)
   - Return code: 0 (No error)
   - Number questions: 1
   - Number answer RR: 1
   - Number authority RR: 0
   - Number additional RR: 0
   QUESTIONS (recv)
   - Queryname: (7)webmail(3)abc(5)local
   - Type: 1 (A)
   - Class: 1 (Internet)
   ANSWER RR
   - Domainname: (7)webmail(3)abc(5)local
   - Type: 1 (A)
   - Class: 1 (Internet)
   - TTL: 3600 (60m)
   - Resource length: 4
   - Resource data: 10.64.12.7
   Got authoritative answer

For previous LTS it's working without problems.
Clean install of Ubuntu 20.04.4 LTS - no problem.
Clean install of Ubuntu 22.04 LTS - resolv problem.
Will be grateful for help.

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Bernard Stafford (bernard010) said (last edit ): 		#1

https://bugs.launchpad.net/ubuntu/+source/openvpn-systemd-resolved/+bug/1636395
I found this bug report for OpenVPN-systemd-resolved 'This is an old bug report'
I would suggest starting a new bug report.

Revision history for this message
Artur (bodzio7) said : 		#2

Thank You Bernard for the answer. I will report new bug.

Can you help with this problem?

Provide an answer of your own, or ask Artur for more information if necessary.

To post a message you must log in.