Pushed DNS settings overwritten when connecting to another network interface
140 views
Skip to first unread message
Michael L
Apr 21, 2014, 2:57:40 PM4/21/14
to tunnelbli...@googlegroups.com
I've been consistently observing following behavior on Mavericks:
* User is connected to VPN and is using pushed DNS settings, everything works fine
* User connects an additional network (say they were on wifi, and they now connected a wired connection with DHCP in addition to wifi)
* DNS settings from DHCP on new interface will now overwrite the settings pushed via OpenVPN, even though VPN stays connected
Anyone else running into this, and are there recommended ways to avoid this?
Thanks,
Michael L
Apr 21, 2014, 3:26:50 PM4/21/14
to tunnelbli...@googlegroups.com
A bit more info:
* This seems to also happen if you disconnect a network interface.
* When "monitor network changes" is set and the value is set to "revert" - it detects the change according to logs, and does the change, but it never takes effect (i.e. local DHCP values stay)
* When it is set to restart network connection on change, it does - but even then it never fixes the DNS entries.
* If you disconnect and reconnect manually, it works fine.
I am guessing there is an issue with the way DNS settings restore (vs set in the first place) is done.
-M
* This seems to also happen if you disconnect a network interface.
* When "monitor network changes" is set and the value is set to "revert" - it detects the change according to logs, and does the change, but it never takes effect (i.e. local DHCP values stay)
* When it is set to restart network connection on change, it does - but even then it never fixes the DNS entries.
* If you disconnect and reconnect manually, it works fine.
I am guessing there is an issue with the way DNS settings restore (vs set in the first place) is done.
-M
jkbull...gmail.com
Apr 21, 2014, 7:18:35 PM4/21/14
to tunnelbli...@googlegroups.com
Thanks for reporting this. I am having trouble reproducing the problem.
Could you please do the following, after typing the following command into Terminal (to enable some extra logging):
defaults write net.tunnelblick.tunnelblick "DB-UP" -bool yes
1. Open the "VPN Details…" window
2. Click on the "Log" tab
3. With only Ethernet connected to the Internet and WiFi off, connect to the VPN
2. Connect to a WiFi network (causing an attempt to restore or restart the connection that fails)
3. Disconnect from the VPN
4. Send the "Diagnostic Info"
Thanks again.
Michael L
Apr 23, 2014, 5:35:57 PM4/23/14
to tunnelbli...@googlegroups.com
Hmm, results are interesting.
If connecting/disconnecting wifi - nothing changes and all I see in logs is
*Tunnelblick process-network-changes: A system configuration change was ignored
If connecting/disconnecting ethernet with wifi on - I am getting described behavior
In the logs a bunch of things like:
Tunnelblick[503] Preference 'VPN-changeDNSServersAction' is not 'ignore', 'restore', or 'restart'; it will be ignored
Tunnelblick[503] Preference 'VPN-changeDomainAction' is not 'ignore', 'restore', or 'restart'; it will be ignored
Tunnelblick[503] Preference 'VPN-changeSearchDomainAction' is not 'ignore', 'restore', or 'restart'; it will be ignored
Tunnelblick[503] Preference 'VPN-changeWINSServersAction' is not 'ignore', 'restore', or 'restart'; it will be ignored
Tunnelblick[503] Preference 'VPN-changeNetBIOSNameAction' is not 'ignore', 'restore', or 'restart'; it will be ignored
Tunnelblick[503] Preference 'VPN-changeWorkgroupAction' is not 'ignore', 'restore', or 'restart'; it will be ignored
and sure enough, checking perferences, I get
"VPN-changeDNSServersAction" = "";
"VPN-changeDomainAction" = "";
"VPN-changeNetBIOSNameAction" = "";
"VPN-changeSearchDomainAction" = "";
"VPN-changeWINSServersAction" = "";
"VPN-changeWorkgroupAction" = "";
in UI I see "when changes to pre-VPN" to be set to Restore across the board and "when changes to anything else is set to "restart connection" across the board
So I set everything to "ignore" and got:
"VPN-changeDNSServersAction" = ignore;
"VPN-changeDomainAction" = ignore;
"VPN-changeNetBIOSNameAction" = ignore;
"VPN-changeOtherDNSServersAction" = ignore;
"VPN-changeOtherDomainAction" = ignore;
"VPN-changeOtherNetBIOSNameAction" = ignore;
"VPN-changeOtherSearchDomainAction" = ignore;
"VPN-changeOtherWINSServersAction" = ignore;
"VPN-changeOtherWorkgroupAction" = ignore;
"VPN-changeSearchDomainAction" = ignore;
"VPN-changeWINSServersAction" = ignore;
"VPN-changeWorkgroupAction" = ignore;
(note that now ALL settings are present when before it was just the "pre-vpn" ones)
Setting all to restart connection results in:
"VPN-changeDNSServersAction" = restart;
"VPN-changeDomainAction" = restart;
"VPN-changeNetBIOSNameAction" = restart;
"VPN-changeOtherDNSServersAction" = "";
"VPN-changeOtherDomainAction" = "";
"VPN-changeOtherNetBIOSNameAction" = "";
"VPN-changeOtherSearchDomainAction" = "";
"VPN-changeOtherWINSServersAction" = "";
"VPN-changeOtherWorkgroupAction" = "";
"VPN-changeSearchDomainAction" = restart;
"VPN-changeWINSServersAction" = restart;
"VPN-changeWorkgroupAction" = restart;
A pattern is emerging - it seems like when things are set to the default value, instead of setting the value or deleting the value, it is setting it to "", and when it is reading, it cannot deal with ""
Well, I deleted all the entries and retried, and the results are exactly the same minus the above mentioned errors on not parsing ""'s
I will send you the logs directly.
-M
If connecting/disconnecting wifi - nothing changes and all I see in logs is
*Tunnelblick process-network-changes: A system configuration change was ignored
If connecting/disconnecting ethernet with wifi on - I am getting described behavior
In the logs a bunch of things like:
Tunnelblick[503] Preference 'VPN-changeDNSServersAction' is not 'ignore', 'restore', or 'restart'; it will be ignored
Tunnelblick[503] Preference 'VPN-changeDomainAction' is not 'ignore', 'restore', or 'restart'; it will be ignored
Tunnelblick[503] Preference 'VPN-changeSearchDomainAction' is not 'ignore', 'restore', or 'restart'; it will be ignored
Tunnelblick[503] Preference 'VPN-changeWINSServersAction' is not 'ignore', 'restore', or 'restart'; it will be ignored
Tunnelblick[503] Preference 'VPN-changeNetBIOSNameAction' is not 'ignore', 'restore', or 'restart'; it will be ignored
Tunnelblick[503] Preference 'VPN-changeWorkgroupAction' is not 'ignore', 'restore', or 'restart'; it will be ignored
and sure enough, checking perferences, I get
"VPN-changeDNSServersAction" = "";
"VPN-changeDomainAction" = "";
"VPN-changeNetBIOSNameAction" = "";
"VPN-changeSearchDomainAction" = "";
"VPN-changeWINSServersAction" = "";
"VPN-changeWorkgroupAction" = "";
in UI I see "when changes to pre-VPN" to be set to Restore across the board and "when changes to anything else is set to "restart connection" across the board
So I set everything to "ignore" and got:
"VPN-changeDNSServersAction" = ignore;
"VPN-changeDomainAction" = ignore;
"VPN-changeNetBIOSNameAction" = ignore;
"VPN-changeOtherDNSServersAction" = ignore;
"VPN-changeOtherDomainAction" = ignore;
"VPN-changeOtherNetBIOSNameAction" = ignore;
"VPN-changeOtherSearchDomainAction" = ignore;
"VPN-changeOtherWINSServersAction" = ignore;
"VPN-changeOtherWorkgroupAction" = ignore;
"VPN-changeSearchDomainAction" = ignore;
"VPN-changeWINSServersAction" = ignore;
"VPN-changeWorkgroupAction" = ignore;
(note that now ALL settings are present when before it was just the "pre-vpn" ones)
Setting all to restart connection results in:
"VPN-changeDNSServersAction" = restart;
"VPN-changeDomainAction" = restart;
"VPN-changeNetBIOSNameAction" = restart;
"VPN-changeOtherDNSServersAction" = "";
"VPN-changeOtherDomainAction" = "";
"VPN-changeOtherNetBIOSNameAction" = "";
"VPN-changeOtherSearchDomainAction" = "";
"VPN-changeOtherWINSServersAction" = "";
"VPN-changeOtherWorkgroupAction" = "";
"VPN-changeSearchDomainAction" = restart;
"VPN-changeWINSServersAction" = restart;
"VPN-changeWorkgroupAction" = restart;
A pattern is emerging - it seems like when things are set to the default value, instead of setting the value or deleting the value, it is setting it to "", and when it is reading, it cannot deal with ""
Well, I deleted all the entries and retried, and the results are exactly the same minus the above mentioned errors on not parsing ""'s
I will send you the logs directly.
-M
jkbull...gmail.com
Apr 23, 2014, 6:21:56 PM4/23/14
to tunnelbli...@googlegroups.com, mic...@legrig.com
AHA! Thank you. I see the problem with reading the "". A bug was introduced in a recent commit. I will have a fix available soon (tonight or tomorrow).
Reply all
Reply to author
Forward
0 new messages