search

nm-l2tp / NetworkManager-l2tp

L2TP and L2TP/IPsec support for NetworkManager
GNU General Public License v2.0
489 stars 84 forks source link

No DNS in the tunnel #164

Closed carlihland closed 3 years ago

carlihland commented 3 years ago

Hello.

I tried setting up Ubuntu 21.04 and the issue with no dns after disconnect is now fixed out of the box. But I cant seem to get any dns in the tunnel. I might have a config issue. Terminal says: Temporary failure in name resolution

Thanks.

Carl

dkosovic commented 3 years ago

These are the DNS servers I see with systemd-resolve --status after my VPN connection is established with Ubuntu 21.04:

$ systemd-resolve --status
Global
       Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub

Link 2 (ens33)
    Current Scopes: DNS
         Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 172.18.244.2
       DNS Servers: 172.18.244.2
        DNS Domain: localdomain

Link 4 (ppp0)
    Current Scopes: DNS
         Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 131.102.71.160
       DNS Servers: 131.102.71.160 131.102.71.161

The VPN connection corresponds to Link 4 (ppp0). Do you see any DNS servers for ppp0?

You might also like to try the newer network-manager-l2tp 1.8.6 from :

in case it is a routing issue.

carlihland commented 3 years ago

Thank you so much for responding, and it in such a prompt manner! :)

Here is my print from before the tunnel is up: `carl@carl-MS-7B84:~$ systemd-resolve --status Global Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported resolv.conf mode: foreign

Link 2 (enp27s0) Current Scopes: DNS Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported Current DNS Server: 195.50.194.250 DNS Servers: 195.50.194.250 195.50.194.249`

And here is after:

`carl@carl-MS-7B84:~$ systemd-resolve --status Global Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported resolv.conf mode: foreign

Link 2 (enp27s0) Current Scopes: none Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported

Link 3 (ppp0) Current Scopes: DNS Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported Current DNS Server: 10.10.57.11 DNS Servers: 10.10.57.11 10.10.57.12`

So it does get the correct DNS servers published. But still I get the Temporary failure in name resolution.

carl@carl-MS-7B84:~$ ping XXXXXX.XXXXXXXXXX.local ping: XXXXXX.XXXXXXXXXX.local: Temporary failure in name resolution carl@carl-MS-7B84:~$

This leads me to think the the problem is not directly related to nm-l2tp, but rather a subsequent failure somewhere. Hm. Kinda stuck. I might revert to LTS for the time being but maybe you want me to keep this system up for now? I'd be happy to assist if needed.

carlihland commented 3 years ago

I did the dnsmasq workaround to fix this issue. Thanks!

dkosovic commented 3 years ago

Glad to hear you solved the issue by switching to DNSMasq.

I had more info on the wiki for multicast DNS (mDNS) .local addresses when trying to resolve .local addresses instead as unicast DNS addresses on a remote VPN network :

I might need to update the info when trying not to use mDNS with systemd-resolved over a VPN connection for unicast .local addresses. I might suggest to use DNSMasq like your solution.