On Di, 29.09.20 03:49, John M. Harris Jr (johnmh@xxxxxxxxxxxxx) wrote: > Search domains have absolutely nothing to do with routing. Search domains are > specifically used for resolving non-FQDN to FQDN. This isn't a reliable way to > see what domains are handled by a VPN, or by any DNS server. > > The Red Hat VPN is a good example of this, as not every internal subdomain is > in search domains. That's the case for many VPNs, corporate or personal. Please read what I wrote: we have nothing better. And no it's not a perfectly complete solution, I am aware of that. Configure the routes explicitly if you want, it's easy, and add the extra domains to the per-interface route and all will be jolly. If you don't, then things will still work, but mean that queries that aren't listed in any search domains will be sent to both the VPN and the main iface DNS, thus the RH VPN will work perfectly fine — only drawback is that those internal domains not listed as search domains might be seen on the internet. But what would expect here happens? If you don't tell us the routing we cannot do fully perfect routing to your wishes, you need to give us something. Search domains on VPNs are an indicator that these domains are handled by the VPN, that's why we use them also as routing domains. But this doesn't mean it's the *only* routing domains we use. We use the ones you configure, primarily. But since the concept didn't previously exist we make the best from what we have. Lennart -- Lennart Poettering, Berlin _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
