© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0f7b58d
(Get the code!)
(In reply to Beniamino Galvani from comment #8)
> - we still do split DNS for VPNs by default
> - this https:/
> don't push any domains should get all queries) keeps working as is
VPNs which don't push any *routing* domains should get all queries. So that's *all* existing VPN configs. From the automatic configuration of VPNs we only ever get *search* domains.
> In case of a full-tunnel VPN, one could set ipv4.dns-search to "~*" on
> the VPN connection to direct all to the VPN DNS server.
This needs to be the default, surely?
> Queries for a domain provided by a local connection would still go on
> through local interface.
Doesn't that leave me with the same problem, that it's trying to perform DNS queries to the "local" DNS server which is actually upstream (e.g. 4.2.2.1), and I can't even *route* to that IP address because all my traffic is going to the VPN?
At the very least, this logic would need to be based on whether the VPN takes the default route or not, wouldn't it? If a VPN takes the default route, it *definitely* needs all DNS traffic. If it doesn't, it probably still should unless explicitly configured otherwise.