After upgrading to 0.7.6 VPN pushed nameservers are ignored

[dkavlakov]

Checked on several phones, android 6 and 7. After upgrading to latest version they started to ignore nameservers, pushed by remote VPN server or set in the local VPN profile and use google servers instead.

[schwabe]

Please provide a log. I also think this might be a duplicate. See the other tickets that try to use properties net.dns1/2.

[dkavlakov]

Can't find duplicate

The related part of the log:

2018-12-20 16:02:40 MANAGEMENT: >STATE:1545314560,GET_CONFIG,,,,,, 2018-12-20 16:02:40 SENT CONTROL [darkfire]: 'PUSH_REQUEST' (status=1) 2018-12-20 16:02:40 PUSH: Received control message: 'PUSH_REPLY,topology subnet,ping 10,ping-restart 60,route-gateway 10.100.100.1,route 10.10.233.0 255.255.255.0,route 10.40.30.0 255.255.255.0,route 10.10.111.0 255.255.255.0,route 192.168.0.0 255.255.255.0,route 192.168.100.0 255.255.255.0,dhcp-option DNS 10.40.30.254,dhcp-option DOMAIN void,ifconfig 10.100.100.9 255.255.255.0,peer-id 3,cipher AES-256-GCM' 2018-12-20 16:02:40 OPTIONS IMPORT: timers and/or timeouts modified 2018-12-20 16:02:40 OPTIONS IMPORT: --ifconfig/up options modified 2018-12-20 16:02:40 OPTIONS IMPORT: route options modified 2018-12-20 16:02:40 OPTIONS IMPORT: route-related options modified 2018-12-20 16:02:40 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified 2018-12-20 16:02:40 OPTIONS IMPORT: peer-id set 2018-12-20 16:02:40 OPTIONS IMPORT: adjusting link_mtu to 1625 2018-12-20 16:02:40 OPTIONS IMPORT: data channel crypto options modified 2018-12-20 16:02:40 Data Channel: using negotiated cipher 'AES-256-GCM' 2018-12-20 16:02:40 Data Channel MTU parms [ L:1553 D:1450 EF:53 EB:406 ET:0 EL:3 ] 2018-12-20 16:02:40 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key 2018-12-20 16:02:40 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key 2018-12-20 16:02:40 GDG: SIOCGIFHWADDR(lo) failed 2018-12-20 16:02:40 ROUTE_GATEWAY 127.100.103.119/255.0.0.0 IFACE=lo 2018-12-20 16:02:40 do_ifconfig, ipv4=1, ipv6=0 2018-12-20 16:02:40 MANAGEMENT: >STATE:1545314560,ASSIGN_IP,,10.100.100.9,,,, 2018-12-20 16:02:40 MANAGEMENT: CMD 'needok 'IFCONFIG' ok' 2018-12-20 16:02:40 MANAGEMENT: >STATE:1545314560,ADD_ROUTES,,,,,, 2018-12-20 16:02:40 MANAGEMENT: CMD 'needok 'ROUTE' ok' 2018-12-20 16:02:40 MANAGEMENT: CMD 'needok 'ROUTE' ok' 2018-12-20 16:02:40 MANAGEMENT: CMD 'needok 'ROUTE' ok' 2018-12-20 16:02:40 MANAGEMENT: CMD 'needok 'ROUTE' ok' 2018-12-20 16:02:40 MANAGEMENT: CMD 'needok 'ROUTE' ok' 2018-12-20 16:02:40 MANAGEMENT: CMD 'needok 'DNSSERVER' ok' 2018-12-20 16:02:40 MANAGEMENT: CMD 'needok 'DNSSERVER' ok' 2018-12-20 16:02:40 MANAGEMENT: CMD 'needok 'DNSSERVER' ok' 2018-12-20 16:02:40 MANAGEMENT: CMD 'needok 'DNSDOMAIN' ok' 2018-12-20 16:02:41 MANAGEMENT: CMD 'needok 'PERSIST_TUN_ACTION' OPEN_BEFORE_CLOSE' 2018-12-20 16:02:41 Opening tun interface: 2018-12-20 16:02:41 Local IPv4: 10.100.100.9/24 IPv6: null MTU: 1500 2018-12-20 16:02:41 DNS Server: 10.40.30.254, 192.168.0.254, 10.40.30.254, Domain: crypt-logic.net 2018-12-20 16:02:41 Routes: 10.10.111.0/24, 10.10.233.0/24, 10.40.30.0/24, 10.100.100.0/24, 192.168.0.0/24, 192.168.100.0/24 2018-12-20 16:02:41 Routes excluded: xxxx 2018-12-20 16:02:41 VpnService routes installed: 10.10.111.0/24, 10.10.233.0/24, 10.40.30.0/24, 10.100.100.0/24, 192.168.0.0/24, 192.168.100.0/24 2018-12-20 16:02:41 Disallowed VPN apps: 2018-12-20 16:02:41 MANAGEMENT: CMD 'needok 'OPENTUN' ok' 2018-12-20 16:02:41 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this 2018-12-20 16:02:41 Initialization Sequence Completed 2018-12-20 16:02:41 MANAGEMENT: >STATE:1545314561,CONNECTED,SUCCESS,10.100.100.9,x.x.x.x,17171,, 2018-12-20 16:02:41 Debug state info: CONNECTED to WIFI "Guest", pause: userPause, shouldbeconnected: true, network: SHOULDBECONNECTED

After this tcpdump on the router and or on server shows DNS requests are sent only to 8.8.8.8

[schwabe]

The app sets everything correctly. This looks like a bug in the underlying OS. Is that a Samsung device?