• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Temporarily setting DNS servers
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Temporarily setting DNS servers

  • Subject: Re: Temporarily setting DNS servers
  • From: Quinn <email@hidden>
  • Date: Fri, 23 Apr 2004 11:42:38 +0100
At 10:59 +0200 23/4/04, Frederik Seiffert wrote:
I want to override DNS settings during the presence of a VPN connection, i.e. setting new DNS servers (which are usually in the remote network behind the VPN) when the connection is established and setting them back to the old values when the connection is disconnected.

You probably should be doing this using the SCF dynamic store. The key you're looking for is:

State:/Network/Global/DNS

It would probably work to overwrite /etc/resolv.conf,

I'd definitely recommend against doing that. SCF is the designated API for modifying these settings. If you bypass the API, you may break on future systems.

Using scutil, I found out that setting Setup:/Network/Service/<current set>/DNS works as expected.

This is definitely the wrong key. This key is the dynamic store representation of the user's preferences (the persistent store). The "State:" domain is used to hold the actual active settings.

So should I just read the "Setup:" key to determine the current set and set the DNS key of this set?

No. The problem is that the "Setup:" domain only holds values that were explicitly configured by the user. Mac OS X can, however, pick up DNS values from the link (DHCP or PPP).

A better approach is to merge you servers into and out of the list that's in the dynamic store. That is, when the VPN comes on line, get the dynamic store value, insert your server at the front of the list, and set it back. When the VPN goes off line, get the value, delete your server (don't assume it's still at the front! back out gracefully if your server is no longer in the list), and set it back.

Why is it that this doesn't have any effect on the values written in the networking preferences panel?

The prefs panel is concerned only with static setup, and thus only shows values from the "Setup:" domain.

Sorry for all the questions, unfortunately the documentation on the System Configuration framework is rather sparse...

Indeed. We're working on that.

Also, how can I set DNS servers for specific domains only (e.g. use 192.168.1.1 for *.example.com)? Again, creating files in /etc/resolver works fine. Is this the recommended way or can/should this be done using the System Configuration framework?

AFAIK there's no way to do this via SCF.

S+E
--
Quinn "The Eskimo!" <http://www.apple.com/developer/>
Apple Developer Technical Support * Networking, Communications, Hardware
_______________________________________________
macnetworkprog mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/macnetworkprog
Do not post admin requests to the list. They will be ignored.

  • Follow-Ups:
    • Re: Temporarily setting DNS servers
      • From: Allan Nathanson <email@hidden>
    • Re: Temporarily setting DNS servers
      • From: Frederik Seiffert <email@hidden>
References: 
 >Temporarily setting DNS servers (From: Frederik Seiffert <email@hidden>)
 >Re: Temporarily setting DNS servers (From: Malte Tancred <email@hidden>)
 >Re: Temporarily setting DNS servers (From: Frederik Seiffert <email@hidden>)

  • Prev by Date: Re: Problem within a MoreSecurity helper tool
  • Next by Date: Re: Problem within a MoreSecurity helper tool
  • Previous by thread: Re: Temporarily setting DNS servers
  • Next by thread: Re: Temporarily setting DNS servers
  • Index(es):
    • Date
    • Thread