Network Manager says limited connectivity but everything works

Updated: April 1, 2020

As it turns out, breaking your system is very easy, if you set your heart and mind to it. This problem has a convoluted origin and a rather interesting solution, so bear with me. As it happens, 'twas a dark and rainy night, and I set about testing several VPN services. One of them: Mullvad. It worked fine for a while, but then I upgraded the application version from the 2019.1 build to 2019.8 build, and things stopped working fine. Whenever I'd connect to VPN, DNS resolution would stop. Test box: Kubuntu 18.04.

I wasn't sure if this was specific to my host or a wider problem, so I decided to test in KDE neon, too, which happens to be one of the many distros I have installed on the G50 laptop. A reboot or two later, lots of nice Plasma updates (going up to 5.16.90 at the time of writing), and some small tweaks, I had Mullvad running fine. But then, the Network Manager started to complain about limited connectivity. Let's see what gives.

Teaser

More problems, more details

First, I wanted to understand WHY Mullvad wasn't working well in the Kubuntu instance. After some magical debugging, I realized there was a conflict with Pi-Hole, installed locally. When it comes to DNS, there can be only one. Or something. And of course, systemd sure doesn't help with its myriad symlinks and obfuscated logs. But that's a separate story.

In neon, I had the VPN connectivity, but about a minute into the session, the exclamation mark suddenly popped up alongside the Wireless icon. Curious. I did all sorts of network speed and connectivity tests, and everything was working without any issues. However, the icon stayed - and nmcli general confirms this on the command line.

What does the log say?

Well, going through system logs is never a fun activity, but this one showed something I've not seen before. Errors related to VMware Workstation virtual adapters vmnet1 and vmnet8. Apparently, they were problems with DHCP functionality.

... dhcpcd[1042]: vmnet8: dhcp_sendpacket: Operation not permitted
... dhcpcd[1042]: vmnet1: dhcp_sendpacket: Operation not permitted

As the Workstation setup was an expired trial version anyway, I decided to uninstall the program, and see whether this would actually solve the issue. And it looks like it did. The actual reason for the problem was in that Mullvad is configured to block local network traffic by default when connected, which includes the local ranges used by the vmnet adapters.

Therefore, the workaround to the problem would be to allow local traffic in the VPN application, or alternatively, tweak the usage of the affected software. Then again, the problem isn't really one unless you must use both these at the same time. For most people, this will never be relevant.

So what's the message here?

I've seen dozens of reports on the "network manager + exclamation mark" on the Web, and most users believe this to be a silly bug, a transient behavior that can be cleared by restarting the network manager or re-connecting the network, but in this particular case, there WAS a "sort of" real issue - however, it does align with the word silly. It wasn't big or cardinal or noticeable unless you needed to have virtual machines running just at that time, but it existed, and the Network Manager did in fact correctly report a degraded state of functionality, hence limited connectivity.

Conclusion

Random little issues can be super-annoying. Even more so when you tend to want to disregard them as a bug in the software, but then they end up being real. Not necessarily cardinal, just not a false positive. Which is why you should never diagnose problems if your core functionality is all there. But we did figure this one out, so all is swell.

In a scenario like this, the next logical step would be for the operating system to share the details of the problem rather than just alert, and allow the user to fully understand the implications and then decide whether to do something or ignore them. The exclamation mark, sans any verbose explanation, is unnecessarily alarming, especially since there is no visible effect. And let's face it, if the Internet works, then there's no problem, right! Well, if you're one of the nerds who hates sudden randomness, this one might settle your OCD demons ever so slightly. Now, if the exclamation mark ever comes back again, we shall talk. Again. We're done.

Cheers.

You may also like: