Skip to content
Wish to pass unqualified hostname to specified DNS resolver
Got a problem with Viscosity or need help? Ask here!
Our OpenVPN server specifies an internal DNS server to clients, but not a search domain. This is because we use naked hostnames for internal purposes (don't ask...). On a MacOS El Capitan client, it seems that viscosity is appending a default domain to unqualified hostnames for resolution. For example, typing
Code: Select all
in a client browser window produces the following request over the VPN, and a perfectly reasonable negative response:http://fabricator
Code: Select all
Is there any way to get viscosity not to append a search domain in the absence of a server-supplied one, but simply to transmit unqualified hostnames for resolution?15:17:42.273653 IP 192.168.124.22.56515 > 192.168.124.1.53: 60195+ A? fabricator.utun0.viscosity. (45)
15:17:42.285082 IP 192.168.124.1.53 > 192.168.124.22.56515: 60195 NXDomain 0/1/0 (120)
Hi madhatter,
I'm afraid you're not going to be able to make such as setup work over the VPN connection. macOS isn't going to do a lookup for a single label TLD/hostname using the VPN servers at all unless a domain is configured for the connection, and then it'll append the domain to the lookup for single label TLD/hostnames. If a domain isn't specified Viscosity will set a default one (utun0.viscosity in this instance) so the VPN DNS settings won't be ignored by the OS.
My recommendation would be to push out a domain your DNS server will be able to handle, and then remap lookups for that subdomain/zone to your top level domain/zone on the DNS server. Alternatively if you don't wish to change the DNS server setup, you could run a DNS forwarder on the VPN server that rebinds the domain for any requests.
Cheers,
James
I'm afraid you're not going to be able to make such as setup work over the VPN connection. macOS isn't going to do a lookup for a single label TLD/hostname using the VPN servers at all unless a domain is configured for the connection, and then it'll append the domain to the lookup for single label TLD/hostnames. If a domain isn't specified Viscosity will set a default one (utun0.viscosity in this instance) so the VPN DNS settings won't be ignored by the OS.
My recommendation would be to push out a domain your DNS server will be able to handle, and then remap lookups for that subdomain/zone to your top level domain/zone on the DNS server. Alternatively if you don't wish to change the DNS server setup, you could run a DNS forwarder on the VPN server that rebinds the domain for any requests.
Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
2 posts
Page 1 of 1