We have noticed this as well. Using VPN we use a special resolver to handle private IP space, and now, looking into this further it does look like the network-manager is ignoring the dns= specified in the system- connections (set via the network manager settings gui).
My settings below, noting X.X.X.x is where my DNS resolver IP address would normally be and X.com I placed in any domain search field. A quick check from the command line shows the server is reachable, and responding properly, just not receiving any requests. [ipv4] dns=X.X.X.X; dns-search= ignore-auto-dns=true method=auto [ipv6] addr-gen-mode=stable-privacy dns-search= method=auto It doesn't appear there are any overrides, and netplan shows NetworkManager should be controlling everything. nmcli confirms the DNS is set $ nmcli conn show "MyVPNConnectionName" | grep dns connection.mdns: -1 (default) ipv4.dns: X.X.X.X ipv4.dns-search: -- ipv4.dns-options: -- ipv4.dns-priority: 0 ipv4.ignore-auto-dns: yes ipv6.dns: -- ipv6.dns-search: -- ipv6.dns-options: -- ipv6.dns-priority: 0 ipv6.ignore-auto-dns: no $ cat /etc/network/interfaces # interfaces(5) file used by ifup(8) and ifdown(8) auto lo iface lo inet loopback $ netplan get network: version: 2 renderer: NetworkManager $ cat /etc/resolv.conf | grep -v "#" nameserver 127.0.0.53 options edns0 trust-ad search X.com In the nmcli, I did notice that tun0, spawned as a seperate connection has no DNS defined $ nmcli conn show "tun0" | grep -i dns connection.mdns: -1 (default) ipv4.dns: -- ipv4.dns-search: -- ipv4.dns-options: -- ipv4.dns-priority: 100 ipv4.ignore-auto-dns: no ipv6.dns: -- ipv6.dns-search: -- ipv6.dns-options: -- ipv6.dns-priority: 100 ipv6.ignore-auto-dns: no I also see the DNS for the actual wired or wireless connection in use is defined, and so must be superseding the OpenVPN defined setting. It does seem like a priority issue, whereby the VPN connection should have priority. In my case both the VPN and the default WiFi connection have priority "0" $ nmcli conn show "MyVPNConnectionName" | grep priority connection.autoconnect-priority: 0 ipv4.dns-priority: 0 ipv6.dns-priority: 0 So it seems I would need to change the relative priority to solve this problem. Lower value is higher priority. Network Manager should be setting the default connection to 100, and the VPN to 50, per some Network Manager defaults. https://access.redhat.com/documentation/en- us/red_hat_enterprise_linux/8/html/configuring_and_managing_networking/configuring- the-order-of-dns-servers_configuring-and-managing-networking This document also suggests if they are the same (mine are both 0) the one with active default route with the lowest metric should win. In my case, the tun0 would win, but it is not where the DNS is defined. It would be nice to see what changed in 20.04, but clearly my guess would be that a) Default Connection (wifi/wired) used to be dns priority 100 lost to the VPN conenction because dns priority was tied, and vpn default gateway metric was lower, or b) because vpn dns priority was lower Either way, something does not seem right with current nm defaults for connections and their dns.priorities -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1948533 Title: any dns defined in network-manager doesnt go in openvpn tunnel (leaks on gnome/mate/xubuntu only in 21.10) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1948533/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
