2 Replies
      Latest reply on Mar 15, 2019 1:22 PM by roee84
      roee84 Level 1 Level 1 (0 points)

        For my VPN app with Packet Tunnel Provider (iOS and macOS):

        Is it possible to use full tunnel (The VPN is the primary interface and its DNS server is used by default), but to decide for each query, by the query's domain, which DNS server to use? (the VPN or the system).

        Is it doable? And can I do it via Packet Tunnel Provider, or only with NEDNSProxyProvider (which is problematic for me because it's limited only to supervised devices).

        • Re: NEPacketTunnelProvider and DNS servers
          eskimo Apple Staff Apple Staff (11,355 points)

          Is it possible to use full tunnel … but to decide for each query, by the query's domain, which DNS server to use?

          I don’t think so.  Once you become the default interface your DNS server is the system DNS.

          A DNS proxy provider won’t help here (regardless of the supervised device constraint) because you can’t forward the query to the system DNS because you are the system DNS, that is, systemDNSSettings will return your packet tunnel provider’s DNS server.

          Share and Enjoy

          Quinn “The Eskimo!”
          Apple Developer Relations, Developer Technical Support, Core OS/Hardware
          let myEmail = "eskimo" + "1" + "@apple.com"