© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
If a VPN connection is set to take all traffic then we should definitely be using its DNS servers for all lookups. We might not even be able to *reach* the DNS server advertised by the "local" network. We *might* if it's physically on the local subnet, but almost certainly not further afield.
Note also that if you *wanted* to do split DNS, you have no idea which domains to do split DNS *FOR*. You have a list of default search domains, but that is a DIFFERENT THING. A search domain of example.com means "if the user looks up foo and it doesn't exist, then also look for foo.example.com before failing". It doesn't mean any more than that. In particular, there can be domains which exist in a VPN (such as example.internal) which are *not* added to the search domains.
If you want to add an option for doing split-DNS, it can't be a boolean and abuse the search domains. It has to be an explicit list of the domains for which you want to use that DNS service. Unless we have a separate list of "domains which exist here" for each connection, which is *distinct* from the search domains?