Ask Your Question
2

Fedora 26 DNS conflict with concurrent connections

asked 2017-08-22 07:15:12 -0500

xgkphdx gravatar image

updated 2017-08-24 13:13:52 -0500

Hello,

I have to connect to a remote site via VPN(openconnect) at the office. When VPN connection is on, the local resources stop being resolved.
Basically, it looks like this.
With VPN disabled I have the following in /etc/resolv.conf:

more /etc/resolv.conf
search lan corpaddress.com
# Generated by NetworkManager
search lan corpaddress.com
nameserver _corp_dns_IP
nameserver _corp_dns_IPv6

So, when I connect to service.corpaddress.com, it works fine. Then, I turn on the VPN and here is how /etc/resolv.conf looks now:

more /etc/resolv.conf
# Generated by NetworkManager
search vpn_domainname local
nameserver _vpn_dns_IP
nameserver _vpn_dns_IP
nameserver _corp_dns_IP
# NOTE: the libc resolver may not support more than 3 nameservers.
# The nameservers listed below may not be recognized.
nameserver _corp_dns_IPv6

When I try to connect to service.corpaddress.com, it is not found:

ping service.corpaddress.com
ping: service.corpaddress.com: Name or service not known

If I do nslookup for service.corpaddress.com using corpdnsIP, the correct IP is returned. So, while corpdnsIP is still in /etc/resolv.conf, it is not being queried.

As a workaround, I have just put service.corpaddress.com in /etc/hosts for now. Is it possible somehow configure NetworkManager to fix it?

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
2

answered 2017-08-22 08:37:32 -0500

villykruse gravatar image

updated 2017-08-23 02:00:10 -0500

edit the file /etc/NetworkManager/NetworkManager.conf and find the line that says [main]. Add a new line that says dns=none, Then edit /etc/resolv.conf so it has the correct content. The NetworkManager will then not modify the resolv.conf file.

You could also try to set dns=dnsmasq instead of dns=none. Then dnsmasq will become a local dns server which may be able to forward requests to all dns servers. Your /etc/resolv.conf then specifies 127.0.0.1 as the only dns server.

You have to remember that the standard dns resolver only access the first server found in resolv.conf, and the other entries is only backup for the case when the first server is off-line.

edit flag offensive delete link more

Comments

Thank you very much! dnsmasq does exactly what I needed.

xgkphdx gravatar imagexgkphdx ( 2017-08-24 13:12:40 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2017-08-22 07:15:12 -0500

Seen: 422 times

Last updated: Aug 24 '17