ISP DNS Resolution in Full-Tunnel VPN

App & System Services Networking
mayank_nag OP
Created 1d
Replies 1
Boosts 0
Views 53
Participants 2

I am running a full-tunnel VPN using a Packet Tunnel Provider. During VPN setup, we configure DNS setting with specific DNS servers for all domains to be used by the tunnel. However, our project requires DNS resolution for every domain from both the VPN-provided DNS servers and the ISP’s DNS servers.

When I attempt to use c-ares or other third-party libraries to resolve domains via the ISP DNS servers, these libraries only detect and use the VPN DNS servers instead. As a result, all queries fail.

Is there a way on iOS to programmatically determine the ISP DNS servers while a full-tunnel VPN is active, or a system API that allows DNS queries to be explicitly resolved using the ISP’s DNS servers?

Replies  1
Boosts  0
Views  53
Participants  2
DTS Engineer OP
Apple
22h
our project requires DNS resolution for every domain from both the VPN-provided DNS servers and the ISP’s DNS servers

Why is that?

For context, most folks who hit problems like this are trying to use a packet tunnel tunnel provider for something that’s not VPN, something we specifically we don’t support. TN3120 Expected use cases for Network Extension packet tunnel providers talks more about this.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
ISP DNS Resolution in Full-Tunnel VPN
First post date Last post date
 
 
Q