使用 VPN 时网络管理器上的 DNS 设置

Question

我最近更新到 19.04 并注意到使用 VPN 时 NetworkManager 的一些变化。

• 我想使用带有自己的本地 DNS 服务器的 VPN，该服务器是从 DHCP 推送的
• 我有单独的 VPN 配置文件。一个用于安装到远程网络的默认路由的“完整 VPN”，以及一个“拆分隧道”配置文件，仅启用本地资源的设置

由于我更新到 19.04，NetworkManager 似乎只使用推送的 DNS 服务器，这意味着当默认路由被允许安装时（当复选框“仅将此连接用于其网络上的资源”时）未被选中。

让 NetworkManager 安装默认路由：

~$ resolvectl status tun0
Link 16 (tun0)
      Current Scopes: DNS
DefaultRoute setting: yes
       LLMNR setting: yes
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
  Current DNS Server: 192.168.1.1
         DNS Servers: 192.168.1.1
          DNS Domain: local.domain

仅在同一 vpn 配置文件中激活本地资源的复选框：

~$ resolvectl status tun0
Link 8 (tun0)
      Current Scopes: none
DefaultRoute setting: no
       LLMNR setting: yes
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no

此设置以前独立于 default-route-setting 工作，似乎它随着新的 19.04 NetworkManager (v1.16.0) 发生了变化。有人可以确认吗？

编辑：这是桌面安装。以下是一些细节：

~$ ls -al /etc/resolv.conf
lrwxrwxrwx 1 root root 39 Apr 20 15:41 /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf

~$ cat /etc/resolv.conf
# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs must not access this file directly, but only through the
# symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way,
# replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.

nameserver 127.0.0.53
options edns0
search uman.enbw.net

~$ cat /etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback

~$ cat /etc/netplan/*.yaml
# Let NetworkManager manage all devices on this system
network:
  version: 2
  renderer: NetworkManager

Answer 1

我在这里用谷歌搜索，也有完全相同的问题。（Ubuntu 19.04）

对我来说，这个答案解决了。

nmcli c modify <vpn-settings-name> ipv4.dns-search '<domain>' 

您应该指定<vpn-settings-name>对应于 GUI 中的 VPN 设置名称。并且<domain>是您要在远程网络中通过 DNS 搜索的域名。

重新连接到 VPN 后，systemd-resolved status ppp0显示

Link 6 (ppp0)
      Current Scopes: DNS
DefaultRoute setting: yes
       LLMNR setting: yes
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
  Current DNS Server: 192.168.1.1
         DNS Servers: 192.168.1.1 (<--- my dns)
                      192.168.1.10
          DNS Domain: corp