Comment 17 for bug 1786261

I also note;

I think this is (at least partially) due to strongswan leaving a dangling duplicate DNS entry in resolve.conf.

It's 100% consistent, that after step #3 above, there is a dangling DNS entry in resolve.conf, and this script hangs.

More :

 1. fresh boot
 2. script checks:
 - "/usr/lib/avahi/avahi-daemon-check-dns.sh" is fine
 - "host -t soa local." returns
 3. activate strongswan connection = SUCCESS

{{{
fermulator@fermmy:~$ sudo /usr/lib/avahi/avahi-daemon-check-dns.sh

fermulator@fermmy:~$ LC_ALL=C host -t soa local.
Host local. not found: 3(NXDOMAIN)

resolv.conf contains:
nameserver 192.168.194.20
nameserver 192.168.196.20
nameserver 127.0.0.53
}}}

then;
 4. disconnect VPN,

{{{
resolv.conf dangling:

nameserver 192.168.194.20
nameserver 127.0.0.53
}}}

 5. script checks:
 - "/usr/lib/avahi/avahi-daemon-check-dns.sh" HANGS
 - "host -t soa local." HANGS

 6. killall host

back to normal;

resolv.conf properly only has the local nameserver now (no more dangling DNS),
{{{
nameserver 127.0.0.53
}}}
 7. script checks:
 - "/usr/lib/avahi/avahi-daemon-check-dns.sh" works
 - "host -t soa local." works

$ host -t soa local.
Host local not found: 2(SERVFAIL)