To start, I want to stress that getting the system DNS servers via these legacy BIND APIs is problematic because these APIs can’t represent the full complexity of iOS’s DNS configuration. You can learn more about it in this thread.
The code is just for debugging …
And that’s a perfectly valid technique, you just have to understand the limitations involved.
Coming back to your main issue, to start I recommend that you read this post, which explains the fundamentals of iOS DNS configuration.
I believe the disparity you’re seeing here is that:
How you proceed from here really depends on your goals. Configuring your server to set up a full tunnel is one obvious and easy solution to this problem, one that’s equivalent to your current configuration profile setup. If you’re trying to avoid setting up a full tunnel then you have a couple of options:
You can use a configuration profile to set up a split tunnel, match domains configuration, or a split tunnel, wildcard match domains configuration (terms in bold are defined in the post I referenced earlier)
You can investigate whether it’s possible to set up those configurations by configuring your VPN server
With regards the last point, this isn’t something I can help you with. DTS supports VPN APIs but not VPN configuration (that’s supported by AppleCare), so my understanding of that side of things is rather limited.
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"