On Mon, Aug 31, 2015 at 03:10:59PM +0200, Martin Lund wrote: > I know that there are multiple entries possible in /etc/resolv.conf so > for example I could put: > > nameserver <opendns> > nameserver <localdns> > > in there expecting that the secondary DNS will only be used if the > name resolution fails on the first one
Yes, that's a common misconception. NXDOMAIN is a valid answer and the local resolver will not retry over the second DNS server as it assumes that both servers have the same data basis. > I think that would be good if it would be possible to tell openvpn > that try to resolve the vpn server's domain through given local > nameserver (no matter what) or through 8.8.8.8. Sending the request to 8.8.8.8 would be a serious information leak. Geetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421 ------------------------------------------------------------------------------ _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
