I wish people would actually go and do something useful instead of wishing stuff on a forum.

No, it hasn't. OpenDNS name resolution is totally broken by default on Ubuntu 19.10 for my corporate VPN. The "solutions" presented in this thread either don't work or work temporarily and unreliably for some minutes or until the next reboot: https://askubuntu.com/questions/1032...ted-to-openvpn

Of course the old and expected behavior of editing resolv.conf and adding a nameserver at the top could fix it (if systemd-resolved didn't auto-manage it), but systemd guys couldn't restrain themselves in order not to break the simple and sane behavior of true and tested Linux tools.

So, the solution in an Ubuntu/NetworkManager/systemd-resolved environment to let me specify my own desired DNS server *only* for IPs from the OpenVPN network is...?

Around a third of those are feature requests

It’s quite the inverse. systemd-resolved (when paired with an intelligent enough network tool, e. g. NetworkManager) is the only Linux software in existence that will do the right thing by default when you have multiple interfaces each with its own internal DNS.

Of course no. NM explicitly supports resolved.

Yes and no.

systemd-resolved taking the list of nameservers from pre-existing resolv.conf is not a recommended mode of operation. In this case you get all the downsides and almost no benefits because resolved is then constrained by the limitations of resolv.conf syntax (and getting around those limitations is what drove the development of resolved in the first place).

And remember, don't fork, contribute. Unless.... .... d.

Ubuntu 18.04's packages, so systemd 237 and network-manager 1.10.6-2ubuntu1.4. It exists with the latest packages, and myself and coworkers have reproduced the bug on at least five different machines. https://bugs.launchpad.net/ubuntu/+s...r/+bug/1851407

Except when it doesn't work at all. The solution we found was just getting rid of resolved: https://askubuntu.com/a/907249

Except that does not in fact fix it just make the bug less frequent. Resolved does multi dns resolve so it walks down the DNS list very quickly. In fact shows a fault in your configuration that would normally be hidden. The fault with what you said add nameserver at top of resolv.conf under the past system was that if that DNS server did not respond for some reason old resolve system will walk down the list as well. Basically you need to set DNS priorities and you need to give directives that DHCP got DNS servers don't nuke you VPN ones. On business networks this can be setting particular domains to be resolved by particular DNS servers. Reality you need to do this bit with or without resolved.



Except that bug says developers could not reproduce fault. And are asking if you missed ipv4.never-default=yes in all those cases. Yes not setting this in network manager and using the old resolve system still leaves you open to security bug just now requiring the first server not to respond triggering a walk down the list.

Basically resolved makes a fairly hidden bug caused by miss configuration happen really commonly and it cause is still miss configuration expect now people want to blame resolved instead of waking up o crap our configuration as been wrong all this time.