mirror of
https://github.com/OpenVPN/openvpn3.git
synced 2024-09-19 19:52:15 +02:00
d7606f4cfb
Previous to this --dns and DNS related --dhcp-options shared the same code to apply the settings to Windows and macOS systems. So, both options were pretty much just aliases, with --dns offering more and finer grained settings that were mostly ignored. Now --dhcp-options are applied the way they have always been and --dns does it its own - the new - way. Reason for this behavioral change is foremost that we want it to be the same between openvpn version 2 and version 3. But there are also a few new features (e.g. DNSSEC), previously not present with the --dhcp-options. The name server and split-domain configuration is exclusively set via NRPT on Windows, since it overrules any other resolver setting. If there is no split DNS configured and all domains are resolved using the pushed name server, we make sure that local domain names are still resolvable by adding so called exclude NRPT rules, that make sure local domains get resolved by their local DNS resolvers. Since Windows does not know about alternative secure transports, the 'transport' and 'sni' settings are ignored. For macOS the 'dnssec' setting is ignored in addition to that. Besides that not much does change on that platform. In case of --dns options the explicit values are used now. The API in use may be changed at a later time. Signed-off-by: Heiko Hund <heiko@openvpn.net> |
||
---|---|---|
.. | ||
mac | ||
win |