Is it possible to have DNS servers merged with the existing DNS configuration after connecting to VPN?

[al...@jan.alexander.name]

I would like to add the DNS servers pushed from OpenVPN server to the existing ones configured on my box instead of overwriting the existing configuration. Ideally I would like to keep the association with the search domains and add the pushed DNS servers associated with the pushed DOMAIN-SEARCH suffixes. Is this possible with tunnelblick?

Thanks,

--Jan

[jkbull...gmail.com]

Tunnelblick doesn't include this ability in the standard scripts it uses to manipulate DNS. So you would have to modify Tunnelblick's standard up and down scripts to accomplish this, or create your own scripts. (See Using Scripts for info on that.)

If you end up doing this, please share your scripts so they can be used by others. I'd love to put such a script in the User Contributions section of Tunnelblick's Downloads page, or better yet, incorporate the functionality into the standard scripts.

It's a bit complicated because on OS X, DNS is done very differently than it is on Windows. On OS X, the first nameserver is used until/unless it stops responding. Then the next one is used until it stops responding, and so on. There is a 30-second timeout before OS X decides that a nameserver has stopped responding, so this takes a long time. On Windows, all nameservers are queried at once, and the answer from the first to respond is used. So you can't just "add" the extra nameservers on OS X as you can on Windows; you have to set DNS up to use particular nameservers for specific domains.

[al...@jan.alexander.name]

Thank you, that helps. For now, I solve this by creating files in /etc/resolver/ for the domains that I need to resolve outside VPN DNS but might try to do this in a more automated way in the future. I'll post the results.

Thanks,

--Jan