| 2007-03-08 19:30:07 |
Daniel J Blueman |
description |
Binary package hint: dhcp3-client
You open a VPN connection to another network (via PPTP through network manager or otherwise) - the /etc/resolv.conf file is updated with the DNS servers of the _remote_ network, however, dhcp3-client overwrites resolv.conf regularly with _local_ DNS server entries when the DHCP lease is *renewed*.
The local DNS server entries are often useless in the target network, thus halt name resolution. The /sbin/dhclient-script bash script is called with reason=RENEW, which calls the function make_resolv_conf, overwriting /etc/resolv.conf. The renew time is often as low as 5 minutes for security, and is out of control of the linux user.
One suitable fix is to not update resolv.conf when the DHCP lease is renewed [1]. I have been using this for some time and get the expected behaviour.
Version is 3.0.4-12ubuntu3 (Feisty Herd 5), however this has been an issue for some time in dapper etc. To reproduce, simply lower the DHCP lease time and connect to any remote network (requiring different DNS servers).
--- [1]
--- /sbin/dhclient-script.orig 2007-03-08 19:19:56.000000000 +0000
+++ /sbin/dhclient-script 2007-03-08 19:19:46.000000000 +0000
@@ -13,6 +13,10 @@
# The alias handling in here probably still sucks. -mdz
make_resolv_conf() {
+ # don't overwrite resolv.conf at RENEW time, since a VPN/PPTP tunnel may
+ # have updated it with remote DNS servers
+ [ "$reason" = "renew" ] && return
+
if [ -n "$new_domain_name" -o -n "$new_domain_name_servers" ]; then
# Find out whether we are going to mount / rw
exec 9>&0 </etc/fstab |
Binary package hint: dhcp3-client
You open a VPN connection to another network (via PPTP through network manager or otherwise) - the /etc/resolv.conf file is updated with the DNS servers of the _remote_ network, however, dhcp3-client overwrites resolv.conf regularly with _local_ DNS server entries when the DHCP lease is *renewed*.
The local DNS server entries are often useless in the target network, thus halt name resolution. The /sbin/dhclient-script bash script is called with reason=RENEW, which calls the function make_resolv_conf, overwriting /etc/resolv.conf. The renew time is often as low as 5 minutes for security, and is out of control of the linux user.
One suitable fix is to not update resolv.conf when the DHCP lease is renewed [1]. I have been using this for some time and get the expected behaviour.
Version is 3.0.4-12ubuntu3 (Feisty Herd 5), however this has been an issue for some time in dapper etc. To reproduce, simply lower the DHCP lease time and connect to any remote network (requiring different DNS servers).
--- [1]
--- /sbin/dhclient-script.orig 2007-03-08 19:19:56.000000000 +0000
+++ /sbin/dhclient-script 2007-03-08 19:19:46.000000000 +0000
@@ -13,6 +13,10 @@
# The alias handling in here probably still sucks. -mdz
make_resolv_conf() {
+ # don't overwrite resolv.conf at RENEW time, since a VPN/PPTP tunnel may
+ # have updated it with remote DNS servers
+ [ "$reason" = "RENEW" ] && return
+
if [ -n "$new_domain_name" -o -n "$new_domain_name_servers" ]; then
# Find out whether we are going to mount / rw
exec 9>&0 </etc/fstab |
|
