Comment 46 for bug 998712

Well, we are lucky that you do have a good workaround for the problem, even if we don't yet fully understand it.

Do I understand correctly that your two internal nameservers can resolve exactly the same domain names, neither one more names than the other? If that is not the case then bug #1003842 could still be part of the problem if both nameservers are online at the same time.

> If dnsmasq is on via Network Manager opening a
> VPN connection to a remote site violates all name
> resolution to internal addresses (10.x.x.x).

I am not sure I know what you mean by "violates". If you mean something like "causes to break" then I would guess that what happens is that the remote LAN's nameserver is used for all name resolution, and the remote LAN's nameserver doesn't know any of your internal names. If you configure search domain names for that VPN in NetworkManager's Connection Editor then NetworkManager will so configure nm-dnsmasq that the remote LAN's nameserver is used only to resolve names in those domains; non-VPN nameservers will be used to resolve other names. That's the advantage of dnsmasq: it can route DNS requests in that way.

> I doubt that dnsmasq queries D-Bus for name resolution

D-Bus is only used to send nameserver addresses to dnsmasq. This method replaces /run/nm-dns-dnsmasq.conf which was used for that purpose in Precise.