DNS Troubleshooting on OS X
Johnny Sheeley
sheeley at aigee.org
Wed Sep 21 09:38:11 PDT 2016
Hi,
I'm running OS X 10.11.6 with OpenConnect with the latest vpnc-script
and having trouble resolving DNS for some of our internal services. I
tried bouncing mDNSResponder with no luck - I'm relatively ignorant of
the troubleshooting process, any suggestions on how to
troubleshoot/fix?
I'm specifically seeing issues with resolving DNS for split7 &
dev.split7, I've included a scrubbed version of my output below.
Thanks,
Johnny
sudo openconnect -v --user=jsheeley --script
~/Downloads/vpnc-scripts-6e04e0b/vpnc-script myvpnhost
Password:
POST https://myvpnhost/
Attempting to connect to server 10.0.0.31:443
Connected to 10.0.0.31:443
SSL negotiation with myvpnhost
Connected to HTTPS on myvpnhost
Got HTTP response: HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
Connection: Keep-Alive
Date: Wed, 21 Sep 2016 15:28:04 GMT
X-Frame-Options: SAMEORIGIN
X-Aggregate-Auth: 1
HTTP body chunked (-2)
XML POST enabled
Please enter your username and password.
Password:
Password:
POST https://myvpnhost/
Got HTTP response: HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
Connection: Keep-Alive
Date: Wed, 21 Sep 2016 15:28:08 GMT
X-Frame-Options: SAMEORIGIN
X-Aggregate-Auth: 1
HTTP body chunked (-2)
Got CONNECT response: HTTP/1.1 200 OK
X-CSTP-Version: 1
X-CSTP-Protocol: Copyright (c) 2004 Cisco Systems, Inc.
X-CSTP-Address: 10.0.0.17
X-CSTP-Netmask: 255.255.254.0
X-CSTP-Hostname: vpn
X-CSTP-DNS: 10.0.0.28
X-CSTP-DNS: 10.0.0.21
X-CSTP-Lease-Duration: 86400
X-CSTP-Session-Timeout: 86400
X-CSTP-Idle-Timeout: 1200
X-CSTP-Disconnected-Timeout: 1200
X-CSTP-Split-Include: 10.0.0.10/255.255.0.0
X-CSTP-Split-Include: 10.0.0.9/255.255.0.0
X-CSTP-Split-Include: 10.0.0.26/255.255.0.0
X-CSTP-Split-Include: 10.0.0.3/255.255.0.0
X-CSTP-Split-Include: 10.0.0.2/255.255.0.0
X-CSTP-Split-Include: 10.0.0.18/255.255.0.0
X-CSTP-Split-Include: 10.0.0.13/255.255.0.0
X-CSTP-Split-Include: 10.0.0.11/255.255.0.0
X-CSTP-Split-Include: 10.0.0.12/255.255.0.0
X-CSTP-Split-Include: 10.0.0.14/255.255.0.0
X-CSTP-Split-Include: 10.0.0.6/255.255.0.0
X-CSTP-Split-Include: 10.0.0.16/255.255.0.0
X-CSTP-Split-Include: 10.0.0.15/255.255.0.0
X-CSTP-Split-Include: 10.0.0.8/255.255.0.0
X-CSTP-Split-Include: 10.0.0.27/255.255.0.0
X-CSTP-Split-Include: 10.0.0.29/255.255.0.0
X-CSTP-Split-Include: 10.0.0.5/255.255.0.0
X-CSTP-Split-Include: 10.0.0.19/255.255.0.0
X-CSTP-Split-Include: 10.0.0.23/255.240.0.0
X-CSTP-Split-Include: 10.0.0.7/255.255.248.0
X-CSTP-Split-Include: 10.0.0.25/255.255.255.0
X-CSTP-Split-Include: 10.0.0.30/255.255.224.0
X-CSTP-Split-Include: 10.0.0.24/255.255.240.0
X-CSTP-Split-Include: 10.0.0.22/255.255.240.0
X-CSTP-Split-Include: 10.0.0.32/255.255.255.255
X-CSTP-Split-Include: 10.0.0.1/255.255.0.0
X-CSTP-Split-Include: 10.0.0.10/255.255.0.0
X-CSTP-Split-Include: 10.0.0.9/255.255.0.0
X-CSTP-Split-Include: 10.0.0.26/255.255.0.0
X-CSTP-Split-Include: 10.0.0.3/255.255.0.0
X-CSTP-Split-Include: 10.0.0.2/255.255.0.0
X-CSTP-Split-Include: 10.0.0.18/255.255.0.0
X-CSTP-Split-Include: 10.0.0.13/255.255.0.0
X-CSTP-Split-Include: 10.0.0.11/255.255.0.0
X-CSTP-Split-Include: 10.0.0.12/255.255.0.0
X-CSTP-Split-Include: 10.0.0.14/255.255.0.0
X-CSTP-Split-Include: 10.0.0.6/255.255.0.0
X-CSTP-Split-Include: 10.0.0.16/255.255.0.0
X-CSTP-Split-Include: 10.0.0.15/255.255.0.0
X-CSTP-Split-Include: 10.0.0.8/255.255.0.0
X-CSTP-Split-Include: 10.0.0.27/255.255.0.0
X-CSTP-Split-Include: 10.0.0.29/255.255.0.0
X-CSTP-Split-Include: 10.0.0.5/255.255.0.0
X-CSTP-Split-Include: 10.0.0.19/255.255.0.0
X-CSTP-Split-Include: 10.0.0.23/255.240.0.0
X-CSTP-Split-Include: 10.0.0.7/255.255.248.0
X-CSTP-Split-Include: 10.0.0.25/255.255.255.0
X-CSTP-Split-Include: 10.0.0.30/255.255.224.0
X-CSTP-Split-Include: 10.0.0.24/255.255.240.0
X-CSTP-Split-Include: 10.0.0.22/255.255.240.0
X-CSTP-Split-Include: 10.0.0.32/255.255.255.255
X-CSTP-Split-Include: 10.0.0.1/255.255.0.0
X-CSTP-Split-DNS: split1
X-CSTP-Split-DNS: split2
X-CSTP-Split-DNS: split3
X-CSTP-Split-DNS: split4
X-CSTP-Split-DNS: split5
X-CSTP-Split-DNS: split6
X-CSTP-Split-DNS: split7 # issues resolving things here
X-CSTP-Split-DNS: split8
X-CSTP-Split-DNS: split9
X-CSTP-Split-DNS: split10
X-CSTP-Split-DNS: dev.split7 # issues resolving things here
X-CSTP-Split-DNS: split8
X-CSTP-Keep: true
X-CSTP-Tunnel-All-DNS: false
X-CSTP-DPD: 30
X-CSTP-Keepalive: 20
X-CSTP-MSIE-Proxy-Lockdown: true
X-CSTP-Smartcard-Removal-Disconnect: true
X-DTLS-Session-ID: B111F8...
X-DTLS-Port: 443
X-DTLS-Keepalive: 20
X-DTLS-DPD: 30
X-CSTP-MTU: 1406
X-DTLS-CipherSuite: AES256-SHA
X-CSTP-Routing-Filtering-Ignore: false
X-CSTP-Quarantine: false
X-CSTP-Disable-Always-On-VPN: false
X-CSTP-Client-Bypass-Protocol: false
X-CSTP-TCP-Keepalive: true
X-CSTP-Post-Auth-XML: <elided>
CSTP connected. DPD 30, Keepalive 20
CSTP Ciphersuite: (TLS1.2)-(DHE-RSA-2048)-(AES-256-GCM)
DTLS option X-DTLS-Session-ID : B111F8...
DTLS option X-DTLS-Port : 443
DTLS option X-DTLS-Keepalive : 20
DTLS option X-DTLS-DPD : 30
DTLS option X-DTLS-CipherSuite : AES256-SHA
DTLS initialised. DPD 30, Keepalive 20
Connected as 10.0.0.17, using SSL
Established DTLS connection (using GnuTLS). Ciphersuite
(DTLS0.9)-(RSA)-(AES-256-CBC)-(SHA1).
Initiating IPv4 MTU detection (min=703, max=1406)
No change in MTU after detection (was 1406)
add host 10.0.0.31: gateway 10.0.0.4
add net 10.0.0.20: gateway 10.0.0.17
add net 10.0.0.1: gateway 10.0.0.17
add net 10.0.0.32: gateway 10.0.0.17
add net 10.0.0.22: gateway 10.0.0.17
add net 10.0.0.24: gateway 10.0.0.17
add net 10.0.0.30: gateway 10.0.0.17
add net 10.0.0.25: gateway 10.0.0.17
add net 10.0.0.7: gateway 10.0.0.17
add net 10.0.0.23: gateway 10.0.0.17
add net 10.0.0.19: gateway 10.0.0.17
add net 10.0.0.5: gateway 10.0.0.17
add net 10.0.0.29: gateway 10.0.0.17
add net 10.0.0.27: gateway 10.0.0.17
add net 10.0.0.8: gateway 10.0.0.17
add net 10.0.0.15: gateway 10.0.0.17
add net 10.0.0.16: gateway 10.0.0.17
add net 10.0.0.6: gateway 10.0.0.17
add net 10.0.0.14: gateway 10.0.0.17
add net 10.0.0.12: gateway 10.0.0.17
add net 10.0.0.11: gateway 10.0.0.17
add net 10.0.0.13: gateway 10.0.0.17
add net 10.0.0.18: gateway 10.0.0.17
add net 10.0.0.2: gateway 10.0.0.17
add net 10.0.0.3: gateway 10.0.0.17
add net 10.0.0.26: gateway 10.0.0.17
add net 10.0.0.9: gateway 10.0.0.17
add net 10.0.0.10: gateway 10.0.0.17
route: writing to routing socket: File exists
add net 10.0.0.1: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.32: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.22: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.24: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.30: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.25: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.7: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.23: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.19: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.5: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.29: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.27: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.8: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.15: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.16: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.6: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.14: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.12: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.11: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.13: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.18: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.2: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.3: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.26: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.9: gateway 10.0.0.17: File exists
route: writing to routing socket: File exists
add net 10.0.0.10: gateway 10.0.0.17: File exists
add net 10.0.0.28: gateway 10.0.0.17
add net 10.0.0.21: gateway 10.0.0.17
More information about the openconnect-devel
mailing list