DNS settings not applying when VPN not default gateway

[airforceixi]

Running 2.1.1 (3468) on macOS 13.3.1 (a), search domains are not applied to the DNS configuration when not using the VPN connection as a default gateway. See screenshots below.

[keeshux]

From my tests with gateway manually disabled, there's more to this:

• Server-sent DNS servers are not applied
• Server-sent DNS search domains are applied, just not the domain name

I'm puzzled...

[airforceixi]

From my tests with gateway manually disabled, there's more to this:

* Server-sent DNS servers are not applied

* Server-sent DNS search domains are applied, just not the domain name

I'm puzzled...

I haven't tested with a server that pushes default route, as my server only pushes internal routes. But when using "auto" I get the appropriate routes and appropriate DNS servers, just not the search domain. If I disable auto and force it to be the default route, everything works as expected.

From your testing/perspective, if the server is pushing only the default route and you disable it, DNS may not work at all because the routes to the DNS server provided don't exist (unless you specify those manually.)

[keeshux]

It might well be a NetworkExtension bug. Gotta postpone this for now, further research is needed.

[airforceixi]

Adding an update: This is still happening on the latest macOS and I can also confirm the same occurs on iOS/iPadOS and with both OpenVPN and Wireguard configurations. This is with the latest AppStore version as well as the latest iOS/iPadOS/macOS. You may be on to something about it being a NetworkExtension bug.

Possibly related: lately sometimes when I migrate from WiFi to Cell something in the VPN breaks causing all apps that require network to fail. I was able to briefly test on my phone that I was able to ping non-VPN and VPN IPs but all DNS queries were failing. Toggling the VPN connection off and then back on resolves the issue.