Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. vpnc>
  3. devel
OS X Name Resolution
monty19 at hotmail
Feb 4, 2009, 10:22 AM
Post #1 of 3 (2328 views)
Permalink
A change in 0.5.2 is causing name resolution to fail for me.



The changelog for 0.5.2 contains this comment:
* Fix default route while setting DNS on Darwin, by Felix Buenemann
and it appears this line was commented out in the vpnc-script:
d.add Router $INTERNAL_IP4_ADDRESS

The symptom that this causes for me (on a Leopard 10.5.6 system) is that
/etc/resolv.conf is updated with my internal DNS servers, so that nslookup, dig,
and any of the few other programs on OS X that rely on it continue to work.

However, most programs in OS X rely on the settings seen by running scutil --dns,
which is not being updated by vpnc. This causes name resolution for virtually
everything to fail. Uncommenting the line causes it to work again.

I guess my question is, what did this fix, and is the name resolution failure
something I should expect because of this.

Thank you,
Jason




_________________________________________________________________
Windows Live™: Keep your life in sync.
http://windowslive.com/howitworks?ocid=TXT_TAGLM_WL_t1_allup_howitworks_022009
_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/
Re: OS X Name Resolution [ In reply to ]
dwmw2 at infradead
Mar 25, 2015, 6:51 AM
Post #2 of 3 (1334 views)
Permalink
On Wed, 2009-02-04 at 13:22 -0500, Jason Montleon wrote:
> A change in 0.5.2 is causing name resolution to fail for me.
>
>
>
> The changelog for 0.5.2 contains this comment:
> * Fix default route while setting DNS on Darwin, by Felix Buenemann
> and it appears this line was commented out in the vpnc-script:
> d.add Router $INTERNAL_IP4_ADDRESS
>
> The symptom that this causes for me (on a Leopard 10.5.6 system) is that
> /etc/resolv.conf is updated with my internal DNS servers, so that nslookup, dig,
> and any of the few other programs on OS X that rely on it continue to work.
>
> However, most programs in OS X rely on the settings seen by running scutil --dns,
> which is not being updated by vpnc. This causes name resolution for virtually
> everything to fail. Uncommenting the line causes it to work again.

I know, it's *only* been 6 years. This is now fixed in the upstream
vpnc-scripts git repository:
http://git.infradead.org/users/dwmw2/vpnc-scripts.git/commitdiff/e8b30a2b

--
dwmw2

Attached Files:

Re: OS X Name Resolution [ In reply to ]
breiter at wolfereiter
Mar 26, 2015, 12:21 AM
Post #3 of 3 (1331 views)
Permalink
> On Mar 25, 2015, at 3:51 PM, David Woodhouse <dwmw2@infradead.org> wrote:
>
> On Wed, 2009-02-04 at 13:22 -0500, Jason Montleon wrote:
>> A change in 0.5.2 is causing name resolution to fail for me.
>>
>>
>>
>> The changelog for 0.5.2 contains this comment:
>> * Fix default route while setting DNS on Darwin, by Felix Buenemann
>> and it appears this line was commented out in the vpnc-script:
>> d.add Router $INTERNAL_IP4_ADDRESS
>>
>> The symptom that this causes for me (on a Leopard 10.5.6 system) is that
>> /etc/resolv.conf is updated with my internal DNS servers, so that nslookup, dig,
>> and any of the few other programs on OS X that rely on it continue to work.
>>
>> However, most programs in OS X rely on the settings seen by running scutil --dns,
>> which is not being updated by vpnc. This causes name resolution for virtually
>> everything to fail. Uncommenting the line causes it to work again.
>
> I know, it's *only* been 6 years. This is now fixed in the upstream
> vpnc-scripts git repository:
> http://git.infradead.org/users/dwmw2/vpnc-scripts.git/commitdiff/e8b30a2b

This vpnc-script causes an error to be printed in OS X 10.10.2:

ifconfig: ioctl (SIOCAIFADDR): Destination address required

I’m binding to a utun device but I don’t know if that is related.

This block from line 793

if [ -n "$INTERNAL_IP4_ADDRESS" ]; then
ifconfig "$TUNDEV" 0.0.0.0
fi

$INTERNAL_IP4_ADDRESS 10.52.60.93
$TUNDEV utun1

In my older version of the script that I took from MacPorts, the entire if from 781 to 804 starting with `if [ -n "$IPROUTE" ]; then` does not exist and it works find.

Proposed patch:

--- vpnc-script.upstream 2015-03-26 09:11:08.000000000 +0200
+++ vpnc-script 2015-03-26 09:20:26.000000000 +0200
@@ -777,6 +777,12 @@
$RESTORERESOLVCONF
fi

+ case "$OS" in
+ Darwin)
+ destroy_tun_device
+ return
+ ;;
+ esac

if [ -n "$IPROUTE" ]; then
if [ -n "$INTERNAL_IP4_ADDRESS" ]; then

Attached Files:

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal