alexs77/1589005.txt

## 1589005.txt
I also seem to experience the same (or similar) issue. When I connect to my companies Cisco ASA VPN using OpenConnect (in NetworkManager), it seems that with network-manager after v1.2.2, the previously configured DNS servers aren't overwritten with what VPN sends. Instead, those VPN servers get appended to the list.

So, at first, before I connect to VPN, I only have one DNS server configured: 192.168.42.129
Next, I connect to the VPN.

To see the effective list of DNS servers, I created the file /etc/NetworkManager/dnsmasq.d/dnsmasq.conf, containing:

log-queries=extra
log-async=7

After a reboot, dnsmasq uses this settings. Now, when a USR1 signal is send to dnsmasq, it'll print information to syslog.


With v1.2.2 (network-manager_1.2.2-0ubuntu0.16.04.4_amd64.deb):
$ tail -F /var/log/syslog &
# => Connect to Cisco VPN with OpenConnect
$ sudo pkill -USR1 dnsmasq

Mar 20 15:52:40 dns-issue-test dnsmasq[992]: time 1490021560
Mar 20 15:52:40 dns-issue-test dnsmasq[992]: cache size 0, 0/0 cache insertions re-used unexpired cache entries.
Mar 20 15:52:40 dns-issue-test dnsmasq[992]: queries forwarded 14, queries answered locally 1
Mar 20 15:52:40 dns-issue-test dnsmasq[992]: queries for authoritative zones 0
Mar 20 15:52:40 dns-issue-test dnsmasq[992]: server 192.168.251.6#53: queries sent 1, retried or failed 0
Mar 20 15:52:40 dns-issue-test dnsmasq[992]: server 192.168.251.7#53: queries sent 7, retried or failed 0
Mar 20 15:52:40 dns-issue-test dnsmasq[992]: Host                                     Address                        Flags      Expires


With v1.2.4 (network-manager_1.2.4-0ubuntu0.16.04.1_amd64.deb), I get this:

$ sudo dpkg -i Downloads/network-manager_1.2.4-0ubuntu0.16.04.1_amd64.deb
$ sudo reboot

...

$ tail -F /var/log/syslog &
# => Connect to Cisco VPN with OpenConnect
$ sudo pkill -USR1 dnsmasq

Mar 20 15:56:42 dns-issue-test dnsmasq[976]: time 1490021802
Mar 20 15:56:42 dns-issue-test dnsmasq[976]: cache size 0, 0/0 cache insertions re-used unexpired cache entries.
Mar 20 15:56:42 dns-issue-test dnsmasq[976]: queries forwarded 14, queries answered locally 1
Mar 20 15:56:42 dns-issue-test dnsmasq[976]: queries for authoritative zones 0
Mar 20 15:56:42 dns-issue-test dnsmasq[976]: server 192.168.42.129#53: queries sent 5, retried or failed 0
Mar 20 15:56:42 dns-issue-test dnsmasq[976]: server 192.168.251.6#53: queries sent 0, retried or failed 0
Mar 20 15:56:42 dns-issue-test dnsmasq[976]: server 192.168.251.7#53: queries sent 0, retried or failed 0
Mar 20 15:56:42 dns-issue-test dnsmasq[976]: Host                                     Address                        Flags      Expires


So, as can be seen, the two additional DNS servers 192.168.251.6 and 192.168.251.7 just got added to the list of effective DNS servers. 192.168.42.129 is still in the list.

With v1.2.2, the old DNS server (=> 192.168.42.129) was removed.
	I also seem to experience the same (or similar) issue. When I connect to my companies Cisco ASA VPN using OpenConnect (in NetworkManager), it seems that with network-manager after v1.2.2, the previously configured DNS servers aren't overwritten with what VPN sends. Instead, those VPN servers get appended to the list.

	So, at first, before I connect to VPN, I only have one DNS server configured: 192.168.42.129
	Next, I connect to the VPN.

	To see the effective list of DNS servers, I created the file /etc/NetworkManager/dnsmasq.d/dnsmasq.conf, containing:

	log-queries=extra
	log-async=7

	After a reboot, dnsmasq uses this settings. Now, when a USR1 signal is send to dnsmasq, it'll print information to syslog.


	With v1.2.2 (network-manager_1.2.2-0ubuntu0.16.04.4_amd64.deb):
	$ tail -F /var/log/syslog &
	# => Connect to Cisco VPN with OpenConnect
	$ sudo pkill -USR1 dnsmasq

	Mar 20 15:52:40 dns-issue-test dnsmasq[992]: time 1490021560
	Mar 20 15:52:40 dns-issue-test dnsmasq[992]: cache size 0, 0/0 cache insertions re-used unexpired cache entries.
	Mar 20 15:52:40 dns-issue-test dnsmasq[992]: queries forwarded 14, queries answered locally 1
	Mar 20 15:52:40 dns-issue-test dnsmasq[992]: queries for authoritative zones 0
	Mar 20 15:52:40 dns-issue-test dnsmasq[992]: server 192.168.251.6#53: queries sent 1, retried or failed 0
	Mar 20 15:52:40 dns-issue-test dnsmasq[992]: server 192.168.251.7#53: queries sent 7, retried or failed 0
	Mar 20 15:52:40 dns-issue-test dnsmasq[992]: Host Address Flags Expires



	With v1.2.4 (network-manager_1.2.4-0ubuntu0.16.04.1_amd64.deb), I get this:

	$ sudo dpkg -i Downloads/network-manager_1.2.4-0ubuntu0.16.04.1_amd64.deb
	$ sudo reboot

	...

	$ tail -F /var/log/syslog &
	# => Connect to Cisco VPN with OpenConnect
	$ sudo pkill -USR1 dnsmasq

	Mar 20 15:56:42 dns-issue-test dnsmasq[976]: time 1490021802
	Mar 20 15:56:42 dns-issue-test dnsmasq[976]: cache size 0, 0/0 cache insertions re-used unexpired cache entries.
	Mar 20 15:56:42 dns-issue-test dnsmasq[976]: queries forwarded 14, queries answered locally 1
	Mar 20 15:56:42 dns-issue-test dnsmasq[976]: queries for authoritative zones 0
	Mar 20 15:56:42 dns-issue-test dnsmasq[976]: server 192.168.42.129#53: queries sent 5, retried or failed 0
	Mar 20 15:56:42 dns-issue-test dnsmasq[976]: server 192.168.251.6#53: queries sent 0, retried or failed 0
	Mar 20 15:56:42 dns-issue-test dnsmasq[976]: server 192.168.251.7#53: queries sent 0, retried or failed 0
	Mar 20 15:56:42 dns-issue-test dnsmasq[976]: Host Address Flags Expires


	So, as can be seen, the two additional DNS servers 192.168.251.6 and 192.168.251.7 just got added to the list of effective DNS servers. 192.168.42.129 is still in the list.

	With v1.2.2, the old DNS server (=> 192.168.42.129) was removed.