DNS servers query order

App & System Services Networking
futuremind OP
Created Jul ’22
Replies 3
Boosts 0
Views 817
Participants 2

In what order are DNS servers queried?

I can set DNS servers in several ways:

  1. Wi-Fi/Cellular network interface via DHCP / manual entry in settings.
  2. Using NEDNSSettingsManager.
  3. Via DNSSettings in NEPacketTunnelNetworkSettings.

Plus, on top of that, the user can have iCloud Relay enabled.

Which DNS servers are used and when?

Does NEDNSSettingsManager take precedence over iCloud Relay? Does it depend on the DNS protocol (Do53/DoH/DoT) set in NEDNSSettingsManager?

Answered by Systems Engineer in 720483022

Does NEDNSSettingsManager take precedence over iCloud Relay? Does it depend on the DNS protocol (Do53/DoH/DoT) set in NEDNSSettingsManager?

Any Network Extension API should take precedence over iCloud Private Relay. It should not matter which protocol is used and the Network Extension should get the DNS traffic. This is particularly useful for cases where the DNS traffic needs to be encapsulated using a special protocol in your packet tunnel provider.

Replies  3
Boosts  0
Views  817
Participants  2
Systems Engineer OP
Apple
Jul ’22
Accepted Answer

Does NEDNSSettingsManager take precedence over iCloud Relay? Does it depend on the DNS protocol (Do53/DoH/DoT) set in NEDNSSettingsManager?

Any Network Extension API should take precedence over iCloud Private Relay. It should not matter which protocol is used and the Network Extension should get the DNS traffic. This is particularly useful for cases where the DNS traffic needs to be encapsulated using a special protocol in your packet tunnel provider.

0
futuremind OP
Jul ’22

Thanks @meaton. And what if an app is using NWParameters.PrivacyContext to require encrypted DNS while Network Extension uses Do53?

0
Systems Engineer OP
Apple
Jul ’22

what if an app is using NWParameters.PrivacyContext to require encrypted DNS while Network Extension uses Do53?

It's unclear if you have an app and a Network Extension now in the mix or the app is part of the Network Extension. Typically you will see the Network Extension being handed the DNS traffic though if you are claiming that traffic.

0
DNS servers query order
First post date Last post date
 
 
Q