[Vpn-help] DNS suffix search list

Tai-hwa Liang avatar at mmlab.cse.yzu.edu.tw
Tue Jan 15 00:18:34 CST 2008


On Mon, 14 Jan 2008, Matthew Grooms wrote:
> Mathieu Guillaume wrote:
>> Is there a way to specify a suffix search list for DNS requests? (I'm
>> using 2.0.3)
>>
>> My clients can connect to the private network just fine, ipconfig show
>> the dns address and "connection-specific dns suffix" are set correctly,
>> but I still can't resolve names without specifying the full suffix
>> (name.privdomain.com gets resolved, name doesn't).
>>
> Hmmmm. I just noticed a new bit of new information while running some
> tests. When "Append these DNS suffixes (in order):" is selected under
> the Advanced TCP/IP Settings DNS Tab for any adapter, it becomes a
> global setting that supersedes all adapter specific default domains.
>
> I think this means we may be having more than one issue ...
>
> 1) The tunnel specific DNS server is being used, but only fully
> qualified domain names can be resolved. This is due to the "Append these
> DNS suffixes" being specified as described above.
>
> 2) The tunnel specific DNS server is not being used *at all* to resolve
> names for several minutes after connecting. This can be temporarily
> worked around by using the "net stop/start dnscache" command.
>
> Can the folks that are having DNS problems please let me know which
> category they fall under?

   I'm using 2.1.0-alpha5.  It turns out that if I have manually specified
DNS search suffix which is different from VPN gateway specified one,
I'll have to use FQDN to reach to the server. For example,

 	Manually specified suffix: example.com
 	Connection-specific DNS Suffix(VPN adapter): vpn.net

 	C:\> ping srv1
 	Ping request could not find host srv1. Please check the name and try again.

 	If I remove example.com from the DNS suffixes listing:

 	C:\> ping srv1
 	Pinging srv1.vpn.net [192.168.0.1] with 32 bytes of data:

 	Reply from 192.168.0.1: bytes=32 time=253ms TTL=31
 	Reply from 192.168.0.1: bytes=32 time=109ms TTL=31
 	Reply from 192.168.0.1: bytes=32 time=46ms TTL=31
 	Reply from 192.168.0.1: bytes=32 time=58ms TTL=31

   'net stop/start dnscache' wouldn't help in this case unless I remove
all manually specified DNS appending suffixes.

-- 
Cheers,

Tai-hwa Liang



More information about the vpn-help mailing list