dns [RESOLVED] DNS Breaks shortly after VPN connection

[FlyawayRavage 0]

EDIT: Figured it out. I was under the assumption that systemd-resolved took over all DNS processing and made /etc/resolv.conf obsolete, but apparently that's still where AirVPN pushes the DNS settings too and somehow systemd-resolved overwrites it. Disabling systemd-resolved seems to have fixed this problem for now.

Running AirVPNsuite on my server (Operating System: Debian GNU/Linux 11 (bullseye); Kernel: Linux 5.10.0-20-amd64), DNS breaks randomly 5-60mins after establishing connection. DNS settings, as far as I can tell, aren't being changed. I can still ping the server-pushed DNS server as well, but it just doesn't resolve. Relevant logs below:
Logs immediately after establishing connection:

root@labserver:~# resolvectl
Global
         Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
  resolv.conf mode: foreign
Current DNS Server: 10.32.178.1
       DNS Servers: 10.32.178.1

Link 2 (enp0s25)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
   DNS Servers: 10.32.178.1

Link 3 (docker0)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
   DNS Servers: 10.32.178.1

Link 4 (tun0)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
     Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
   DNS Servers: 10.32.178.1

root@labserver:~# goldcrest --bluetit-status
2023-03-02 22:47:43 Reading run control directives from file /root/.config/goldcrest.rc
Goldcrest 1.2.1 - 9 December 2022

2023-03-02 22:47:43 Bluetit - AirVPN OpenVPN 3 Service 1.2.1 - 9 December 2022
2023-03-02 22:47:43 OpenVPN core 3.8.2 AirVPN linux x86_64 64-bit
2023-03-02 22:47:43 Copyright (C) 2012-2020 OpenVPN Inc. All rights reserved.
2023-03-02 22:47:43 OpenSSL 1.1.1n  15 Mar 2022
2023-03-02 22:47:43 Bluetit is connected to VPN
2023-03-02 22:47:43 Persistent Network Lock and Filter is enabled. (using nftables)
2023-03-02 22:47:43 ----------------------
2023-03-02 22:47:43 Connected to AirVPN server Yildun (Miami, United States of America)
2023-03-02 22:47:43 Users 50 - Load 8% - Bandwidth 80.08 Mbit/s - Max 1 Gbit/s
2023-03-02 22:47:43 Server IP Address 173.44.55.181 - Port 443 - Protocol UDPv4 - Cipher AES-256-GCM
2023-03-02 22:47:43 Network topology: subnet - Server ping 10 s - Ping restart 60 s
2023-03-02 22:47:43 Pushed DNS: 10.32.178.1 (IPv4)
2023-03-02 22:47:43 Connection time: 00:02:25
2023-03-02 22:47:43 Transferred data: In 34.09 KB, Out 9.15 KB
2023-03-02 22:47:43 Current rate: In 0 bit/s, Out 0 bit/s
2023-03-02 22:47:43 Maximum rate: In 14.78 Kbit/s, Out 1.09 Kbit/s

root@labserver:~# ping google.com
PING google.com (142.250.217.206) 56(84) bytes of data.
64 bytes from mia07s61-in-f14.1e100.net (142.250.217.206): icmp_seq=1 ttl=120 time=72.3 ms
64 bytes from mia07s61-in-f14.1e100.net (142.250.217.206): icmp_seq=2 ttl=120 time=72.3 ms
64 bytes from mia07s61-in-f14.1e100.net (142.250.217.206): icmp_seq=3 ttl=120 time=72.5 ms

Logs ~1 hour later when DNS has failed:

root@labserver:~# resolvectl
Global
         Protocols: +LLMNR +mDNS -DNSOverTLS DNSSEC=no/unsupported
  resolv.conf mode: foreign
Current DNS Server: 10.32.178.1
       DNS Servers: 10.32.178.1

Link 2 (enp0s25)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
   DNS Servers: 10.32.178.1

Link 3 (docker0)
Current Scopes: none
     Protocols: -DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
   DNS Servers: 10.32.178.1

Link 4 (tun0)
Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
     Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
   DNS Servers: 10.32.178.1

root@labserver:~# goldcrest --bluetit-status
2023-03-02 23:56:38 Reading run control directives from file /root/.config/goldcrest.rc
Goldcrest 1.2.1 - 9 December 2022

2023-03-02 23:56:38 Bluetit - AirVPN OpenVPN 3 Service 1.2.1 - 9 December 2022
2023-03-02 23:56:38 OpenVPN core 3.8.2 AirVPN linux x86_64 64-bit
2023-03-02 23:56:38 Copyright (C) 2012-2020 OpenVPN Inc. All rights reserved.
2023-03-02 23:56:38 OpenSSL 1.1.1n  15 Mar 2022
2023-03-02 23:56:38 Bluetit is connected to VPN
2023-03-02 23:56:38 Persistent Network Lock and Filter is enabled. (using nftables)
2023-03-02 23:56:39 ----------------------
2023-03-02 23:56:39 Connected to AirVPN server Yildun (Miami, United States of America)
2023-03-02 23:56:39 Users 50 - Load 4% - Bandwidth 48.70 Mbit/s - Max 1 Gbit/s
2023-03-02 23:56:39 Server IP Address 173.44.55.181 - Port 443 - Protocol UDPv4 - Cipher AES-256-GCM
2023-03-02 23:56:39 Network topology: subnet - Server ping 10 s - Ping restart 60 s
2023-03-02 23:56:39 Pushed DNS: 10.32.178.1 (IPv4)
2023-03-02 23:56:39 Connection time: 01:11:19
2023-03-02 23:56:39 Transferred data: In 627.65 KB, Out 107.48 KB
2023-03-02 23:56:39 Current rate: In 20 bit/s, Out 0 bit/s
2023-03-02 23:56:39 Maximum rate: In 65.65 Kbit/s, Out 3.59 Kbit/s

root@labserver:~# ping google.com
ping: google.com: Temporary failure in name resolution
root@labserver:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=120 time=72.3 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=120 time=72.3 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=120 time=72.3 ms

root@labserver:~# dig google.com

; <<>> DiG 9.16.33-Debian <<>> google.com
;; global options: +cmd
;; connection timed out; no servers could be reached

[OpenSourcerer 1435]

3 hours ago, FlyawayRavage said:

EDIT: Figured it out. I was under the assumption that systemd-resolved took over all DNS processing and made /etc/resolv.conf obsolete, but apparently that's still where AirVPN pushes the DNS settings too and somehow systemd-resolved overwrites it. Disabling systemd-resolved seems to have fixed this problem for now.

It's not so much an override as it is a symlink to a legacy resolv.conf managed by resolved, and it checks from time to time whether the resolv.conf is still a symlink, of course, hence the "every 5-60 minutes it fails".
But, glad you resolved it.