network-manager refuses to forward "default" DNS queries when using OpenVPN
I'm trying to use NetworkManger with OpenVPN and whenever I connect it kills my ability to resolve any names *not* provided by the VPN connection. This is a NetworkManager policy error somehow as if it actually tried *any* nameserver it would work.
Prior to bringing up VPN:
Apr 20 16:24:24 challenger NetworkManager[
Apr 20 16:24:24 challenger NetworkManager[
Apr 20 16:24:24 challenger NetworkManager[
Apr 20 16:24:24 challenger NetworkManager[
Apr 20 16:24:24 challenger NetworkManager[
Apr 20 16:24:24 challenger NetworkManager[
Apr 20 16:24:24 challenger NetworkManager[
Apr 20 16:24:24 challenger NetworkManager[
Apr 20 16:24:24 challenger NetworkManager[
Apr 20 16:24:24 challenger NetworkManager[
Apr 20 16:24:24 challenger NetworkManager[
Apr 20 16:24:24 challenger NetworkManager[
Apr 20 16:24:24 challenger NetworkManager[
Apr 20 16:24:26 challenger NetworkManager[
Apr 20 16:24:26 challenger NetworkManager[
Apr 20 16:24:26 challenger NetworkManager[
Apr 20 16:24:26 challenger NetworkManager[
Apr 20 16:24:26 challenger NetworkManager[
Apr 20 16:24:26 challenger NetworkManager[
IP4.ADDRESS[1]: ip = 192.168.1.24/24, gw = 192.168.1.1
IP4.DNS[1]: 192.168.1.51
IP4.DNS[2]: 192.168.1.52
IP4.DOMAIN[1]: supermathie.net
IP4.WINS[1]: 192.168.1.51
IP4.WINS[2]: 192.168.1.52
IP6.ADDRESS[1]: ip = 2001:db8::6bdd/64, gw = fe80::5054:
IP6.ADDRESS[2]: ip = 2001:db8::790c/64, gw = fe80::5054:
IP6.ADDRESS[3]: ip = fe80::790c/64, gw = fe80::5054:
IP6.DNS[1]: 2001:db8::51
IP6.DNS[2]: 2001:db8::52
IP6.DOMAIN[1]: supermathie.net
○ → host www.google.ca
www.google.ca has address 74.125.226.151
www.google.ca has address 74.125.226.152
www.google.ca has address 74.125.226.159
www.google.ca has address 74.125.226.143
www.google.ca has IPv6 address 2607:f8b0:
○ → host www.netdirect.ca
www.netdirect.ca is an alias for ajax.netdirect.ca.
ajax.netdirect.ca has address 216.16.235.90
○ → host www.supermathie.net
www.supermathie.net is an alias for baron.supermath
baron.supermath
Now I bring up the VPN:
Apr 20 16:30:32 challenger NetworkManager[
Apr 20 16:30:32 challenger NetworkManager[
Apr 20 16:30:32 challenger NetworkManager[
Apr 20 16:30:32 challenger NetworkManager[
Apr 20 16:30:32 challenger NetworkManager[
Apr 20 16:30:32 challenger nm-openvpn[20742]: OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec 1 2014
Apr 20 16:30:32 challenger nm-openvpn[20742]: WARNING: No server certificate verification method has been enabled. See http://
Apr 20 16:30:32 challenger nm-openvpn[20742]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Apr 20 16:30:32 challenger nm-openvpn[20742]: UDPv4 link local: [undef]
Apr 20 16:30:32 challenger nm-openvpn[20742]: UDPv4 link remote: [AF_INET]
Apr 20 16:30:33 challenger nm-openvpn[20742]: [server] Peer Connection Initiated with [AF_INET]
Apr 20 16:30:35 challenger nm-openvpn[20742]: TUN/TAP device tun0 opened
Apr 20 16:30:35 challenger nm-openvpn[20742]: /usr/lib/
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger NetworkManager[
Apr 20 16:30:35 challenger nm-openvpn[20742]: Initialization Sequence Completed
Apr 20 16:30:37 challenger NetworkManager[
Apr 20 16:30:37 challenger NetworkManager[
Apr 20 16:30:37 challenger NetworkManager[
Apr 20 16:30:37 challenger NetworkManager[
Apr 20 16:30:37 challenger dnsmasq[8136]: setting upstream servers from DBus
Apr 20 16:30:37 challenger dnsmasq[8136]: using nameserver 192.168.0.6#53 for domain 235.16.
Apr 20 16:30:37 challenger dnsmasq[8136]: using nameserver 192.168.0.6#53 for domain 0.168.192.
Apr 20 16:30:37 challenger dnsmasq[8136]: using nameserver 192.168.0.6#53 for domain 10.in-addr.arpa
Apr 20 16:30:37 challenger dnsmasq[8136]: using nameserver 192.168.0.6#53 for domain netdirect.ca
Apr 20 16:30:37 challenger dnsmasq[8136]: using nameserver 192.168.0.5#53 for domain 235.16.
Apr 20 16:30:37 challenger dnsmasq[8136]: using nameserver 192.168.0.5#53 for domain 0.168.192.
Apr 20 16:30:37 challenger dnsmasq[8136]: using nameserver 192.168.0.5#53 for domain 10.in-addr.arpa
Apr 20 16:30:37 challenger dnsmasq[8136]: using nameserver 192.168.0.5#53 for domain netdirect.ca
Apr 20 16:30:37 challenger NetworkManager[
Apr 20 16:30:37 challenger NetworkManager[
Apr 20 16:30:37 challenger NetworkManager[
Apr 20 16:30:37 challenger NetworkManager[
Apr 20 16:30:37 challenger dbus[2651]: [system] Activating service name='org.
Apr 20 16:30:37 challenger dbus[2651]: [system] Successfully activated service 'org.freedeskto
Apr 20 16:30:37 challenger ntpd[20017]: ntpd exiting on signal 15
Apr 20 16:30:37 challenger ntpdate[20932]: Can't find host 0.ubuntu.
Apr 20 16:30:37 challenger ntpdate[20932]: Can't find host 1.ubuntu.
Apr 20 16:30:37 challenger ntpdate[20932]: Can't find host 2.ubuntu.
Apr 20 16:30:37 challenger ntpdate[20932]: Can't find host 3.ubuntu.
Apr 20 16:30:40 challenger dnsmasq[7973]: reading /etc/resolv.conf
Apr 20 16:30:40 challenger dnsmasq[7973]: using nameserver 127.0.1.1#53
Apr 20 16:30:40 challenger dnsmasq[3418]: reading /etc/resolv.conf
Apr 20 16:30:40 challenger dnsmasq[3418]: using nameserver 127.0.1.1#53
Apr 20 16:30:40 challenger dnsmasq[4818]: reading /etc/resolv.conf
Apr 20 16:30:40 challenger dnsmasq[4818]: using nameserver 127.0.1.1#53
Apr 20 16:30:40 challenger dnsmasq[4921]: reading /etc/resolv.conf
Apr 20 16:30:40 challenger dnsmasq[4921]: using nameserver 127.0.1.1#53
All of a sudden dnsmasq refuses to forward queries for ANY domain other than netdirect.ca to ANY nameserver:
○ → host www.supermathie.net
Host www.supermathie.net not found: 5(REFUSED)
○ → host www.google.ca
Host www.google.ca not found: 5(REFUSED)
○ → host www.netdirect.ca
www.netdirect.ca has address 192.168.103.52
But I can ask any nameserver and they work as expected:
○ → host www.google.ca 192.168.0.6
Using domain server:
Name: 192.168.0.6
Address: 192.168.0.6#53
Aliases:
www.google.ca has address 173.194.43.95
www.google.ca has address 173.194.43.79
www.google.ca has address 173.194.43.87
www.google.ca has address 173.194.43.88
www.google.ca has IPv6 address 2607:f8b0:
○ → host www.google.ca 2001:470:b0e2::51
Using domain server:
Name: 2001:470:b0e2::51
Address: 2001:470:
Aliases:
www.google.ca has address 74.125.226.143
www.google.ca has address 74.125.226.152
www.google.ca has address 74.125.226.159
www.google.ca has address 74.125.226.151
www.google.ca has IPv6 address 2607:f8b0:
○ → host www.google.ca 192.168.1.51
Using domain server:
Name: 192.168.1.51
Address: 192.168.1.51#53
Aliases:
www.google.ca has address 74.125.226.143
www.google.ca has address 74.125.226.152
www.google.ca has address 74.125.226.151
www.google.ca has address 74.125.226.159
www.google.ca has IPv6 address 2607:f8b0:
Question information
- Language:
- English Edit question
- Status:
- Answered
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
Can you help with this problem?
Provide an answer of your own, or ask MikeyB for more information if necessary.