Re: Manual intervention required: broken /etc/nsswitch.conf and /etc/resolv.conf for F33 early adopters
On Thu, 2020-09-10 at 06:53 +0000, Mikhail Gavrilov wrote:
And after creating a fresh VPN connection via NetworkManager name
resolving not working again.
# ping git.sbis.ru
ping: git.sbis.ru: Name or service not known
$ resolvectl domain
Global:
Link 2 (enp5s0): ~.
Link 3 (wlp4s0):
Link 4 (virbr0):
Link 5 (virbr0-nic):
Link 7 (vpn0):
Hi,
there isn't much information provided here, so I can only guess what's
wrong.
1) the VPN profile does not get the default route (has `ipv4.never-
default=yes).
2) the VPN profile does not specify any search domains, and neither
does the VPN server push any search domains.
If the VPN profile would get a default route (contrary to 1), then
NetworkManager would automatically add search domain "~.". But as that
doesn't happen, the VPN is not considered for resolving any domains.
Fix your configuration to either:
- let your VPN server announce the domains that it should use.
- explicilty configure the desired search domains on the VPN. In the
simpliest case just
$ nmcli connection modify "$VPN_PROFILE" +ipv4.dns-search '~.'
"~." is a routeing-only search domain for everything.
That's what Beniamino already said at
https://bugzilla.redhat.com/show_bug.cgi?id=1863041#c33
best,
Thomas
Attachments:
- signature.asc (application/pgp-signature — 833 bytes)