web-dev-qa-db-fra.com

OpenVPN perd DNS après suspension

Sur Ubuntu 16.04, Network Manager est configuré pour utiliser automatiquement une connexion OpenVPN au démarrage du système. Cela fonctionne bien.

Cependant, lorsque la machine reprend après avoir été suspendue, bien que le VPN se reconnecte, je ne peux pas parcourir (ou cingler) les sites Web car les noms d'hôte ne peuvent pas être résolus. Pour une raison quelconque, les recherches DNS échouent.

ping: unknown Host www.google.com

Cela n'a commencé qu'il y a quelques semaines, je ne sais pas ce qui a changé.

Sortie de cat /etc/NetworkManager/NetworkManager.conf:

[main]
plugins=ifupdown,keyfile,ofono
dns=dnsmasq

[ifupdown]
managed=false

Sortie de cat /etc/resolv.conf:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.1.1

Sortie de Host -v www.Apple.com (avant de suspendre):

Trying "www.Apple.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41111
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 9, ADDITIONAL: 7

;; QUESTION SECTION:
;www.Apple.com.         IN  A

;; ANSWER SECTION:
www.Apple.com.      1287    IN  CNAME   www.Apple.com.edgekey.net.
www.Apple.com.edgekey.net. 1516 IN  CNAME   www.Apple.com.edgekey.net.globalredir.akadns.net.
www.Apple.com.edgekey.net.globalredir.akadns.net. 1516 IN CNAME e6858.dsce9.akamaiedge.net.
e6858.dsce9.akamaiedge.net. 20  IN  A   104.94.190.92

;; AUTHORITY SECTION:
dsce9.akamaiedge.net.   1516    IN  NS  n3dsce9.akamaiedge.net.
dsce9.akamaiedge.net.   1516    IN  NS  n1dsce9.akamaiedge.net.
dsce9.akamaiedge.net.   1516    IN  NS  n6dsce9.akamaiedge.net.
dsce9.akamaiedge.net.   1516    IN  NS  a0dsce9.akamaiedge.net.
dsce9.akamaiedge.net.   1516    IN  NS  n4dsce9.akamaiedge.net.
dsce9.akamaiedge.net.   1516    IN  NS  n5dsce9.akamaiedge.net.
dsce9.akamaiedge.net.   1516    IN  NS  n0dsce9.akamaiedge.net.
dsce9.akamaiedge.net.   1516    IN  NS  n7dsce9.akamaiedge.net.
dsce9.akamaiedge.net.   1516    IN  NS  n2dsce9.akamaiedge.net.

;; ADDITIONAL SECTION:
a0dsce9.akamaiedge.net. 1516    IN  AAAA    2600:1480:e800::c0
n0dsce9.akamaiedge.net. 1516    IN  A   88.221.81.194
n1dsce9.akamaiedge.net. 1516    IN  A   23.62.100.157
n2dsce9.akamaiedge.net. 1516    IN  A   95.101.2.121
n3dsce9.akamaiedge.net. 1516    IN  A   95.101.79.79
n4dsce9.akamaiedge.net. 1516    IN  A   23.62.100.159
n5dsce9.akamaiedge.net. 1516    IN  A   23.62.100.164

Received 504 bytes from 127.0.1.1#53 in 66 ms
Trying "e6858.dsce9.akamaiedge.net"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60195
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 9, ADDITIONAL: 9

;; QUESTION SECTION:
;e6858.dsce9.akamaiedge.net.    IN  AAAA

;; ANSWER SECTION:
e6858.dsce9.akamaiedge.net. 20  IN  AAAA    2a02:26f0:60:186::1aca
e6858.dsce9.akamaiedge.net. 20  IN  AAAA    2a02:26f0:60:199::1aca

;; AUTHORITY SECTION:
dsce9.akamaiedge.net.   1516    IN  NS  n0dsce9.akamaiedge.net.
dsce9.akamaiedge.net.   1516    IN  NS  n2dsce9.akamaiedge.net.
dsce9.akamaiedge.net.   1516    IN  NS  n3dsce9.akamaiedge.net.
dsce9.akamaiedge.net.   1516    IN  NS  a0dsce9.akamaiedge.net.
dsce9.akamaiedge.net.   1516    IN  NS  n4dsce9.akamaiedge.net.
dsce9.akamaiedge.net.   1516    IN  NS  n1dsce9.akamaiedge.net.
dsce9.akamaiedge.net.   1516    IN  NS  n5dsce9.akamaiedge.net.
dsce9.akamaiedge.net.   1516    IN  NS  n6dsce9.akamaiedge.net.
dsce9.akamaiedge.net.   1516    IN  NS  n7dsce9.akamaiedge.net.

;; ADDITIONAL SECTION:
a0dsce9.akamaiedge.net. 1516    IN  AAAA    2600:1480:e800::c0
n0dsce9.akamaiedge.net. 1516    IN  A   88.221.81.194
n1dsce9.akamaiedge.net. 1516    IN  A   23.62.100.157
n2dsce9.akamaiedge.net. 1516    IN  A   95.101.2.121
n3dsce9.akamaiedge.net. 1516    IN  A   95.101.79.79
n4dsce9.akamaiedge.net. 1516    IN  A   23.62.100.159
n5dsce9.akamaiedge.net. 1516    IN  A   23.62.100.164
n6dsce9.akamaiedge.net. 1516    IN  A   23.62.100.165
n7dsce9.akamaiedge.net. 1516    IN  A   23.62.100.166

Received 454 bytes from 127.0.1.1#53 in 29 ms
Trying "e6858.dsce9.akamaiedge.net"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44627
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;e6858.dsce9.akamaiedge.net.    IN  MX

;; AUTHORITY SECTION:
dsce9.akamaiedge.net.   600 IN  SOA n0dsce9.akamaiedge.net. hostmaster.akamai.com. 1489520008 1000 1000 1000 1800

Received 109 bytes from 127.0.1.1#53 in 28 ms

Sortie de Host -v www.Apple.com (après suspension):

Trying "www.Apple.com"
;; connection timed out; no servers could be reached
network-managersuspenddnsvpnopenvpn
1
freddybob

Mardi (18/04/2017), mes mises à jour système comprenaient de nouvelles versions de plusieurs packages liés au DNS (dont dnsutils et dnsmasq-base). Une fois ceux-ci installés, le problème a disparu.

0
freddybob