You are not logged in.
- Topics: Active | Unanswered
#1 2023-02-15 19:04:43
- aeonik
- Member
- Registered: 2018-04-04
- Posts: 21
KDE Network Manager shows incorrect Primary Nameserver in China
Hi Everyone,
KDE Network manager is showing an incorrect Name Server in the System Tray.
It says my Primary Nameserver is 8.173.35.89.
I have checked all my configurations, checked logs, checked wireshark traces, and my Arch system doesn't seem to be connecting to this IP Address at all.
When I run an NSLookup, it correctly shows that I am connecting to Cloudflare.
Is this possibly a bug in the arch's version of KDE Network manager, or am I hacked?
Regards,
Aeonik
Offline
#2 2023-02-15 22:09:37
- seth
- Member
- Registered: 2012-09-03
- Posts: 51,002
Re: KDE Network Manager shows incorrect Primary Nameserver in China
resolvectl status
nmcli device show <interface> # replace <interface> w/ your actual NIC name, eth0 or so
cat /etc/resolv.confThe IP belongs to alibaba and doesn't even have an open port #53 - I have no idea what you're looking at or where it would draw this IP from, but maybe the text is misrendered (and we're missing one or two leading digits)
Online
#3 2023-02-15 22:09:46
- Scimmia
- Fellow
- Registered: 2012-09-01
- Posts: 11,543
Re: KDE Network Manager shows incorrect Primary Nameserver in China
How are you setting it to the Cloudflare server?
Offline
#4 2023-02-16 00:23:20
- aeonik
- Member
- Registered: 2018-04-04
- Posts: 21
Re: KDE Network Manager shows incorrect Primary Nameserver in China
I am setting my nameserver in resolve.conf
I also checked the /etc/NetworkManager/system-connections, and everything looks normal in there as well.
I have a link to a screenshot here. Nslookup appears to be using the Cloudflare address 1.1.1.1, I see no traffic to this Alibaba IP address. I tried creating a brand new connection in Network manager and it gave me a class E 248.172.35.89 address.
Very bizarre behavior. I checked all my logs, took Wireshark traces, all traffic looks normal. It's just the Widget that seems to be displaying an erroneous address.
Edit: Image link doesn't seem to be working, here is a direct link: https://imgur.com/a/i938dfX
Last edited by aeonik (2023-02-16 00:25:06)
Offline
#5 2023-02-16 00:26:39
- aeonik
- Member
- Registered: 2018-04-04
- Posts: 21
Re: KDE Network Manager shows incorrect Primary Nameserver in China
Oh! I just noticed that the both connection are probably the same underlying address, the first one is just being truncated.
248.172.35.89 = 8.172.35.89 but missing the first two digits.
Offline
#6 2023-02-16 01:13:36
- aeonik
- Member
- Registered: 2018-04-04
- Posts: 21
Re: KDE Network Manager shows incorrect Primary Nameserver in China
To summarize: I created a new connection in KDE, and the Primary Nameserver IP address changed to a Class E Private IP, which was the same IP as the "Chinese" IP Address, but with a "24" appended to the front octet, making the address 8.172.35.89 -> 248.172.35.89. HMM.... Looks like a truncation issue.
I just updated my system, restarted, and now that same connection displays an IP Address resolving to the US Postal Service, 56.250.34.170... Nslookup, and all DNS resolutions are going to Cloudflare according to multiple network probes, one of them out of band on a Port Mirror.
Offline
#7 2023-02-16 06:49:06
- seth
- Member
- Registered: 2012-09-03
- Posts: 51,002
Re: KDE Network Manager shows incorrect Primary Nameserver in China
the text is misrendered (and we're missing one or two leading digits)
Called it 
it gave me a class E 248.172.35.89 address
it gave you "where"?
Please post the outputs of the commands I asked for in #2
displays an IP Address resolving to the US Postal Service, 56.250.34.170
Maybe 156.250.34.170 (truncated again)?
I am setting my nameserver in resolve.conf
"resolv.conf", and that doesn't really explain how you configure the DNS, https://wiki.archlinux.org/title/Networ … management
Also you want to compare the behaviors of nslookup and drill, since the latter doesn't use libresolv
Online
#8 2023-02-16 11:36:22
- Scimmia
- Fellow
- Registered: 2012-09-01
- Posts: 11,543
Re: KDE Network Manager shows incorrect Primary Nameserver in China
I am setting my nameserver in resolve.conf
NM isn't going to be aware of what you put in resolv.conf, it's going to display what it's configured to use, which by default will be whatever it gets from dhcp. See https://wiki.archlinux.org/title/Networ … NS_servers
Offline
#9 2023-02-16 14:13:03
- aeonik
- Member
- Registered: 2018-04-04
- Posts: 21
Re: KDE Network Manager shows incorrect Primary Nameserver in China
Seth,
Here is the following:
(I don't use systemd for resolution)
❯ resolvectl status
Failed to get global data: Unit dbus-org.freedesktop.resolve1.service not found.❯ nmcli device show enp42s0
GENERAL.DEVICE: enp42s0
GENERAL.TYPE: ethernet
GENERAL.HWADDR: [REDACTED]
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: Wired connection 2
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/3
WIRED-PROPERTIES.CARRIER: on
IP4.ADDRESS[1]: 192.168.10.39/24
IP4.GATEWAY: 192.168.10.1
IP4.ROUTE[1]: dst = 192.168.10.0/24, nh = 0.0.0.0, mt = 100
IP4.ROUTE[2]: dst = 0.0.0.0/0, nh = 192.168.10.1, mt = 100
IP4.DNS[1]: 1.1.1.1
IP4.DNS[2]: 192.168.10.1
IP4.SEARCHES[1]: aeonik.dev
IP6.GATEWAY: --❯ dig www.google.com
; <<>> DiG 9.18.11 <<>> www.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38104
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;www.google.com. IN A
;; ANSWER SECTION:
www.google.com. 253 IN A 142.250.112.99
www.google.com. 253 IN A 142.250.112.103
www.google.com. 253 IN A 142.250.112.105
www.google.com. 253 IN A 142.250.112.104
www.google.com. 253 IN A 142.250.112.147
www.google.com. 253 IN A 142.250.112.106
;; Query time: 13 msec
;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP)
;; WHEN: Thu Feb 16 09:08:18 EST 2023
;; MSG SIZE rcvd: 139KDE's Network Manager System Tray Widget is still showing erroneous IPv4 Primary Nameserver: 56.230.34.170: https://imgur.com/a/KDoUBPp
Has to be a rendering issue. I highly doubt that both Alibaba and the US Postal Service are both trying to hack me, and their stealth has been compromised by the KDE Network Manager widget.
Offline
#10 2023-02-16 14:46:44
- seth
- Member
- Registered: 2012-09-03
- Posts: 51,002
Re: KDE Network Manager shows incorrect Primary Nameserver in China
drill, not dig
I think what's going on is that the widget relies on resolved for data, you're not using resolved and so you're getting what are probably random class E placeholders.
Online
#11 2023-02-16 15:07:03
- aeonik
- Member
- Registered: 2018-04-04
- Posts: 21
Re: KDE Network Manager shows incorrect Primary Nameserver in China
Seth,
My apologies, I'm sure you can tell that DNS is not my forte (nor is reading, apparently).
❯ drill www.google.com
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 45782
;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; www.google.com. IN A
;; ANSWER SECTION:
www.google.com. 300 IN A 142.250.190.68
;; AUTHORITY SECTION:
;; ADDITIONAL SECTION:
;; Query time: 120 msec
;; SERVER: 192.168.10.1
;; WHEN: Thu Feb 16 10:05:28 2023
;; MSG SIZE rcvd: 48Offline
#12 2023-02-16 15:17:20
- seth
- Member
- Registered: 2012-09-03
- Posts: 51,002
Re: KDE Network Manager shows incorrect Primary Nameserver in China
Drill uses your geateway, 192.168.10.1 what brings us to
cat /etc/resolv.confDoesn't change that those invalid IPs don't show up anywhere else, so the working theory remains that they're placeholders.
You might configure resolved to act as consumer of your reolv.conf and see whether that makes KDE happy (what does not mean that I'd suggest to seriously use resolved…)
Online
#13 2023-02-16 19:16:03
- aeonik
- Member
- Registered: 2018-04-04
- Posts: 21
Re: KDE Network Manager shows incorrect Primary Nameserver in China
Here is the resolve.conf, and potentially other related configs:
❯ cat /etc/resolv.conf
# Generated by NetworkManager
search aeonik.dev
nameserver 1.1.1.1
nameserver 192.168.10.12:14:31 root@aeonik ~ # cat /etc/NetworkManager/system-connections/Wired\ connection\ 2.nmconnection [0]
[connection]
id=Wired connection 2
uuid=[REDACTED]
type=ethernet
autoconnect-priority=-100
[ethernet]
duplex=full
mtu=1500
speed=2500
[ipv4]
address1=192.168.10.39/24,192.168.10.1
dns=1.1.1.1;192.168.10.1;
dns-search=aeonik.dev;
method=manual
[ipv6]
addr-gen-mode=stable-privacy
method=ignore
[proxy]❯ cat /etc/systemd/resolved.conf
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# Entries in this file show the compile time defaults. Local configuration
# should be created by either modifying this file, or by creating "drop-ins" in
# the resolved.conf.d/ subdirectory. The latter is generally recommended.
# Defaults can be restored by simply deleting this file and all drop-ins.
#
# Use 'systemd-analyze cat-config systemd/resolved.conf' to display the full config.
#
# See resolved.conf(5) for details.
[Resolve]
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google: 8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
DNS=192.168.10.1
#FallbackDNS=1.1.1.1#cloudflare-dns.com 9.9.9.9#dns.quad9.net 8.8.8.8#dns.google 2606:4700:4700::1111#cloudflare-dns.com 2620:fe::9#dns.quad9.net 2001:4860:4860::8888#dns.google
#Domains=
#DNSSEC=no
#DNSOverTLS=no
#MulticastDNS=yes
#LLMNR=yes
#Cache=yes
#CacheFromLocalhost=no
#DNSStubListener=yes
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=noOffline
#14 2023-02-16 20:54:05
- seth
- Member
- Registered: 2012-09-03
- Posts: 51,002
Re: KDE Network Manager shows incorrect Primary Nameserver in China
Stupid question: is your hostname aeonik.dev or are you actually in the .dev TLD?
cat /etc/hostname(Spoiler: "aeonik.dev" is not a valid hostname, no idea whether that might throw things off, though)
Online
#15 2023-02-17 04:18:20
- aeonik
- Member
- Registered: 2018-04-04
- Posts: 21
Re: KDE Network Manager shows incorrect Primary Nameserver in China
It's an actual TLD, but my actual configured domain is different, I modified the output that I shared here for privacy reasons, though my other domain is also in a TLD, though it's got a .io suffix. The hostname is just aeonik.
This hostname with the actual domain would be "aeonik.mylastname.io". If I were to point aeonik.dev at this host it would be aeonik.aeonik.dev I guess.
Aeonik.dev is my Matrix server.
Not that it's really super private, just something I keep separate.
Last edited by aeonik (2023-02-17 04:19:25)
Offline
#16 2023-02-17 07:13:26
- seth
- Member
- Registered: 2012-09-03
- Posts: 51,002
Re: KDE Network Manager shows incorrect Primary Nameserver in China
Then this is the only explanation I can still come up with:
I think what's going on is that the widget relies on resolved for data, you're not using resolved and so you're getting what are probably random class E placeholders.
…
You might configure resolved to act as consumer of your reolv.conf and see whether that makes KDE happy (what does not mean that I'd suggest to seriously use resolved…)
And oc file a bug against KDEs NM widget, in case.
Online
#17 2023-02-17 12:13:11
- progandy
- Member
- Registered: 2012-05-17
- Posts: 5,190
Re: KDE Network Manager shows incorrect Primary Nameserver in China
Edit: Sorry, missed the output of the nmcli command.
(I'd think the networkmanager widget should™ use the DNS server networkmanager provides)
Last edited by progandy (2023-02-17 12:14:45)
| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |
Offline
#18 2023-02-22 19:04:57
- DRFK
- Member
- Registered: 2020-12-17
- Posts: 10
Re: KDE Network Manager shows incorrect Primary Nameserver in China
I have been experiencing the same issue described here since the update of NetworkManager to version 1.42 (version 1.40 works fine). Although I am using openSUSE Tumbleweed, let me ask here whether you can confirm this oberservation for ArchLinux. It is not clear to me whether KDE or GNOME is involved here. Thx.
Offline
#19 2023-02-23 10:20:46
- an4oud
- Member
- Registered: 2016-12-17
- Posts: 28
Re: KDE Network Manager shows incorrect Primary Nameserver in China
After upgrade networkmanager and/or kde plasma on archlinux I have same problem.
In kde system tray for NM wifi connection for primory dns server I see 8.116.124.209 , but realy I have 192.168.1.1 as dns adress from my router by dhcp
~ % nmcli connection show wifi_5G | grep -i dns
connection.mdns: -1 (default)
connection.dns-over-tls: -1 (default)
ipv4.dns: --
ipv4.dns-search: --
ipv4.dns-options: --
ipv4.dns-priority: 0
ipv4.ignore-auto-dns: нет
ipv6.dns: --
ipv6.dns-search: --
ipv6.dns-options: --
ipv6.dns-priority: 0
ipv6.ignore-auto-dns: нет
IP4.DNS[1]: 192.168.1.1
% nmcli connection show wifi_5G | grep -i 116Offline
#20 2023-02-23 11:19:10
- an4oud
- Member
- Registered: 2016-12-17
- Posts: 28
Re: KDE Network Manager shows incorrect Primary Nameserver in China
I have opened bug https://bugs.kde.org/show_bug.cgi?id=466298
Offline
#21 2023-02-23 12:37:12
- seth
- Member
- Registered: 2012-09-03
- Posts: 51,002
Re: KDE Network Manager shows incorrect Primary Nameserver in China
Is anyone experiencing this using systemd-resoved?
Online
#22 2023-02-23 12:48:22
- an4oud
- Member
- Registered: 2016-12-17
- Posts: 28
Re: KDE Network Manager shows incorrect Primary Nameserver in China
Is anyone experiencing this using systemd-resoved?
I am using together NetworkManager and systemd-netwokd + resolved.
By default from router dhcp server networkmanager get 192.168.1.1 as dns adress
Then Via systemd for my connection I set cloudflare dns servers 1.1.1.1 and 1.0.0.1
% resolvectl status wlp2s0
Link 4 (wlp2s0)
Current Scopes: DNS
Protocols: +DefaultRoute -LLMNR -mDNS +DNSOverTLS DNSSEC=yes/supported
Current DNS Server: 1.1.1.1
DNS Servers: 1.1.1.1 1.0.0.1
DNS Domain: ~.But in NM kde applet primory dns adress is 8.116.124.209
Last edited by an4oud (2023-02-23 13:00:36)
Offline
#23 2023-02-23 13:01:14
- seth
- Member
- Registered: 2012-09-03
- Posts: 51,002
Re: KDE Network Manager shows incorrect Primary Nameserver in China
There goes that theory … sidebar:
I am using together NetworkManager and systemd-netwokd + resolved.
Err… hopefully not.
Please post the output of
find /etc/systemd -type l -exec test -f {} \; -print | awk -F'/' '{ printf ("%-40s | %s\n", $(NF-0), $(NF-1)) }' | sort -fOnline
#24 2023-02-23 13:03:27
- an4oud
- Member
- Registered: 2016-12-17
- Posts: 28
Re: KDE Network Manager shows incorrect Primary Nameserver in China
find /etc/systemd -type l -exec test -f {} \; -print | awk -F'/' '{ printf ("%-40s | %s\n", $(NF-0), $(NF-1)) }' | sort -f
apparmor.service | multi-user.target.wants
bluetooth.service | bluetooth.target.wants
dbus-org.bluez.service | system
dbus-org.freedesktop.network1.service | system
dbus-org.freedesktop.NetworkManager.service | system
dbus-org.freedesktop.nm-dispatcher.service | system
dbus-org.freedesktop.resolve1.service | system
dbus-org.freedesktop.thermald.service | system
display-manager.service | system
fstrim.timer | timers.target.wants
getty@tty1.service | getty.target.wants
irqbalance.service | multi-user.target.wants
lm_sensors.service | multi-user.target.wants
NetworkManager.service | multi-user.target.wants
NetworkManager-wait-online.service | network-online.target.wants
p11-kit-server.socket | sockets.target.wants
pcscd.socket | sockets.target.wants
pipewire-media-session.service | pipewire.service.wants
pipewire-session-manager.service | user
pipewire.socket | sockets.target.wants
power-profiles-daemon.service | graphical.target.wants
pulseaudio.socket | sockets.target.wants
remote-fs.target | multi-user.target.wants
shadowsocks-rust-client@ss_443.service | multi-user.target.wants
sshd.service | multi-user.target.wants
sysstat-collect.timer | sysstat.service.wants
sysstat.service | multi-user.target.wants
sysstat-summary.timer | sysstat.service.wants
systemd-networkd.service | multi-user.target.wants
systemd-networkd.socket | sockets.target.wants
systemd-networkd-wait-online.service | network-online.target.wants
systemd-network-generator.service | sysinit.target.wants
systemd-resolved.service | multi-user.target.wants
systemd-resolved.service | sysinit.target.wants
systemd-timesyncd.service | sysinit.target.wants
thermald.service | multi-user.target.wants
ufw.service | multi-user.target.wants
xdg-user-dirs-update.service | default.target.wantsOffline
#25 2023-02-23 13:14:06
- seth
- Member
- Registered: 2012-09-03
- Posts: 51,002
Re: KDE Network Manager shows incorrect Primary Nameserver in China
If you want to use NM, stop and disable all systemd-networkd* services and sockets.
resolved should™ be fine (though I'd guess NM would, if properly configured, start it by itself)
Online