On 04/09/14 01:05, Jonathan K. Bullard wrote: > As the current Tunnelblick developer/maintainer, I appreciate Gert's > kind words, but Tunnelblick does not do split DNS either. I've never > been able to get it working -- in fact, I am hoping someone will > respond to Jason's post with information or code so I could add this > ability to Tunnelblick! Well that is depressing! :-)
It must be *nearly* working. At home, after openvpn connects back to work and "--up" runs openvpn-tun-up-down.sh, my DNS is altered such that root# scutil --dns DNS configuration resolver #1 search domain[0] : corporate.domain search domain[1] : home.domain nameserver[0] : 192.168.248.3 .... DNS configuration (for scoped queries) resolver #1 search domain[0] : home.domain nameserver[0] : 192.168.248.3 ... resolver #2 nameserver[0] : 10.1.1.2 nameserver[1] : 10.1.2.1 if_index : 10 (tun0) So from what I can see, the only thing that needs to be done is to take "corporate.domain" out of "resolver #1" from the "general" section, and put it down into "resolver #2" in the "scoped" section. I'm not a Mac person, but I interpret this as meaning when I do "nslookup blah.corporate.domain", the Mac sends it to "resolver #1" instead of "resolver #2". Once that is fixed, it should all work? -- Cheers Jason Haar Corporate Information Security Manager, Trimble Navigation Ltd. Phone: +1 408 481 8171 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ------------------------------------------------------------------------------ Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/ _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
