Difficulties to resolv names in the vpn

RESOLVED FIXED

Status

Infrastructure & Operations
Servicedesk
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: calixte, Assigned: guiom)

Tracking

Details

(Reporter)

Description

2 years ago
I'm able to ping for example ship-it.mozilla.org during few seconds (minutes sometimes) and after that no way to ping the name anymore but it works with the ip.
Sounds like Linux/NetworkManager at first guess. Over to Servicedesk for technical support.
Assignee: infra → desktop-support
Component: Infrastructure: OpenVPN → Servicedesk
QA Contact: moconnor

Updated

2 years ago
Assignee: desktop-support → gcanavaggio
(Assignee)

Comment 2

2 years ago
The address resolves fine to @IP 10.8.81.228
I get no response from host after 10.22.248.1.vpn.scl3.mozilla.com
MOC might be able to help.

|------------------------------------------------------------------------------------------|
|                                      WinMTR statistics                                   |
|                       Host              -   %  | Sent | Recv | Best | Avrg | Wrst | Last |
|------------------------------------------------|------|------|------|------|------|------|
|                             10.22.248.1 -    0 |    1 |    1 |  154 |  154 |  154 |  154 |
|                   No response from host -  100 |    1 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -  100 |    1 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -  100 |    1 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -  100 |    1 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -  100 |    1 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -  100 |    1 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -  100 |    1 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -  100 |    1 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -    0 |    0 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -  100 |    1 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -  100 |    1 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -  100 |    1 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -    0 |    0 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -    0 |    0 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -    0 |    0 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -    0 |    0 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -    0 |    0 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -    0 |    0 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -    0 |    0 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -    0 |    0 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -    0 |    0 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -    0 |    0 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -    0 |    0 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -    0 |    0 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -    0 |    0 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -    0 |    0 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -    0 |    0 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -    0 |    0 |    0 |    0 |    0 |    0 |    0 |
|                   No response from host -    0 |    0 |    0 |    0 |    0 |    0 |    0 |
|________________________________________________|______|______|______|______|______|______|
Component: Servicedesk → MOC: Incidents
QA Contact: moconnor → lypulong
(Assignee)

Updated

2 years ago
Assignee: gcanavaggio → desktop-support
Component: MOC: Incidents → Servicedesk
QA Contact: lypulong → moconnor
(Assignee)

Updated

2 years ago
Assignee: desktop-support → nobody
Component: Servicedesk → MOC: Incidents
QA Contact: moconnor → lypulong
:guiom that sounds like you don't have the VPN bits to have access to this particular service. The symptoms being described by the user are different (things resolve then stops resolving) and is likely a user/laptop issue as :atoll says.

Please debug with the user further. There's nothing we can do with the current amount of information.
Assignee: nobody → desktop-support
Component: MOC: Incidents → Servicedesk
QA Contact: lypulong → moconnor

Updated

2 years ago
Assignee: desktop-support → gcanavaggio
(Assignee)

Comment 4

2 years ago
Does one of you guys know how the resolvconf retrieves name servers that are in /etc/resolv.conf ?
Flags: needinfo?(rsoderberg)
Flags: needinfo?(pradcliffe+bugzilla)
(In reply to Guillaume Canavaggio [:guiom] from comment #4)
> Does one of you guys know how the resolvconf retrieves name servers that are
> in /etc/resolv.conf ?

That depends on what operating system it is, how the system is set up, etc. Without any information about the client system I can't give any particularly specific information.

In the general case for the VPN the name server information is provided by the server and the openvpn client should have options for passing that information to resolvconf to configure /etc/resolv.conf.

I use Tunnelblick which has a "Set DNS/WINS" configuration setting with several different options for how to achieve that. Viscosity has "#viscosity dnssupport true" in the config file. openvpn on Linux (with NetworkManager or otherwise, but NetworkManager has various problems with openvpn and it's better to run openvpn independently from the command line especially when debugging) will have helper scripts for similar things but I haven't used that in a few years.
Flags: needinfo?(pradcliffe+bugzilla)
If you're on OS X, resolv.conf is effectively ignored for everything using system resolver. dig/host/nslookup do not, and you may find this valuable:

alias dhost='dscacheutil -q host -a name'
alias dip='dscacheutil -q host -a ip_address'

And this:

scutil --dns

With special attention to the "for scoped queries" section, where OS X permits applications to bind specific domains to specific nameservers (which Viscosity takes full advantage of, by default).

"WinMTR" in the output in comment 2 hints that we're perhaps not dealing with OS X, though. DNS is permitted to all users, so there's no block that would normally cause issues.
Flags: needinfo?(rsoderberg)
(Reporter)

Comment 7

2 years ago
I finally solved the issue in installing the package openresolv on my distro (debian).
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.