My work has multiple domains (corp.network
and lab.network
) that the nameservers resolve. When in the office the resolution works perfectly. However while conncting over VPN via Tunnelblick the resolution to lab.network was failing.
I could go into my System Preferences->Network Settings and modify my wifi interface settings to enter a new DNS value for those specific domains. But that felt tedious. Instead I used the below method to specify custom DNS resolver settings for my work domains.
Under /etc/resolver
create a file with a name of your choice. I chose corp.netowrk
just for clarity.
Here is an example of what the contents could be.
|
|
I could create another file for the lab network with a different dns server.
|
|
The above would make it so any lookup to xxx.corp.network
would use the specified nameserver at 10.0.0.1
and 10.0.0.2
.
If I try to access devserver.lab.network
it would ask the nameserver at 10.0.1.1
for its IP.
You could take it a step further and provide backup lookup settings. For example you may have a server located at demo.corp.com
that resolves different IPs based on if you are connected to VPN or not. So demo.corp.com
should be resolved via VPN nameservers when you are connected to VPN, but via ISP name servers when not connected to VPN. To achive this you could create two files under /etc/resolver
like so.
|
|
|
|
The above two files make it so the macOS DNS resolver will first try to use the VPN domains for resolution. If we dont get a response withing 5 seconds, it will fallback to the second file and use Cloudflare DNS to do an internet lookup of the IP address.